Zero Out Your Incident Queue - Human-led Microsoft Defender Experts for XDR
Offload high-severity incidents, gain full visibility into every investigation, and follow clear, guided remediation steps so you can contain attacks quickly and confidently, day or night. Extend your security operations with always-on managed detection and response and proactive threat hunting, so you can uncover hidden risks early, stop threats threats they spread, and strengthen your defenses to prevent future attacks. Maynald Savatdy, Microsoft Defender Expert, shows how to detect, contain, and hunt threats across your environment with support from human experts. Stay protected at all hours. Extend security coverage to nights, weekends, & holidays without staffing new shifts. Defender Experts for XDR includes managed detection and response and proactive threat hunting. Reduce response time and uncertainty. Take guided remediation steps from human experts instead of guessing what to do next. See how Microsoft Defender Experts for XDR works. Uncover hidden threats early. Microsoft Defender Experts proactively hunts across your environment and acts on contextual alerts before exploits become public. See it here. QUICK LINKS: 00:00 — Microsoft Defender Experts 00:54–24/7 Security Coverage 01:35 — Visibility & guidance actions 03:34 — Incidents and alerts 04:25 — Social engineering attack 05:36 — Defender Experts for hunting 06:34 — Wrap up Link References Get started at https://aka.ms/DefenderExperts Unfamiliar with Microsoft Mechanics? As Microsoft’s official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast Keep getting this insider knowledge, join us on social: Follow us on Twitter: https://twitter.com/MSFTMechanics Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics Video Transcript: -What if your security team had elite defenders available 24/7 ready to detect, respond, investigate, and hunt threats across your environment? Every day you may need to look at dozens or hundreds of incidents, and anyone of them could pose an existential threat to your organization. This is where our human-led Microsoft Defender Experts for XDR, our managed detection and response service and team come in, to work through those incidents for you. They work behind the scenes to bring deep expertise in triaging and investigating incidents, augmenting your SOC team. And you can track progress directly in Microsoft Defender. -In fact, I’m part of the global Microsoft Defender Experts team and we represent Microsoft’s own experienced security analysts and threat hunters. People who live and breathe cybersecurity. We’ve managed some of the worst situations and developed deep understanding of all the ways systems and endpoints can be compromised. We work around the clock, including after hours, weekends, and holidays, to augment your team. Defender Experts for XDR also includes a dedicated Defender Experts for Hunting service. This augments your team with our trained engineers that proactively hunt down risks and vulnerabilities across different entry points and services. If you are part of a larger organization with an expert SecOps team, you can also get Defender Experts for Hunting as a standalone service. Our human-led team of experts will work with bespoke tooling and queries, including AI. -In fact, we’ll uncover and work through advanced threats using up-to-the-second intel that automated systems might miss and correlate data from live raw sources that may not yet have been published. Let’s start in Microsoft Defender. You’re looking at the Incidents view, and normally, to stay protected, you’d need to triage these incidents and work them yourself. These are legitimate attacks unique to your organization and infrastructure. There could be dozens or hundreds of active incidents. The Defender Experts team will triage and work the incident queue for you as an opt-in managed service to augment your security team. In fact, right from the Home screen of the Defender portal, you’ll see the latest incidents that have been worked through by our Defender Experts team. These are stats for the number of investigated incidents and how many were resolved directly or with your help. -Let’s click in to see all incidents for the ones that need your attention. This status means that the recommended actions needs to be taken by someone on your team. This could be due to credential resets or policy configuration changes only your team may be authorized to perform. If I click into the incident for initial access involving one user, right up top you’ll see that it’s been assigned to Defender Experts. By default, any medium or high severity incident will get our attention. You can see the managed response provided by the Defender Expert who worked on the incident. There’s a detailed summary of what happened, how the incident started, the scope of entities and services impacted, any discovered indicators of compromise, in this case, email information and a malicious phishing URL, along with which entities were investigated. And below that are details for the Advanced Hunting Queries that were used. -Here you can see our Defender analyst was able to query emails containing the suspicious URL, which devices connected to that URL, the emails from the compromised sender account, then finally who clicked on the URL in the emails from that compromised account. And you can see the Awaited Actions below that you as the customer would need to take care of, like taking action to create an indicator that automatically blocks traffic to the URL, a password reset for the affected user, and requiring the user to sign in again by revoking their sessions. So you have full visibility into what our Defender Experts worked on and any guidance for actions that you need to take. Additionally, our Defender Experts can raise incidents and alerts themselves when suspicious activity is detected. This incident with the Defender Experts prefix was raised as both an incident and alert by our team. It’s a Teams Phishing Activity involving initial access, execution, and privilege escalation. -From the Managed Response summary, we can see the details of the attack, which the team was able to contain, and if I scroll down, you can see the specific actions completed. They first disabled the targeted account, then created an indicator to block the suspicious domain, and they were able to block incoming Teams messages from the malicious actor along with all of the related IP addresses. So as you saw, these are hands-on interventions. When something suspicious pops up, we don’t just send an alert. Our team digs in, validates what’s happening, and guides you through any containment and remediation steps that we can’t directly perform. -Let me expand on a social engineering attack to gain remote access, similar to this Teams incident I showed earlier, and how we addressed it. It started when we investigated an alert that was triggered when a user installed a remote