Incident response

Incident response is the process of detecting, investigating, and responding to cyberattacks, security breaches, or IT incidents. Explore the latest trends and intelligence-driven strategies that help you prevent future attacks.

Refine Results

Filtered by

Clear All

Oldest to Newest

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

Simplify endpoint management with Microsoft Intune
Microsoft Intune is a cloud-based unified endpoint management platform that empowers IT to manage, assess, and protect apps and devices.
Learn more
January 17, 2024

5 min read

New Microsoft Incident Response guides help security teams analyze suspicious activity

Access the first two cloud investigation guides from Microsoft Incident Response to improve triage and analysis of data in Microsoft 365 and Microsoft Entra ID.
March 21, 2024

5 min read

How Microsoft Incident Response and Microsoft Defender for Identity work together to detect and respond to cyberthreats

Learn how Microsoft Incident Response works together with Microsoft Defender for Identity to give customers fast, flexible service—before, during, or after a cybersecurity incident occurs.
April 23, 2024

4 min read

New Microsoft Incident Response guide helps simplify cyberthreat investigations

Discover how to fortify your organization’s cybersecurity defense with this practical guide on digital forensics from Microsoft’s Incident Response team.
June 12, 2024

5 min read

Microsoft Incident Response tips for managing a mass password reset

When an active incident leaves systems vulnerable, a mass password reset may be the right tool to restore security.
Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
Get started
June 25, 2024

7 min read

How to boost your incident response readiness

Discover key steps to bolster incident response readiness, from disaster recovery plans to secure deployments, guided by insights from the Microsoft Incident Response team.
July 27, 2024

16 min read

Windows Security best practices for integrating and managing security tools

We examine the recent CrowdStrike outage and provide a technical overview of the root cause.
August 28, 2024

7 min read

The art and science behind Microsoft threat hunting: Part 3

In this blog post, read how Microsoft Incident Response leverages three types of threat intelligence to enhance incident response scenarios.
February 10

4 min read

Build a stronger security strategy with proactive and reactive incident response: Cyberattack Series

Find out how a cyberattack by Storm-2077 was halted faster because the Microsoft Incident Response team is both proactive and reactive at the same time.
Secure and verify every identity with Microsoft Entra
Microsoft Entra expands beyond identity and access management with new product categories such as cloud infrastructure entitlement management (CIEM) and decentralized identity.
Learn more
March 17

13 min read

StilachiRAT analysis: From system reconnaissance to cryptocurrency theft

Microsoft Incident Response uncovered a novel remote access trojan (RAT) named StilachiRAT, which demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data.
August 5

4 min read

Elevate your protection with expanded Microsoft Defender Experts coverage

Defender Experts now offers 24/7, expert-driven protection for cloud workloads, beginning with hybrid and multicloud servers in Microsoft Defender for Cloud.

Incident response

Filtered by

Refine results

Simplify endpoint management with Microsoft Intune

Retain Microsoft Security Experts

Secure and verify every identity with Microsoft Entra

Get started with Microsoft Security