In part 1, we provided a timeline of the Microsoft Threat Protection journey to date, an overview of Microsoft Azure Sentinel (our next-gen SIEM), and details of Microsoft Threat Experts, which combines the power of human and artificial intelligence to ... continue reading

Last week, the Microsoft Security team attended the RSA conference in San Francisco, California. We made several key announcements about Microsoft Threat Protection, the solution which provides end users optimal security from the moment they log in, use email, work ... continue reading

I’m on my way to the RSA Conference in San Francisco, California, and am looking forward to connecting with our customers and partners there. We have a lot to talk about. Last week, Ann Johnson announced two new services that ... continue reading

Greetings! I am Sue Bohn and I lead the Identity Customer and Partner Success Team. The mission of our worldwide team is to cut the distance between our customers and engineering so we all can work effectively at cloud speed ... continue reading

We’re excited to introduce Microsoft Threat Experts, an additional layer of expertise and optics that Microsoft customers can utilize to augment security operations capabilities as part of Microsoft 365. This new managed threat hunting service in Windows Defender Advanced Threat ... continue reading

The keystone to good security hygiene is limiting your attack surface. Attack surface reduction is a technique to remove or constrain exploitable behaviors in your systems. In this blog, we discuss the two attack surface reduction rules introduced in the ... continue reading

Recently the disclosure of a vulnerability (CVE-2019-5736) was announced in the open-source software (OSS) container runtime, runc. This vulnerability can allow an attacker to gain root-level code execution on a host. Runc is the underlying container runtime underneath many popular ... continue reading

February is an exciting month of enhancements for Microsoft Threat Protection. For those who have followed our monthly updates (November, December, and January), youre aware that Microsoft Threat Protection helps provide users optimal security from the moment they sign in, ... continue reading

Recently a new flaw was discovered in PolKit - a component which controls system-wide privileges in Unix OS. This vulnerability potentially allows unprivileged account to have root permission. In this blog post, we will focus on the recent vulnerability, demonstrate ... continue reading

While the Cloud allows for speed and flexibility, there are still valid reasons for controlling the configuration of Cloud resources – including regulatory compliance requirements. Azure Governance consists of several services to enforce or audit resources inside Azure and now ... continue reading