Home

Finding needles in a haystack: How to use Azure ATP to identify and investigate compromised users and suspicious activities at hybrid organizations.

%3CLINGO-SUB%20id%3D%22lingo-sub-865853%22%20slang%3D%22en-US%22%3EFinding%20needles%20in%20a%20haystack%3A%20How%20to%20use%20Azure%20ATP%20to%20identify%20and%20investigate%20compromised%20users%20and%20suspicious%20activities%20at%20hybrid%20organizations.%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-865853%22%20slang%3D%22en-US%22%3EDuring%20attacks%20involving%20compromised%20users%2C%20Security%20Operation%20teams%20often%20struggle%20to%20quickly%20know%20who%20or%20what%20should%20be%20investigated%20and%20triaged%20first.%20This%20session%20is%20a%20great%20opportunity%20to%20learn%20how%20Azure%20ATP%20can%20help%20through%20analyzing%20users%2C%20building%20behavioral%20profiles%2C%20assessing%20the%20top%20users%20to%20investigate%20as%20well%20as%20enabling%20you%20to%20quickly%20identify%20and%20hunt%20through%20both%20suspicious%20activities%20and%20high-confidence%20alerts.%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-865853%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EBRK2127%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Highlighted
Community Manager
During attacks involving compromised users, Security Operation teams often struggle to quickly know who or what should be investigated and triaged first. This session is a great opportunity to learn how Azure ATP can help through analyzing users, building behavioral profiles, assessing the top users to investigate as well as enabling you to quickly identify and hunt through both suspicious activities and high-confidence alerts.

View this session in the session catalog

View session