noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

Technology

Arnoldo Mondadori Editore S.p.A.

GialloZafferano porta i propri partner a bordo di Amazon Alexa
Mediatek Inc.

MediaTek, Swisscom, Ericsson and OPPO Enable 5G Carrier Aggregation and[...]
Liberty Global plc

Virgin Media launches 5G services in the UKVirgin Media is launching 5G[...]

Finance

Microsoft Corporation

02/28/2019 | News release | Distributed by Public on 02/28/2019 11:22

Announcing Microsoft Threat Experts

We're excited to introduce Microsoft Threat Experts, an additional layer of expertise and optics that Microsoft customers can utilize to augment security operations capabilities as part of Microsoft 365. This new managed threat hunting service in Windows Defender Advanced Threat Protection provides proactive hunting, prioritization, and additional context and insights that further empower security operations centers (SOCs) to identify and respond to threats quickly and accurately.

Microsoft Threat Experts enables SOCs to jump-start threat investigations by providing context-rich intelligence. This release of the service includes 2 capabilities:

Targeted attack notifications: Alerts that are tailored to organizations provide as much information as can be quickly delivered to bring attention to critical threats in their network, including the timeline, scope of breach, and the methods of intrusion.
Experts on demand: When a threat exceeds the SOC's capability to investigate, or when more actionable information is needed, security experts provide technical consultation on relevant detections and adversaries. In cases where a full incident response becomes necessary, seamless transition to Microsoft incident response (IR) services is available.

Microsoft Threat Experts

With Microsoft Threat Experts, SOCs can further improve defenses by tapping into our world-class security analysts. These experts deeply understand the security landscape and attacker techniques, have intimate knowledge of operating systems, and know how to get the most out of Windows Defender ATP's features and capabilities. Our experience in battling attackers across more than a billion devices worldwide, together with the artificial intelligence (AI) necessary to harness such unprecedented optics and scale, makes our expert team unique and unmatched in the industry.

The next sections describe the two components of this new service in more detail.

Targeted attack notifications

Microsoft Threat Experts provides proactive hunting for the most important threats, such as human adversary intrusions, hands-on-keyboard attacks, and advanced attacks like cyberespionage. The managed threat hunting service includes:

Threat monitoring and analysis, reducing attacker dwell time and risk to business
Hunter-trained AI to discover and prioritize both known and unknown attacks
Identifying the most important risks, helping SOCs maximize time and energy
Scope of compromise and as much context as can be quickly delivered to enable fast SOC response

Custom Threat Experts alert in Windows Defender Security Center

Experts on demand

Customers can partner with Microsoft security experts, who can be engaged directly from within Windows Defender Security Center, for timely and accurate response. Experts provide insights needed to better understand complex threats, from the latest zero-day exploit to the root cause of a suspicious network connection. Through Microsoft Threat Experts, customers can:

Get additional clarification on alerts including root cause or scope of the incident
Gain clarity into suspicious machine behavior and recommended next steps if faced with an advanced attacker
Determine risk and protection regarding threat actors, campaigns, or emerging attacker techniques
Seamlessly transition to Microsoft Incident Response (IR) services when necessary

Ask a Threat Expert button in Windows Defender Security Center

Partnership for improved security

In today's climate of cybersecurity challenges, organizations must fend off relentless attacks even as they go through their journey of building and maturing their security capabilities. Through Microsoft Threat Experts, customers can partner with Microsoft throughout this journey to augment security operations capabilities to prevent, detect, and respond to threats. Customers and Microsoft can build upon each other's expertise, intelligence, and insight through this partnership, forming stronger defense against adversaries.

To illustrate the depth of intelligence and the value of the service to customers' security defenses and overall security posture, we published two case studies for Microsoft Threat Experts on (1) human adversary-based activities related to a zero-day vulnerability and (2) complex 'living off the land ' threats.

Windows Defender ATP customers can now apply for preview through the Windows Defender Security Center. We will contact customers via email to confirm their participation.

Not yet reaping the benefits of Windows Defender ATP's industry-leading optics and detection capabilities? Sign up for free trialtoday.

Talk to us

Questions, concerns, or insights on this story? Join discussions at the Windows Defender ATP community.

Sharing and Personal Tools

Please select the service you want to use:

Back

View original format