CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life
In this next post in our series, we provide insight into a day in the life of our SOC analysts investigating common front door attacks.
Mark Simos
Zero Trust strategy—what good looks like
Zero Trust is a model that will ultimately be infused throughout your enterprise and should inform virtually all access decisions and interactions between systems.
Patching as a social responsibility
To plan, implement, and improve an enterprise patch management strategy, Microsoft is partnering with the National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE). Learn how you can also help.
CISO series: Lessons learned from the Microsoft SOC—Part 3a: Choosing SOC tools
In the next post of our series, we provide tips on choosing technology to help a security operations center (SOC) be more responsive, effective, and collaborative.
CISO Series: Lessons learned from the Microsoft SOC Part 2b: Career paths and readiness
In our second post about people—our most valuable resource in the SOC—we talk about our investments into readiness programs, career paths, and recruiting for success.
CISO Series: Lessons learned from the Microsoft SOC—Part 2a: Organizing people
In the second of our three-part series, we focus on the most valuable resource in the SOC—our people.
CISO Series: Lessons learned from the Microsoft SOC—Part 1: Organization
In the first of our three part series, we provide tips on how to manage a security operations center (SOC) to be more responsive, effective, and collaborative.
CISO series: Secure your privileged administrative accounts with a phased roadmap
If you are working on initiatives to secure your privileged accounts (and I hope you are), this post is designed to help.
Cybersecurity Reference Architecture: Security for a Hybrid Enterprise
The Microsoft Cybersecurity Reference Architecture describes Microsoft’s cybersecurity capabilities and how they integrate with existing security architectures and capabilities.
How to mitigate rapid cyberattacks such as Petya and WannaCrypt
Because of how critical security hygiene issues have become and how challenging it is for organizations to follow the guidance and the multiple recommended practices, Microsoft is taking a fresh approach to solving them.
Overview of Petya, a rapid cyberattack
In the first blog post of this 3-part series, we introduced what rapid cyberattacks are and illustrated how they are different in terms of execution and outcome. Next, we will go into some more details on the Petya (aka NotPetya) attack. How Petya worked The Petya attack chain is well understood, although a few small […]
Overview of rapid cyberattacks
Rapid cyberattacks like Petya and WannaCrypt have reset our expectations on the speed and scope of damage that a cyberattack can inflict. The Microsoft Enterprise Cybersecurity Group Detection and Response team worked extensively to help customers respond to and recover from these kinds of attacks. In 2017, among the global enterprise customers that we worked […]