Microsoft Defender Advanced Threat Protection Archives - Page 5 of 5

Forrester names Microsoft a Leader in 2019 Endpoint Security Suites Wave

October 1, 2019 TH Author Cybersecurity, Microsoft 365, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft security intelligence, The Forrester Wave Endpoint Security Suites, Windows Security

Microsoft is positioned as a leader in The Forrester Wave™: Endpoint Security Suites, Q3 2019, receiving among the second highest scores in both the strategy and market presence categories.
The post Forrester names Microsoft a Leader in 2019 Endpoint Security Suites Wave appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware

September 26, 2019 TH Author AI and machine learning, Cybersecurity, Endpoint security, fileless, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, Nodersok, Security Intelligence

A new fileless malware campaign we dubbed Nodersok delivers two very unusual LOLBins to turn infected machines into zombie proxies.
The post Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Automated incident response in Office 365 ATP now generally available

September 9, 2019 TH Author Microsoft Cloud App Security, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Office 365 Security, Phishing, Threat protection

Powerful automation capabilities help improve the effectiveness and efficiency of investigating and responding to Office 365 alerts.
The post Automated incident response in Office 365 ATP now generally available appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

From unstructured data to actionable intelligence: Using machine learning for threat intelligence

August 8, 2019 TH Author AI and machine learning, Automation, Cybersecurity, Endpoint security, indicators of compromise (IoC), machine learning, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, Security Intelligence, threat intelligence, TTPs, Windows Security

Machine learning and natural language processing can automate the processing of unstructured text for insightful, actionable threat intelligence.
The post From unstructured data to actionable intelligence: Using machine learning for threat intelligence appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response

August 7, 2019 TH Author CVE-2019-0887, Cybersecurity, Endpoint security, Event Tracing for Windows (ETW), Exploit, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, Remote Desktop Protocol (RDP), Security Response, Vulnerability, Windows Security

Through a cross-company, cross-continent collaboration, we discovered a vulnerability, secured customers, and developed fix, all while learning important lessons that we can share with the industry.
The post A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection

July 31, 2019 TH Author assertion engine, Cybersecurity, hardware-based isolation, kernel-mode attacks, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, next generation protection, privilege escalation, runtime attestation, Security Intelligence, Threat protection, token swap, token theft, Windows Defender Antivirus, Windows Security

The deep integration of Windows Defender Antivirus with hardware-based isolation capabilities allows the detection of artifacts of attacks that tamper with kernel-mode agents at the hypervisor level.
The post How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

The evolution of Microsoft Threat Protection—July update

July 29, 2019 TH Author Evolution of Microsoft Threat Protection, Evolution of Microsoft Threat Protection page, Microsoft Cloud App Security, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Office 365 Security

Learn about the latest enhancements to Microsoft Threat Protection, the premier solution for securing the modern workplace across identities, endpoints, user data, apps, and infrastructure.
The post The evolution of Microsoft Threat Protection—July update appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

New machine learning model sifts through the good to unearth the bad in evasive malware

July 25, 2019 TH Author AI and machine learning, antivirus, Automation, Cybersecurity, detection evasion, Endpoint security, LockerGoga, machine learning, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft security intelligence, monotonic models, next generation protection, Windows Defender Antivirus

Most machine learning models are trained on a mix of malicious and clean features. Attackers routinely try to throw these models off balance by stuffing clean features into malware. Monotonic models are resistant against adversarial attacks because they are trained differently: they only look for malicious features. The magic is this: Attackers can’t evade a monotonic model by adding clean features. To evade a monotonic model, an attacker would have to remove malicious features.
The post New machine learning model sifts through the good to unearth the bad in evasive malware appeared first on Microsoft Security. READ MORE HERE…