
Using Microsoft 365 Defender to protect against Solorigate
Microsoft security researchers continue to investigate and respond to the sophisticated cyberattack known as Solorigate (also referred to as Sunburst by FireEye) involving a supply chain compromise and the subsequent compromise of cloud assets. While the related investigations and impact ... continue reading
Learn Azure Sentinel on Microsoft Learn
Why not use some of the upcoming days to learn something new? Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across ... continue reading

Advice for incident responders on recovery from systemic identity compromises
As Microsoft alongside our industry partners and the security community continues to investigate the extent of the Solorigate attack, our goal is to provide the latest threat intelligence including IOCs and guidance across our products and solutions to help the ... continue reading
Understanding “Solorigate”‘s Identity IOCs – for Identity Vendors and their customers.
Microsoft recently disclosed a set of complex techniques used by an advanced actor to execute attacks against several key customers. While we detected anomalies by analyzing requests from customer environments to the Microsoft 365 cloud, the attacks generalize to any ... continue reading
Enhanced AI for account compromise prevention
Hello Everyone,One of the amazing journeys I have been lucky to be a part of is developing our self-tuning algorithms for detecting attacks on accounts in real-time. Back in 2012, we got tired of the treadmill of manually adapting to ... continue reading

Protect your SQL Server on-premises, in Azure, and in multicloud
Azure Defender for SQL is now generally available for use with SQL Server on premises, in multicloud deployments on Amazon Web Services (AWS), and Google Cloud Platform (GCP), and in virtual machines on Azure. Azure Defender for SQL constantly monitors ... continue reading

Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them
Cryptocurrency miners are typically associated with cybercriminal operations, not sophisticated nation state actor activity. They are not the most sophisticated type of threats, which also means that they are not among the most critical security issues that defenders address with ... continue reading

Go inside the new Azure Defender for IoT including CyberX
In 2020, the move toward digital transformation and Industry 4.0 took on new urgency with manufacturing and other critical infrastructure sectors under pressure to increase operational efficiency and reduce costs. But the cybersecurity model for operational technology (OT) was already ... continue reading

Trickbot disrupted
As announced today, Microsoft took action against the Trickbot botnet, disrupting one of the world’s most persistent malware operations. Microsoft worked with telecommunications providers around the world to disrupt key Trickbot infrastructure. As a result, operators will no longer be ... continue reading

Microsoft Security—detecting empires in the cloud
Microsoft consistently tracks the most advanced threat actors and evolving attack techniques. We use these findings to harden our products and platform and share them with the security community to help defenders everywhere better protect the planet. Recently, the Microsoft ... continue reading
Just Enough Administration

Free up IT resources for planning and innovation that drive business success.
View Solution