Forum Discussion
MicrosoftResources for Automatic attack disruption
Hi all,
because this topic is really HOT, I thought I am sharing a collection of resources with you.
Recordings:
- Microsoft Secure (free registration required):
- How XDR defends against ransomware across the entire kill chain with Corina Feuerstein
- Ask the Experts: How XDR defends against ransomware across the entire kill chain - Ninja Show episode Attack disruption, with Hadar Feldman
- Ignite announcement: What’s new in SIEM and XDR: Attack disruption and SOC empowerment - Events | Microsoft Learn
Blogs:
- Automatic disruption of Ransomware and BEC attacks with Microsoft 365 Defender
- XDR attack disruption in action – Defending against a recent BEC attack
Documentation:
What do you think about this new and exciting capability? Do you have any questions on how it works that we didn't refer to? If so feel free to start a conversation here! 🙂 Oh and if I missed another resource, let me know too!
Heike
1 Reply
- Corina Feuerstein
I for one am really excited by this new feature HeikeRitter! It really sets the XDR bar at a new level, where the "R" in "DR" moves from tools for manual SOC response actions to the system taking proactive automatic response actions to block attacker progress and contain the threat!
We're already hearing from customers how significant badness was prevented in their environment by disruption kicking in quickly and accurately to stop and evolving attack.
What do other folks here think about this new capability? Have you seen it in action in your environment? Thoughts on where/how it should evolve? Let us know!
