Get to Know the Datasets and How to Use Them During Investigations
The internet can be confusing sometimes. Understanding its datasets doesn't have to be. Come learn how Microsoft Defender Threat Intelligence's datasets can help you uncover related indicators of compromise, which can help you react more readily to threats and build up stronger defenses.Performing a Successful Proof of Concept (PoC)
To effectively determine the benefits of adopting Defender Threat Intelligence, you should perform a Proof of Concept (PoC). Before enabling Defender Threat Intelligence, you and your team should go through a planning process to determine a series of tasks that must be accomplished in this PoC.A Security Copilot Customer’s Guide to MDTI
With just one Security Compute Unit (SCU), Copilot for Security customers have unlimited access to the powerful operational, tactical, and strategic threat intelligence in Microsoft Defender Threat Intelligence (MDTI), a $50k per seat value, at no extra cost. Here's what you need to know.
Using MDTI with the Diamond Model for Threat Intelligence
Microsoft Defender Threat Intelligence (MDTI) provides robust tools and features that enable security analysts to quickly investigate incidents and respond to cyber threats by applying the Diamond Model for Intrusion Analysis Framework to threat intelligence.Unified MDTI APIs in Microsoft Graph Now GA
We’re thrilled to share that the unified APIs that are part of the Microsoft Graph are now generally available! These APIs come with a single endpoint, permissions, auth model, and access token. The Microsoft Defender Threat Intelligence (Defender TI) API for Incidents, Alerts, and Hunting allows organizations to query Defender TI data to operationalize intelligence gleaned from threat actors, tools, and vulnerabilities. Security teams can enrich their understanding of entities inside security incidents, automate triage efforts, and integrate with a broad ecosystem of security tools, including Microsoft Sentinel.
