Ninja Cat Giveaway: Episode 4 | Defender Experts for Hunting Overview

How would YOU explain/describe Defender Experts for Hunting to someone?

Defender Experts for Hunting is a managed threat hunting service that proactively looks for threat 24/7/365 across endpoints, Office 365, cloud applications, and identity using M365 Defender data to prioritize significant threat and help with daily SecOps work.

The following capabilities included in this managed threat hunting service:
1> DEN (Defender experts notifications) - Notifications show up as incidents in Microsoft 365 Defender, helping to improve security operations' incident response with specific information about the scope, method of entry, and remediation instructions.
2> EOD (Experts on Demand) - Click the 'Ask Defender Experts' button in M365 Defender portal to ask for help on specific incident, nation state actor, or attack vector
3> Reports - An interactive report summarizing what was hunted and found
4> Threat Hunting and Analytics -Defender Experts for Hunting look deeper to expose advanced threats and identify the scope and impact of malicious activity associated with human adversaries or hands-on-keyboard attacks.


what is Threat hunting?
Threat hunting is the proactive process of identifying and investigating potential security threats or malicious activity on a network, computer, or device. It involves analyzing system and network logs, observing user behavior patterns, and identifying anomalies and suspicious activity that indicate the presence of a threat. The aim of threat hunting is to detect security incidents before they cause harm, and to take steps to prevent them from happening again in the future.