At Microsoft Secure, we are excited to announce several new innovations from the Microsoft Defender Threat Intelligence (MDTI) team. These updates enable our customers to access valuable, high-fidelity threat intelligence where, when, and how they need it:
- To optimize MDTI content for customers, we have enhanced the look and feel of vulnerability profiles and are releasing the full corpus of Microsoft’s intel profiles to the MDTI standard version.
- We are keeping pace with Copilot for Security as it evolves, launching a new side card experience in the threat intelligence blade of Defender XDR. We have also introduced new MDTI skills and promptbooks for Copilot that deliver more of Microsoft's world-class threat intelligence to the SOC at machine speed.
- Finally, as we continue to build a more comprehensive threat intelligence experience across Microsoft Defender XDR, we’re proud to announce that MDTI content is now available via the global search function.
Read more about what's rolling out at Microsoft Secure 2024 below:
New MDTI skills and workbooks for Copilot for Security
MDTI is making more threat intelligence available via new Copilot for Security skills and workbooks to help customers understand the full scope of attacks, anticipate the next steps of an ongoing campaign, and drive an optimal security plan for their organizations at machine speed and scale.
These include:
- Correlate MDTI data with Defender XDR information: These out-of-the-box prompt books correlate MDTI data with other critical security information from Defender XDR such as incidents and hunting activities to help a user understand the broader scope of an attack.
- Correlate MDTI Content with Threat Analytics (TA) content: When prompted, this skill reasons over threat intelligence content from MDTI and Threat Analytics, and provides a summary of the two, e.g., "Tell me everything Microsoft knows about [this threat actor]."
- Obtain current reputation TI for file hashes, URLs, Domains, and IPs: This skill shows the full information for hashes and URLs, including MDTI and SONAR data.
Register for our Tech Community Webinar in April 11 to learn more about how MDTI enables Copilot to deliver threat intelligence at machine speed.
Read the full post here: What's New at Microsoft Secure 2024- Tech Community