Microsoft Defender Experts, Author at Microsoft Security Blog

Chief information security officer collaborating with practitioners in a security operations center.

News
October 9, 2023
6 min read

Expanded Microsoft Security Experts offerings provide comprehensive protection

Read about the latest updates to our Microsoft Security Experts product offerings.

Close-up view of focused chief information security officer at work in a security operations center.

Best practices
July 24, 2023
5 min read

Microsoft Defender Experts for XDR helps triage, investigate, and respond to cyberthreats

Take a closer look at how Microsoft Defender Experts for XDR works, and how it complements the power of the Microsoft 365 Defender suite.

Man in a hooded sweatshirt inside a secure room, pointing at a geographic area displayed on a large monitor.

News
July 10, 2023
5 min read

Meet unprecedented security challenges by leveraging MXDR services

Microsoft is excited to announce the general availability of Microsoft Defender Experts for XDR, a first-party MXDR offering that gives security teams air cover with end-to-end protection and expertise.

Multicolor arrows pointing towards a center dot, with a yellow diamond filled with 1’s and 0’s and a bug crawling towards it to suggest malware.

Best practices
February 8, 2023
2 min read

Solving one of NOBELIUM’s most novel attacks: Cyberattack Series

This is the first in an ongoing series exploring some of the most notable cases of the Microsoft Detection and Response Team (DART), which investigates cyberattacks on behalf of our customers.

Male developer coding in front of two monitors at desk in office. Programming code shown on both monitors.

Research
November 16, 2022
9 min read

Token tactics: How to prevent, detect, and respond to cloud token theft

As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA.

Two males and three females collaborating in a conference room featuring an HP Teams Meeting Rooms touch display. The meeting has nine remote participants shown on a wall mounted display joined via Teams Meetings. Two subjects are using Surface devices.

Best practices
November 2, 2022
9 min read

Microsoft Security tips for mitigating risk in mergers and acquisitions

Mergers and acquisitions can be challenging.

Man sitting at a community table in common area typing on a Surface laptop with a phone at his side. Blurred laptop in foreground.

Best practices
October 26, 2022
7 min read

How to prevent lateral movement attacks using Microsoft 365 Defender

Learn how Microsoft 365 Defender can enhance mitigations against lateral movement paths in your environment, stopping attackers from gaining access to privileged and sensitive accounts.

Practitioner and CISO collaboration in a security operations center.

Best practices
September 21, 2022
6 min read

The art and science behind Microsoft threat hunting: Part 2

In this follow-up post in our series about threat hunting, we talk about some general hunting strategies, frameworks, tools, and how Microsoft incident responders work with threat intelligence.

Microsoft Cyber Defense Operations Center.

News
September 14, 2022
4 min read

Implementing a Zero Trust strategy after compromise recovery

After a compromise recovery follows what we call a Security Strategic Recovery.

Chief information security officer presents to the board of executives on security topics.

Best practices
September 8, 2022
7 min read

The art and science behind Microsoft threat hunting: Part 1

At Microsoft, we define threat hunting as the practice of actively looking for cyberthreats that have covertly (or not so covertly) penetrated an environment.

Top-down view of a bearded man in a gray/blue shirt seated at a desk working on a Surface laptop connected to three large monitors.

Research
August 24, 2022
10 min read

Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks

Threat actors evade detection by adopting the Sliver command-and-control (C2) framework in intrusion campaigns.

Chief information security officer collaborating with a practitioner in a security operations center.

News
August 3, 2022
4 min read

Microsoft Defender Experts for Hunting proactively hunts threats

Microsoft Defender Experts for Hunting is now generally available.

Microsoft Defender Experts posts