Hello open source security! Managing risk with software composition analysis
Software composition analysis guides the selection and management of open source components to help you reduce your security risk.
Incident response
Incident response is the process of detecting, investigating, and responding to cyberattacks, security breaches, or IT incidents. Explore the latest trends and intelligence-driven strategies that help you prevent future attacks.
Refine results
Topic
Products and services
Publish date
Streamline privacy management with Microsoft Priva
Protect and govern personal information, reduce privacy risks, and manage subject rights requests at scale with Microsoft Priva privacy risk management solutions.
-
-
Empower your analysts to reduce burnout in your security operations center
Strategic use of automation and metrics can help you create a continuous learning culture that keeps your team engaged in the work. -
A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture
This blog post will explain simple Microsoft security defaults and Secure Score—two features you should take advantage of that are easy to utilize and can significantly improve security in Azure AD and Office 365 configurations. -
Analyzing Solorigate, the compromised DLL file that started a sophisticated cyberattack, and how Microsoft Defender helps protect customers
We, along with the security industry and our partners, continue to investigate the extent of the Solorigate attack. Simplify endpoint management with Microsoft Intune
Microsoft Intune is a cloud-based unified endpoint management platform that empowers IT to manage, assess, and protect apps and devices.
-
Advice for incident responders on recovery from systemic identity compromises
Customers across the globe are asking for guidance on recovering their infrastructure after being impacted by Solorigate. -
Web shell attacks continue to rise
A year ago, we reported the steady increase in the use of web shells in attacks worldwide. -
Microsoft open sources CodeQL queries used to hunt for Solorigate activity
We are sharing the CodeQL queries that we used to analyze our source code at scale and rule out the presence of the code-level indicators of compromise (IoCs) and coding patterns associated with Solorigate so that other organizations may perform a similar analysis. -
A guide to combatting human-operated ransomware: Part 1
As human-operated ransomware is on the rise, Microsoft’s Detection and Response Team (DART) shares how they investigate these attacks and what to consider when faced with a similar event in your organization. Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
-
A guide to combatting human-operated ransomware: Part 2
In this post, we will tackle the risks of human-operated ransomware and detail DART’s security recommendations for tactical containment actions and post-incident activities in the event of an attack. -
Protect your business from password sprays with Microsoft DART recommendations
This blog discusses DART’s investigation techniques and approach to responding to password spray attacks while outlining recommendations for protecting against them. -
How to investigate service provider trust chains in the cloud
This blog outlines DART’s recommendations for incident responders to investigate potential abuse of these delegated admin permissions, independent of the threat actor. -
Behind the unprecedented effort to protect customers against the NOBELIUM nation-state attack
In the third of a four-part series on the NOBELIUM nation-state attack, we share how Microsoft product teams built new detections into products to better protect customers.
