A Security Copilot Customer’s Guide to MDTI
With just one Security Compute Unit (SCU), Copilot for Security customers have unlimited access to the powerful operational, tactical, and strategic threat intelligence in Microsoft Defender Threat Intelligence (MDTI), a $50k per seat value, at no extra cost. Here's what you need to know.What's in an MDTI Web Crawl?
Want to learn how data found from the DOM of web pages is so powerful when it comes to investigating threats? Check out this blog to learn more about Microsoft Defender Threat Intelligence's web crawling process and how its internet derived datasets can bolster your cyber threat investigations.
Unified MDTI APIs in Microsoft Graph Now GA
We’re thrilled to share that the unified APIs that are part of the Microsoft Graph are now generally available! These APIs come with a single endpoint, permissions, auth model, and access token. The Microsoft Defender Threat Intelligence (Defender TI) API for Incidents, Alerts, and Hunting allows organizations to query Defender TI data to operationalize intelligence gleaned from threat actors, tools, and vulnerabilities. Security teams can enrich their understanding of entities inside security incidents, automate triage efforts, and integrate with a broad ecosystem of security tools, including Microsoft Sentinel.Performing a Successful Proof of Concept (PoC)
To effectively determine the benefits of adopting Defender Threat Intelligence, you should perform a Proof of Concept (PoC). Before enabling Defender Threat Intelligence, you and your team should go through a planning process to determine a series of tasks that must be accomplished in this PoC.Using MDTI with the Diamond Model for Threat Intelligence
Microsoft Defender Threat Intelligence (MDTI) provides robust tools and features that enable security analysts to quickly investigate incidents and respond to cyber threats by applying the Diamond Model for Intrusion Analysis Framework to threat intelligence.Get to Know the Datasets and How to Use Them During Investigations
The internet can be confusing sometimes. Understanding its datasets doesn't have to be. Come learn how Microsoft Defender Threat Intelligence's datasets can help you uncover related indicators of compromise, which can help you react more readily to threats and build up stronger defenses.
