Skip to content
Microsoft Secure
Clear All Apply Filters (175) Loading...
Your selected filters are:

    Blog Posts

    in Azure Information Protection, Microsoft 365, Windows, Windows Defender Advanced Threat Protection, Endpoint Security, Information Protection, Best Practices and How-Tos, Product Updates

    Windows Defender ATP integrates with Microsoft Information Protection to discover, protect, and monitor sensitive data on Windows devices

    This integration empowers Windows to natively understand Azure Information Protection sensitivity labels, to provide visibility into sensitive data on endpoints, to protect sensitive data based on its content, and to detect and respond to post-breach malicious activity that involves or affects sensitive data....

    Read more

    in Windows Defender Advanced Threat Protection, Information Protection, Threat Protection, Best Practices and How-Tos, Research

    Windows Defender ATP has protections for USB and removable devices

    Meet Jimmy. Jimmy is an employee in your company. He Does Things With Computers (official title). Last Wednesday, as Jimmy got out of his car after parking in the company-owned parking lot, he saw something on the ground. That “something” is a 512GB USB flash drive! Jimmy picks up the drive, whistling along to himself...

    Read more

    Diagram showing Windows Defender ATP querying Windows Defender SmartScreen
    in Microsoft 365, Office 365 Advanced Threat Protection, Windows, Windows Defender Advanced Threat Protection, Endpoint Security, Threat Protection, Research

    Tackling phishing with signal-sharing and machine learning

    Across services in Microsoft Threat Protection, the correlation of security signals enhances the comprehensive and integrated security for identities, endpoints, user data, cloud apps, and infrastructure. Our industry-leading visibility into the entire attack chain translates to enriched protection that’s evident in many different attack scenarios, including flashy cyberattacks, massive malware campaigns, and even small-scale, localized...

    Read more

    in Windows, Windows Defender Advanced Threat Protection, Endpoint Security, Threat Protection, Research

    Microsoft AI competition explores the next evolution of predictive technologies in security

    Predictive technologies are already effective at detecting and blocking malware at first sight. A new malware prediction competition on Kaggle will challenge the data science community to push these technologies even further—to stop malware before it is even seen. The Microsoft-sponsored competition calls for participants to predict if a device is likely to encounter malware...

    Read more

    Windows Defender ATP
    in Windows Defender Advanced Threat Protection, Endpoint Security, Threat Protection, Research

    Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP

    In MITRE’s evaluation of endpoint detection and response solutions, Windows Defender Advanced Threat Protection demonstrated industry-leading optics and detection capabilities. The breadth of telemetry, the strength of threat intelligence, and the advanced, automatic detection through machine learning, heuristics, and behavior monitoring delivered comprehensive coverage of attacker techniques across the entire attack chain. MITRE tested the...

    Read more

    in Microsoft Intelligent Security Graph, Office 365 Advanced Threat Protection, Windows, Windows Defender Advanced Threat Protection, Endpoint Security, Incident Response, Threat Protection, Research

    Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

    Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign. Our sensors revealed that the campaign primarily targeted public sector institutions and non-governmental organizations like think tanks and research centers, but also included...

    Read more

    in Azure Active Directory, Office 365 Advanced Threat Protection, Windows, Windows Defender Advanced Threat Protection, Incident Response, Threat Protection, Research

    Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks

    Several weeks ago, the Windows Defender Advanced Threat Protection (Windows Defender ATP) team uncovered a new cyberattack that targeted several high-profile organizations in the energy and food and beverage sectors in Asia. Given the target region and verticals, the attack chain, and the toolsets used, we believe the threat actor that the industry refers to...

    Read more

    in Microsoft 365, Windows, Windows Defender Advanced Threat Protection, Industry Trends, Product Updates

    What’s new in Windows Defender ATP

    We added new capabilities to each of the pillars of Windows Defender ATP’s unified endpoint protection platform: improved attack surface reduction, better-than-ever next-gen protection, more powerful post-breach detection and response, enhanced automation capabilities, more security insights, and expanded threat hunting. These enhancements boost Windows Defender ATP and accrue to the broader Microsoft Threat Protection, an...

    Read more

    in Office 365 Advanced Threat Protection, Windows Defender Advanced Threat Protection, Endpoint Security, Threat Protection, Research

    Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets

    Our analysis of a targeted attack that used a language-specific word processor shows why it’s important to understand and protect against small-scale and localized attacks as well as broad-scale malware campaigns. The attack exploited a vulnerability in InPage, a word processor software for specific languages like Urdu, Persian, Pashto, and Arabic. More than 75% of...

    Read more

    in Microsoft 365, Windows, Windows Defender Advanced Threat Protection, Endpoint Security, Threat Protection, Product Updates, Research

    Windows Defender Antivirus can now run in a sandbox

    Windows Defender Antivirus has hit a new milestone: the built-in antivirus capabilities on Windows can now run within a sandbox. With this new development, Windows Defender Antivirus becomes the first complete antivirus solution to have this capability and continues to lead the industry in raising the bar for security. Putting Windows Defender Antivirus in a...

    Read more