Select Page
Timeline of evolution of Dexphot malware

Insights from one year of tracking a polymorphic threat

A little over a year ago, in October 2018, our polymorphic outbreak monitoring system detected a large surge in reports, indicating that a large-scale campaign was unfolding. We observed as the new threat attempted to deploy files that changed every ... continue reading
ResourceGroups-AllCustomers.jpg

Managing security with Azure Lighthouse and Azure Arc

I've previously blogged about Azure Lighthouse, for managing multiple difference Azure tenancies. This capability is useful for both Managed Service Providers, with support arrangements for multiple customers, and for large or complex Enterprise organizations (for example, if there are sub-brands ... continue reading
Infographic showing maximum detection during attack stages, with Office 365 ATP, Azure AD Identity Protection, and Cloud App Security.

Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1

This is the first in a blog series discussing the tools, techniques, and procedures that the Microsoft Detection and Response Team (DART) use to investigate cybersecurity incidents at our customer organizations. Today, we introduce the team and give a brief ... continue reading
Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise

Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise

Microsoft Threat Experts is the managed threat hunting service within Microsoft Defender Advanced Threat Protection (ATP) that includes two capabilities: targeted attack notifications and experts on demand. Today, we are extremely excited to share that experts on demand is now ... continue reading
PowerShell Basics: How to Scan Open Ports Within a Network

PowerShell Basics: How to Scan Open Ports Within a Network

Network complexity is rapidly increasing with the addition of non-traditional devices gaining access to organizational networks. Singular purpose devices made available through the Internet of Things (IoT) offering has increased network complexity even further with the ease of adding said ... continue reading
Azure Security Foundations Benchmark Recommendations table

CIS Azure Security Foundations Benchmark open for comment

One of the best ways to speed up securing your cloud deployments is to focus on the most impactful security best practices. Best practices for securing any service begins with a fundamental understanding of cybersecurity risk and how to manage ... continue reading
In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

Our experience in detecting and blocking threats on millions of endpoints tells us that attackers will stop at nothing to circumvent protections. Even one gap in security can be disastrous to an organization. At Microsoft, we don’t stop finding new ... continue reading
Infographic showing the classic SIEM model: Incidents, Alert Queue, Primary Investigation, Pivot and Remediate.

CISO series: Lessons learned from the Microsoft SOC—Part 3a: Choosing SOC tools

The Lessons learned from the Microsoft SOC blog series is designed to share our approach and experience with security operations center (SOC) operations. Our learnings in the series come primarily from Microsoft’s corporate IT security operation team, one of several ... continue reading
A diagram looking at the responsibilities of the customer versus the service they are using.

SAP on Azure Architecture – Designing for security

This blog post was contributed to by Chin Lai The, Technical Specialist, SAP on Azure. This is the first in a four-part blog series on designing a great SAP on Azure Architecture, and will focus on designing for security. Great ... continue reading
Manage multiple Azure tenancies with Azure Lighthouse

Manage multiple Azure tenancies with Azure Lighthouse

If you’ve explored the management capabilities inside Microsoft Azure, you’ll know there are a bunch of tools to help you manage and monitor your Azure resources and keep them compliant. Azure Blueprints (in preview) enables you to extend this across ... continue reading