More Microsoft Security Blogs

Title: Microsoft Information Protection and Microsoft Azure Purview:
Better Together

Overview: Data is growing exponentially. Organizations are under pressure to
turn that data into insights, while also meeting regulatory compliance
requirements. But to truly get the insights you need – while keeping up with
compliance requirements like the General Data Protection Requirement (GDPR) –
you need to know what data you have, where it resides, and how to govern it.
For most organizations, this creates arduous ongoing challenges. 

Title: Deliver productive and seamless users experiences with Azure
Active Directory

Overview: Learn how identity has become the new security perimeter and how an
identity-based framework reduces risk and improves productivity.

Title: Microsoft Defender for Endpoint on iOS is generally available
Overview: Today, we’re excited to announce that Microsoft has reached a new
milestone in our cross-platform security commitment with the general
availability of our iOS offering for Microsoft Defender for Endpoint, which
adds to the already existing Defender offerings on macOS, Linux, and Android.

Title: What’s New: 80 out of the box hunting queries!
Overview: Threat hunting is a powerful way for the SOC to reduce organizational
risk, but it’s commonly portrayed and seen as a complex and mysterious art form
for deep experts only, which can be counterproductive. Sophisticated
cybercriminals burrow their way into network caverns, avoiding detection for
weeks or even months, as they gather information and escalate privileges. If
you wait until these advanced persistent threats (APT) become visible, it can
be costly and time-consuming to address. In today’s cybersecurity landscape, SOC
analysts need controls and integrated toolsets to search, filter, and pivot
through their telemetry to derive relevant insights faster. 

Title: Digital Defense integrates with Microsoft to detect attacks missed
by traditional endpoint security

Overview: Cybercriminals have ramped up their initial compromises through
phishing and pharming attacks using a variety of tools and tactics that, while
numerous, are simple and can often go undetected.

Title: How to setup a Canarytoken and receive incident alerts on Azure

Overview: With Azure Sentinel you can receive all sorts of security telemetry,
events, alerts, and incidents from many different and unique sources. Those
sources can be firewall logs, security events, audit logs from identity and cloud
platforms. In addition, you can create digital trip wires and send that data to
Azure Sentinel. Ross Bevington first explained this concept for Azure Sentinel
in “Creating
digital tripwires with custom threat intelligence feeds for Azure Sentinel”
Today you can walkthrough and expand your threat detection capabilities in
Azure Sentinel using Honey Tokens or in this case Canarytokens.

Title: Bring threat intelligence from Sixgill using TAXII Data Connector
Overview: As discussed in the blog Bring your threat intelligence to Azure Sentinel, Azure
Sentinel provides various ways to import threat intelligence into the ThreatIntelligenceIndicator
log analytics table from where it can be used in various parts of the product
like hunting, investigation, analytics, workbooks etc.