Select Page
Mobile threat defense and intelligence are a core part of cyber defense

Mobile threat defense and intelligence are a core part of cyber defense

The modern workplace is a mobile workplace. Today’s organizations rely on mobility to increase productivity and improve the customer experience. But the proliferation of smartphones and other mobile devices has also expanded the attack surface of roughly 5 billion mobile ... continue reading
Image showing "Signers" using in the credential dumping tool signed using a stolen Whizzimo, LLC certificate.

GALLIUM: Targeting global telecom

Microsoft Threat Intelligence Center (MSTIC) is raising awareness of the ongoing activity by a group we call GALLIUM, targeting telecommunication providers. When Microsoft customers have been targeted by this activity, we notified them directly with the relevant information they need ... continue reading
Azure Sentinel updates: Improve your security operations with innovations from a cloud-native SIEM

Azure Sentinel updates: Improve your security operations with innovations from a cloud-native SIEM

Just a month ago, I communicated the details about Azure Sentinel reaching general availability. Since then, many customers have shared how Azure Sentinel has empowered their teams to be nimble and more efficient. ASOS, one of the largest online fashion ... continue reading
Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise

Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise

Microsoft Threat Experts is the managed threat hunting service within Microsoft Defender Advanced Threat Protection (ATP) that includes two capabilities: targeted attack notifications and experts on demand. Today, we are extremely excited to share that experts on demand is now ... continue reading
From unstructured data to actionable intelligence: Using machine learning for threat intelligence

From unstructured data to actionable intelligence: Using machine learning for threat intelligence

The security community has become proficient in using indicators of compromise (IoC) feeds for threat intelligence. Automated feeds have simplified the task of extracting and sharing IoCs. However, IoCs like IP addresses, domain names, and file hashes are in the ... continue reading

Improve security with Azure Sentinel, a cloud-native SIEM and SOAR solution

Sarah Young joins Scott Hanselman to discuss Azure Sentinel, which is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a ... continue reading
InSpark modernizes cloud security with managed services solution

InSpark modernizes cloud security with managed services solution

Greetings! This is Sue Bohn, director of program management for Identity and Access Management. I’m always excited to share our partners’ experiences with you. Today’s post is really special because we’re talking with InSpark, the 2018 Country of the Year ... continue reading
An image showing sample Azure Firewall public IP configuration with multiple public IPs.

What’s new in Azure Firewall

This post was co-authored by Anitha Adusumilli, Principal Program Manager, Azure Networking. Today we are happy to share several key Azure Firewall capabilities as well as update on recent important releases into general availability (GA) and preview. Multiple public IPs ... continue reading
Diagram representing how Azure Sentinel connects with Azure Security Center

Securing the hybrid cloud with Azure Security Center and Azure Sentinel

Infrastructure security is top of mind for organizations managing workloads on-premises, in the cloud, or hybrid. Keeping on top of an ever-changing security landscape presents a major challenge. Fortunately, the power and scale of the public cloud has unlocked powerful ... continue reading
Fig1-number-of-read-perations-vs-number-of-bytes-read

Detecting credential theft through memory access modelling with Microsoft Defender ATP

Stealing user credentials is a key step for attackers to move laterally across victim networks. In today’s attacks, we see a range of tools used to achieve credential theft, requiring protections that target the root behavior and not just individual ... continue reading