Microsoft Security Intelligence Report features Azure Security Center Advanced Threat Detection

The Microsoft Security Intelligence Report (SIR) focuses on software vulnerabilities, software vulnerability exploits, malware, and unwanted software.

Current and past reports and related resources are available for download at www.microsoft.com/sir.

We expect that you will find the data, insights, and guidance provided in this report useful in helping you protect your organizations, software, and users.

This years report contains an article near and dear to our hearts here in Azure Security – the article is titled Protecting Cloud Infrastructure: Detecting and Mitigating Threats using Azure Security Center.

In this article we focus on three major topics:

• Threats against cloud deployments and infrastructure - New types of threats can be related to characteristics of the public cloud only, or to issues introduced by connectivity between on-premises environments and the public cloud. This section provides descriptions of some new types of threats.
• The cyber kill chain: on-premises and in the cloud – in this section we review the cyber kill chain model and take a look at some of the differences in the cyber kill chain between on-premises and in the cloud
• Countering threats with Azure Security Center Advanced Threat Detection - Azure Security Center uses a number of methods that work together to provide advanced threat detection. In this section we discuss the various methods including atomic detections, threat intelligence feeds, behavioral analysis, anomaly detection and detection fusion.

We really enjoyed putting this article together for you and we think you’ll learn about some very interesting and powerful threat detection capabilities you get with Azure Security Center. Give the article a read and let us know what you think!

Thanks!

Tom

Tom Shinder
Program Manager, Azure Security
@tshinder | Facebook | LinkedIn | Email | Web | Bing me! | GOOG me