Microsoft recently introduced a new security offering for its Microsoft 365 users - Microsoft Threat Experts. This initiative is designed to add an extra layer of expertise and insights into users’ security operations.
Basically, it’s a managed threat hunting service within Windows Defender Advanced Threat Protection that provides proactive hunting, prioritization, context, and insights related to security issues. This is designed to allow organizations to identify potential threats right away so they can address them before major problems arise.
This new offering includes a couple of main features: targeted attack notifications and experts on demand. Here’s some more information about each one.
Microsoft Threat Experts offers targeted attack notifications
This feature delivers alerts that are tailored to each organization. They’re designed to immediately bring attention to network threats and provide as much information as can be delivered quickly, including timeline, scope, and intrusion method. It provides a proactive look into some of the most prevalent threats that organizations face today, including human adversary threats, hands-on-keyboard attacks, and cyber-espionage.
More specifically, the tool uses AI that is trained by threat hunters to discover attacks from both known and unknown sources. Then it has the ability to monitor, analyze, and prioritize security issues to provide you with detailed alerts.
Experts on demand
Microsoft Threat Experts also offers users access to security experts in the event that a threat goes beyond what the SOC can fully investigate. These security experts are available for technical consultations that require a full incident response.
Customers can engage with these experts within the Windows Defender Security Center to receive quick and accurate insights designed to help you better understand certain complex threats. These might include zero-day exploits or suspicious network connections from unknown sources. Customers can gain actionable insights about next steps for threat response and also gain seamless transition to Microsoft Incident Response services when necessary.
Featured image: Freerange Stock