02/28/2019 | News release | Distributed by Public on 02/28/2019 11:22
We're excited to introduce Microsoft Threat Experts, an additional layer of expertise and optics that Microsoft customers can utilize to augment security operations capabilities as part of Microsoft 365. This new managed threat hunting service in Windows Defender Advanced Threat Protection provides proactive hunting, prioritization, and additional context and insights that further empower security operations centers (SOCs) to identify and respond to threats quickly and accurately.
Microsoft Threat Experts enables SOCs to jump-start threat investigations by providing context-rich intelligence. This release of the service includes 2 capabilities:
Microsoft Threat Experts
With Microsoft Threat Experts, SOCs can further improve defenses by tapping into our world-class security analysts. These experts deeply understand the security landscape and attacker techniques, have intimate knowledge of operating systems, and know how to get the most out of Windows Defender ATP's features and capabilities. Our experience in battling attackers across more than a billion devices worldwide, together with the artificial intelligence (AI) necessary to harness such unprecedented optics and scale, makes our expert team unique and unmatched in the industry.
The next sections describe the two components of this new service in more detail.
Targeted attack notifications
Microsoft Threat Experts provides proactive hunting for the most important threats, such as human adversary intrusions, hands-on-keyboard attacks, and advanced attacks like cyberespionage. The managed threat hunting service includes:
Custom Threat Experts alert in Windows Defender Security Center
Experts on demand
Customers can partner with Microsoft security experts, who can be engaged directly from within Windows Defender Security Center, for timely and accurate response. Experts provide insights needed to better understand complex threats, from the latest zero-day exploit to the root cause of a suspicious network connection. Through Microsoft Threat Experts, customers can:
Ask a Threat Expert button in Windows Defender Security Center
Partnership for improved security
In today's climate of cybersecurity challenges, organizations must fend off relentless attacks even as they go through their journey of building and maturing their security capabilities. Through Microsoft Threat Experts, customers can partner with Microsoft throughout this journey to augment security operations capabilities to prevent, detect, and respond to threats. Customers and Microsoft can build upon each other's expertise, intelligence, and insight through this partnership, forming stronger defense against adversaries.
To illustrate the depth of intelligence and the value of the service to customers' security defenses and overall security posture, we published two case studies for Microsoft Threat Experts on (1) human adversary-based activities related to a zero-day vulnerability and (2) complex 'living off the land ' threats.
Windows Defender ATP customers can now apply for preview through the Windows Defender Security Center. We will contact customers via email to confirm their participation.
Not yet reaping the benefits of Windows Defender ATP's industry-leading optics and detection capabilities? Sign up for free trialtoday.
Talk to us
Questions, concerns, or insights on this story? Join discussions at the Windows Defender ATP community.
Follow us on Twitter @WDSecurity.