New Blog Post | Automating threat actor tracking

%3CLINGO-SUB%20id%3D%22lingo-sub-2249556%22%20slang%3D%22en-US%22%3ENew%20Blog%20Post%20%7C%20Automating%20threat%20actor%20tracking%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2249556%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22JasonCohen1892_0-1617304788614.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F268935i82E8A96AAD66694B%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22JasonCohen1892_0-1617304788614.png%22%20alt%3D%22JasonCohen1892_0-1617304788614.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fsecurity%2Fblog%2F2021%2F04%2F01%2Fautomating-threat-actor-tracking-understanding-attacker-behavior-for-intelligence-and-contextual-alerting%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EAutomating%20threat%20actor%20tracking%3A%20Understanding%20attacker%20behavior%20for%20intelligence%20and%20contextual%20alerting%20-%20Microsoft%20Security%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%3EIn%20this%20blog%20we%E2%80%99ll%20outline%20a%20probabilistic%20graphical%20modeling%20framework%20used%20by%26nbsp%3B%3C%2FSPAN%3E%3CSPAN%20class%3D%22brand%22%3EMicrosoft%20365%3C%2FSPAN%3E%3CSPAN%3E%26nbsp%3BDefender%20research%20and%20intelligence%20teams%20for%20threat%20actor%20tracking.%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fmicrosoft-defender-atp%2Fmicrosoft-threat-experts%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EMicrosoft%20Threat%20Experts%3C%2FA%3E%3CSPAN%3E%2C%20our%20managed%20threat%20hunting%20service%2C%20utilizes%20this%20model%20to%20enhance%20our%20ability%20to%20quickly%20notify%20customers%20about%20attacks%20in%20their%20environments%20through%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fwindows%2Fsecurity%2Fthreat-protection%2Fmicrosoft-defender-atp%2Fmicrosoft-threat-experts%23targeted-attack-notification%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Etargeted%20attack%20notifications%3C%2FA%3E%3CSPAN%3E.%20These%20notifications%20provide%20technical%20information%20and%20remediation%20guidance%20designed%20to%20empower%20customers%20to%20identify%20and%20mitigate%20critical%20threats%20in%20their%20environments.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2249556%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ECloud%20Security%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20365%20Defender%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EThreat%20Protection%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

JasonCohen1892_0-1617304788614.png

Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual al...

In this blog we’ll outline a probabilistic graphical modeling framework used by Microsoft 365 Defender research and intelligence teams for threat actor tracking. Microsoft Threat Experts, our managed threat hunting service, utilizes this model to enhance our ability to quickly notify customers about attacks in their environments through targeted attack notifications. These notifications provide technical information and remediation guidance designed to empower customers to identify and mitigate critical threats in their environments.

0 Replies