Create an account


Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Microsoft - The evolution of Microsoft Threat Protection, RSA edition

#1
The evolution of Microsoft Threat Protection, RSA edition

<div style="margin: 5px 5% 10px 5%;"><img src="http://www.sickgaming.net/blog/wp-content/uploads/2019/03/the-evolution-of-microsoft-threat-protection-rsa-edition.png" width="1975" height="1078" title="" alt="" /></div><div><p>Last week, the <a href="https://www.microsoft.com/en-us/security" target="_blank" rel="noopener noreferrer">Microsoft Security</a> team attended the <a href="https://www.rsaconference.com/events/us19" target="_blank" rel="noopener noreferrer">RSA conference</a> in San Francisco, California. We made several key announcements about <a href="https://www.microsoft.com/en-us/security/technology/threat-protection" target="_blank" rel="noopener noreferrer">Microsoft Threat Protection</a>, the solution which provides end users optimal security from the moment they log in, use email, work on documents, or utilize cloud applications <em>and</em> offers security professionals the benefit of minimal complexity while staying ahead of threats to their organization. As we previously <a href="https://www.microsoft.com/security/blog/2018/11/13/the-evolution-of-microsoft-threat-protection-november-update/" target="_blank" rel="noopener noreferrer">alluded to</a>, Microsoft Threat Protection is on a journey to provide organizations seamless, integrated, and comprehensive security across multiple attack vectors. In this RSA edition, we want to share where we are in this journey, the most recent new capabilities launched, and the vision of where we’re going as we continue executing toward our goal of offering best-in-class security for modern organizations.</p>
<h3>The journey taken</h3>
<p>Microsoft Threat Protection is supported by tremendous investment and focus across multiple engineering teams. Each month, we report discrete enhancements to the solution, but Figure 1 shows the many years of strategic investments and designed capabilities which helped create the solution we offer today. As the timeline demonstrates, each discrete enhancement is tied to the larger vision of Microsoft Threat Protection and our effort to ensure customers are offered the best and most secure threat protection available on the market. The roots of Microsoft Threat Protection stretch back to 2014, with the launch of advanced identity protection capabilities offered in <a href="https://azure.microsoft.com/en-us/pricing/details/active-directory/" target="_blank" rel="noopener noreferrer">Azure Active Directory Premium</a>. Development of the Microsoft Intelligent Security Graph, which weaves our security services together, began shortly thereafter. Building on these strong foundations in identity protection (<a href="https://azure.microsoft.com/en-us/features/azure-advanced-threat-protection/" target="_blank" rel="noopener noreferrer">including security for on-premises identities</a>) and intelligence, we then launched services <a href="https://products.office.com/en-us/exchange/advance-threat-protection" target="_blank" rel="noopener noreferrer">securing email and documents</a>, <a href="https://www.microsoft.com/en-us/enterprise-mobility-security/cloud-app-security?rtc=1" target="_blank" rel="noopener noreferrer">cloud apps</a>, <a href="https://securitycenter.windows.com/" target="_blank" rel="noopener noreferrer">endpoints</a>, and <a href="https://azure.microsoft.com/en-us/services/security-center/" target="_blank" rel="noopener noreferrer">infrastructure</a>. Over the last few years, we have leveraged the connectivity of the Intelligent Security Graph to integrate and seamlessly correlate signals across all our services, to help provide an optimized security experience with minimal complexity for customers.</p>
<p><a href="http://www.sickgaming.net/blog/wp-content/uploads/2019/03/the-evolution-of-microsoft-threat-protection-rsa-edition.png" target="_blank" rel="noopener noreferrer"><img class="alignnone wp-image-89107 size-full" src="http://www.sickgaming.net/blog/wp-content/uploads/2019/03/the-evolution-of-microsoft-threat-protection-rsa-edition.png" alt width="1975" height="1078"></a></p>
<p><em>Figure 1. The development timeline of Microsoft Threat Protection.</em></p>
<p>The journey is continuing, as we further enhance and develop capabilities which secure customers with Microsoft Threat Protection. Next, we look at announcements made at RSA this year, which are significant strides on our evolution toward the full potential Microsoft Threat Protection.</p>
<h3>Tomorrow’s SIEM, available today</h3>
<p>Many organizations leverage Security Information and Events Management (SIEM) products to support their digital transformation. As the value of digital information continues to increase, so does the volume and sophistication of attacks. Several customers have told us their existing SIEM products are unable to keep pace.</p>
<p>To address this need, at RSA we announced the launch of <a href="https://azure.microsoft.com/en-us/services/azure-sentinel/" target="_blank" rel="noopener noreferrer">Microsoft Azure Sentinel</a>, which adds the benefits of a next-gen SIEM to the Microsoft Threat Protection solution. Azure Sentinel is a cloud-native solution, providing intelligent security analytics for the entire organization. With Azure Sentinel (Figure 2), collection of security data across the entire hybrid organization from devices, to users, to apps, to servers on any cloud is easy. It includes built-in artificial intelligence (AI) to help ensure threats are identified quickly and significantly reduces the burden of traditional SIEMs by eliminating the need to spend time setting up, maintaining, and scaling infrastructure. Since it is built on Azure, it offers nearly limitless cloud scale and speed to address your security needs. Traditional SIEMs are also expensive to own and operate, often requiring high upfront costs and continued high costs for infrastructure maintenance and data ingestion. With Azure Sentinel there are no upfront costs as you pay for what you use.&nbsp; Additionally, organizations can bring their Office 365 activity data to Azure Sentinel <em>for free</em>. It takes just a few clicks to retain your Office 365 data within the Microsoft cloud.&nbsp;<a href="https://azure.microsoft.com/en-us/blog/introducing-microsoft-azure-sentinel-intelligent-security-analytics-for-your-entire-enterprise/" target="_blank" rel="noopener noreferrer">Learn more</a> about Azure Sentinel and opt in for a <a href="https://azure.microsoft.com/en-us/free/" target="_blank" rel="noopener noreferrer">trial today</a>.</p>
