A little over a year ago, in October 2018, our polymorphic outbreak monitoring system detected a large surge in reports, indicating that a large-scale campaign was unfolding. We observed as the new threat attempted to deploy files that changed every ... continue reading

I've previously blogged about Azure Lighthouse, for managing multiple difference Azure tenancies. This capability is useful for both Managed Service Providers, with support arrangements for multiple customers, and for large or complex Enterprise organizations (for example, if there are sub-brands ... continue reading

This is the first in a blog series discussing the tools, techniques, and procedures that the Microsoft Detection and Response Team (DART) use to investigate cybersecurity incidents at our customer organizations. Today, we introduce the team and give a brief ... continue reading

Microsoft Threat Experts is the managed threat hunting service within Microsoft Defender Advanced Threat Protection (ATP) that includes two capabilities: targeted attack notifications and experts on demand. Today, we are extremely excited to share that experts on demand is now ... continue reading

Network complexity is rapidly increasing with the addition of non-traditional devices gaining access to organizational networks. Singular purpose devices made available through the Internet of Things (IoT) offering has increased network complexity even further with the ease of adding said ... continue reading

One of the best ways to speed up securing your cloud deployments is to focus on the most impactful security best practices. Best practices for securing any service begins with a fundamental understanding of cybersecurity risk and how to manage ... continue reading

Our experience in detecting and blocking threats on millions of endpoints tells us that attackers will stop at nothing to circumvent protections. Even one gap in security can be disastrous to an organization. At Microsoft, we don’t stop finding new ... continue reading

The Lessons learned from the Microsoft SOC blog series is designed to share our approach and experience with security operations center (SOC) operations. Our learnings in the series come primarily from Microsoft’s corporate IT security operation team, one of several ... continue reading

This blog post was contributed to by Chin Lai The, Technical Specialist, SAP on Azure. This is the first in a four-part blog series on designing a great SAP on Azure Architecture, and will focus on designing for security. Great ... continue reading

If you’ve explored the management capabilities inside Microsoft Azure, you’ll know there are a bunch of tools to help you manage and monitor your Azure resources and keep them compliant. Azure Blueprints (in preview) enables you to extend this across ... continue reading