Incident response

Incident response is the process of detecting, investigating, and responding to cyberattacks, security breaches, or IT incidents. Explore the latest trends and intelligence-driven strategies that help you prevent future attacks.

Refine Results

Filtered by

Clear All

Newest to Oldest

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Learn more
April 22, 2020

5 min read

Defending the power grid against supply chain attacks: Part 3 – Risk management strategies for the utilities industry

By working with governments, trade organizations, and suppliers, the utility industry can improve security across the supply chain.
April 21, 2020

4 min read

MITRE ATT&CK APT 29 evaluation proves Microsoft Threat Protection provides deeper end to end view of advanced threats

During the MITRE ATT&CK evaluation, Microsoft Threat Protection delivered on providing the deepest optics, near real time detection, and a complete view of the attack story.
April 8, 2020

7 min read

Microsoft shares new threat intelligence, security guidance during global crisis

Our threat intelligence shows that COVID-19 themed threats are retreads of existing attacks that have been slightly altered to tie to the pandemic.
February 4, 2020

5 min read

Ghost in the shell: Investigating web shell attacks

Web shell attacks allow adversaries to run commands and steal data from an Internet-facing server or use the server as launch pad for further attacks against the affected organization.
Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
Learn more
December 23, 2019

7 min read

CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life

In this next post in our series, we provide insight into a day in the life of our SOC analysts investigating common front door attacks.
December 17, 2019

1 min read

Norsk Hydro responds to ransomware attack with transparency

Aluminum supplier Norsk Hydro was attacked by LockerGoga, a form of ransomware.
December 16, 2019

4 min read

Ransomware response

As part of Microsoft’s Detection and Response Team (DART) Incident Response engagements, we regularly get asked by customers about “paying the ransom” following a ransomware attack.
September 18, 2019

5 min read

Overview of the Marsh-Microsoft 2019 Global Cyber Risk Perception survey results

Results from the 2019 Marsh-Microsoft Global Cyber Risk Perception survey reveal several encouraging signs of improvement in the way organizations view and manage cyber risk.
Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
Learn more
August 8, 2019

2 min read

Protect against BlueKeep

DART offers steps you can take to protect your network from BlueKeep, the “wormable” vulnerability that can create a large-scale outbreak due to its ability to replicate and propagate.
July 30, 2019

2 min read

Council of EU Law Enforcement Protocol improves cross-border cooperation

The new EU Law Enforcement Emergency Response Protocol addresses the growing problem of planning and coordinating between governments, agencies, and companies when cyberattacks occur across international boundaries.
July 15, 2019

4 min read

Facing the cold chills

DART recently worked with a customer who had been subject to a targeted compromise where the entity was intently and purposefully attempting to get into their systems.
June 17, 2019

3 min read

How to recover from a security breach

Actionable tips from security experts on how to prevent, mitigate, or recover from a cyberattack.