<p><a href="http://www.sickgaming.net/blog/wp-content/uploads/2019/03/the-evolution-of-microsoft-threat-protection-rsa-edition-1.png" target="_blank" rel="noopener noreferrer"><img class="alignnone wp-image-89109 size-full" src="http://www.sickgaming.net/blog/wp-content/uploads/2019/03/the-evolution-of-microsoft-threat-protection-rsa-edition-1.png" alt width="1026" height="577"></a></p>
<p><em>Figure 2. The Azure Sentinel – Overview portal.</em></p>
<h3>Combining artificial intelligence with human expertise for unparalleled security</h3>
<p>Human expertise will always be pivotal for strong security. However, by 2021, there will be an estimated <a href="https://cybersecurityventures.com/jobs/" target="_blank" rel="noopener noreferrer">shortage of 3.5 million</a> security professionals. To help organizations benefit from the knowledge of seasoned security analysts, we announced <a href="https://www.microsoft.com/security/blog/2019/02/28/announcing-microsoft-threat-experts/" target="_blank" rel="noopener noreferrer">Microsoft Threat Experts</a> at RSA adding another significant capability to Microsoft Threat Protection to augment customers Security Operation Centers (SOCs). Microsoft Threat Experts is currently offered as part of our endpoint security service, <a href="https://securitycenter.windows.com/" target="_blank" rel="noopener noreferrer">Windows Defender ATP</a> and blends the benefits of human analysts with our industry leading endpoint security service. Soon, Threat Experts will extend to cover more components of Microsoft Threat Protection. It is a new managed threat hunting service providing proactive hunting, prioritization, and additional context and data-driven insights, further helping SOCs identify and respond to threats quickly and accurately. Microsoft Threat Experts enables SOCs to jump-start threat investigations by providing context-rich intelligence. The feature offers:</p>
<ul>
<li><strong>Targeted attack notifications:</strong> Offers monitoring by Microsoft’s threat experts and provides notifications to customers in case a breach is identified. In cases where a full incident response becomes necessary, seamless transition to Microsoft incident response (IR) services is available.</li>
<li><strong>Experts on demand (Figure 3):</strong> Security experts provide technical consultation on relevant detections and adversaries.</li>
</ul>
<p><a href="http://www.sickgaming.net/blog/wp-content/uploads/2019/03/the-evolution-of-microsoft-threat-protection-rsa-edition-2.png" target="_blank" rel="noopener noreferrer"><img class="alignnone wp-image-89112 size-full" src="http://www.sickgaming.net/blog/wp-content/uploads/2019/03/the-evolution-of-microsoft-threat-protection-rsa-edition-2.png" alt width="1434" height="816"></a></p>
<p><em>Figure 3. Microsoft Threat Experts “Ask a Threat Expert” button.</em></p>
<p><a href="https://www.microsoft.com/security/blog/2019/02/28/announcing-microsoft-threat-experts/" target="_blank" rel="noopener noreferrer">Learn more</a> about Microsoft Threat Experts and check out <a href="https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Microsoft-Threat-Experts-Case-studies-for-managed-threat-hunting/ba-p/358244" target="_blank" rel="noopener noreferrer">these case studies</a> that showcase the significant benefit of combined human and artificial intelligence. Get started on a <a href="https://winatpregistration-prd.trafficmanager.net/UserAgreement?wt.mc_id=AID702266_QSG_245679&amp;ocid=AID702266_QSG_245679" target="_blank" rel="noopener noreferrer">Windows Defender ATP trial</a> and begin your <a href="https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-atp/configure-microsoft-threat-experts" target="_blank" rel="noopener noreferrer">preview of Microsoft Threat Experts</a>.</p>
<h3>Experience the evolution of Microsoft Threat Protection</h3>
<p>Take a moment to&nbsp;<a href="https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Announcing-Microsoft-Threat-Protection/ba-p/262783" target="_blank" rel="noopener noreferrer">learn more about Microsoft Threat Protection</a>, read our previous&nbsp;<a href="https://www.microsoft.com/security/blog/the-evolution-of-microsoft-threat-protection/" target="_blank" rel="noopener noreferrer">monthly updates</a>, and visit&nbsp;<a href="https://www.microsoft.com/en-us/security/technology/threat-protection" target="_blank" rel="noopener noreferrer">Integrated and automated security</a>.&nbsp;<a href="https://customers.microsoft.com/en-us/story/telit-professional-services-microsoft-365" target="_blank" rel="noopener noreferrer">Organizations</a> have already transitioned to Microsoft Threat Protection and <a href="https://techcommunity.microsoft.com/t5/What-s-New/SecOps-is-more-effective-thanks-to-Microsoft-Windows-Defender/m-p/272925#M145" target="_blank" rel="noopener noreferrer">partners</a> are leveraging its powerful capabilities. Begin a trial of Microsoft Threat Protection services today to experience the benefits of the most comprehensive, integrated, and secure threat protection solution for the modern workplace. And check out <a href="http://www.microsoft.com/security/blog/2019/03/14/evolution-microsoft-threat-protection-rsa-edition-2/" target="_blank" rel="noopener noreferrer">part 2 of this blog</a>, where we discuss a new unified SecOps experience, powerful new features to strengthen your cloud app security, unique automation capabilities launching in Office 365, and an early look at the full vision and scope of Microsoft Threat Protection.</p>
</div>
Reply



Forum Jump:


Users browsing this thread:
1 Guest(s)

Forum software by © MyBB Theme © iAndrew 2016