Forum Discussion
Ninja Cat Giveaway: Episode 4 | Defender Experts for Hunting Overview
- Mar 18, 2023How would YOU explain/describe Defender Experts for Hunting to someone?
Defender Experts for Hunting is a managed threat hunting service that proactively looks for threat 24/7/365 across endpoints, Office 365, cloud applications, and identity using M365 Defender data to prioritize significant threat and help with daily SecOps work.
The following capabilities included in this managed threat hunting service:
1> DEN (Defender experts notifications) - Notifications show up as incidents in Microsoft 365 Defender, helping to improve security operations' incident response with specific information about the scope, method of entry, and remediation instructions.
2> EOD (Experts on Demand) - Click the 'Ask Defender Experts' button in M365 Defender portal to ask for help on specific incident, nation state actor, or attack vector
3> Reports - An interactive report summarizing what was hunted and found
4> Threat Hunting and Analytics -Defender Experts for Hunting look deeper to expose advanced threats and identify the scope and impact of malicious activity associated with human adversaries or hands-on-keyboard attacks.
what is Threat hunting?
Threat hunting is the proactive process of identifying and investigating potential security threats or malicious activity on a network, computer, or device. It involves analyzing system and network logs, observing user behavior patterns, and identifying anomalies and suspicious activity that indicate the presence of a threat. The aim of threat hunting is to detect security incidents before they cause harm, and to take steps to prevent them from happening again in the future.
Hi Heike,
Thank you for the show! Our organization just enabled Defender Experts for Hunting recently, so it is a good time for me to join the show and get a vision of this service.
How would YOU explain/describe Defender Experts for Hunting to someone?
- It is a proactive threat hunting service in Microsoft to hunt across multiple services in Microsoft 365 like identity, applications, endpoints, etc. It helps security analysts or operators to search for unknown threats or undetected threats in the tenant. You will be assigned a dedicated MS security experts to help you with the threats detection, investigation, analysis and response etc.
what is Threat hunting?
- Comparing the traditional cybersecurity alerts, threat hunting is a proactive approach to look for unknown and hidden threats.
- HeikeRitterMar 17, 2023
Microsoft
Thank you for answering these questions too!! Would love to hear more how Defender Experts for Hunting helps your organization after you had some time with this service.
As you already won a cat, and we only give one cat per person, I really appreciate your additional contribution 🙂