viewing and management tool on their work device. At first glance, this type of software isn’t inherently malicious. It’s often used for legitimate IT support. However, our analysts noticed a pattern that didn’t align with normal behavior. The installation followed a series of junk emails sent to the user, an email bombing attack, and a Teams message claiming to be from Technical Support. Once installed, the adversary began using legitimate system paths to gain deeper access. Our team quickly disabled the user and attacker accounts and lines of communication, isolated the device and notified the customer, stopping the attack before it spread further into the network. -Leveraging Microsoft Threat Intelligence and access to global security data for broader querying, we identified the threat actor. Following the containment, our hunters then initiated proactive searches across other customer tenants and issued intelligence-driven notifications to prevent the spread and further compromise. This is just a recent example of how attackers combine social engineering with their tactics, techniques, and procedures. Beyond reactive support, Defender Experts for Hunting, as the name suggests, proactively hunts for threats in your environment and across the ecosystem. This the Defender Experts custom alert. It’s an overview of suspicious activity, complete with context, severity, and details. Clicking into the Summary tab, there’s a tile view of alerts, recommended queries, evidence and more. Last July, before any public CVE was announced, our team observed unusual activity on a SharePoint server where the W3WP executable was seen invoking PowerShell commands with Base64 encoding, behavior that typically signals an exploit attempt. -Using advanced hunting queries, we were able to confirm this was not just an isolated event. Based on our queries, we could confirm the attackers were actively probing weaknesses in other environments. We used the results to find the list of over 100 organizations that were vulnerable to this attack and proactively warned them of their exposure even before the exploit became widely known with guidance on how to address it. -So, whether you’re a small team looking to scale your security operations, or a large enterprise needing deeper threat insights, Microsoft Defender Experts gives you the confidence of knowing elite defenders are watching your back. To learn more or get started, head to aka.ms/DefenderExperts and keep watching Microsoft Mechanics for the latest tech updates. Thanks for watching.
Beyond Visibility: Hybrid Identity Protection with Microsoft Entra & Defender for Identity
In a previous blog, we explored how Microsoft Entra and Defender for Identity form a powerful duo for hybrid identity protection. But visibility alone isn’t enough. To truly defend your organization, you need to operationalize that visibility—turning insights into action, and strategy into security outcomes. Let’s explore how to take your hybrid identity protection to the next level. From Detection to Response: Building a Unified Identity SOC Security teams often struggle with fragmented signals across cloud and on-prem environments. Defender for Identity and Entra solve this by feeding identity-based alerts into Microsoft 365 Defender and Microsoft Sentinel, enabling: Centralized incident response: Investigate identity threats alongside endpoint, email, and cloud signals. Automated playbooks: Trigger actions like disabling accounts or enforcing stricter access policies. Advanced hunting: Use KQL queries to uncover stealthy attacks like domain dominance or golden ticket abuse. This unified approach transforms your SOC from reactive to proactive. Strengthening Identity Posture with Entra ID Protection Once threats are detected, Entra ID Protection helps you contain and prevent them: Risk-based Conditional Access: Automatically block or challenge risky sign-ins based on Defender for Identity signals. User risk remediation: Force password resets or MFA enrollment for compromised accounts. Policy tuning: Use insights from past incidents to refine access controls and reduce false positives. This adaptive security model ensures that your defenses evolve with the threat landscape. To learn more about these and additional policy-driven security mechanisms, please visit: Risk policies - Microsoft Entra ID Protection | Microsoft Learn Least Privilege at Scale with Entra ID Governance Identity protection isn’t just about stopping attacks—it’s about minimizing the blast radius. Entra ID Governance helps enforce least privilege by: Automating access reviews: Regularly audit who has access to sensitive resources. Just-in-time access: Grant temporary permissions only when needed. Entitlement management: Control access to apps and groups with policy-based workflows. By reducing unnecessary access, you make lateral movement harder for attackers—and easier for auditors. To learn more about least privilege, please visit: Understanding least privilege with Microsoft Entra ID Governance | Microsoft Learn Real-Time Insights with Microsoft Sentinel Sentinel supercharges your hybrid identity protection with: Custom dashboards: Visualize risky users, sign-in anomalies, and privilege escalations. Threat intelligence fusion: Correlate identity signals with external threat feeds. Data connectors: Stream Entra and Defender for Identity logs for deep analysis and long-term retention. This gives you the clarity to spot patterns and the context to act decisively. To learn more about Microsoft Sentinel, please visit: What is Microsoft Sentinel SIEM? | Microsoft Learn Next Steps: Operationalize Your Identity Strategy To move from visibility to action: Deploy Defender for Identity sensors across all domain controllers. Integrate with Microsoft 365 Defender and Sentinel for unified threat detection. Enable risk-based Conditional Access in Entra to respond to identity threats in real time. Implement least privilege policies using Entra ID Governance. Use Sentinel for advanced hunting and analytics to stay ahead of attackers. Final Thoughts Hybrid identity protection isn’t a checkbox—it’s a continuous journey. By operationalizing the integration between Microsoft Entra and Defender for Identity, you empower your security teams to detect, respond, and prevent identity threats with precision and speed.Comprehensive Identity Protection—Across Cloud and On-Premises
Hybrid IT environments, identity is the new perimeter—and protecting it requires visibility across both cloud and on-premises systems. While Microsoft Entra secures cloud identities with intelligent access controls, Microsoft Defender for Identity brings deep insight into your on-premises Active Directory. Together, they form a powerful duo for comprehensive identity protection. Why Hybrid Identity Protection Matters Most organizations haven’t fully moved to the cloud. Legacy systems, on-prem applications, and hybrid user scenarios are still common, and attackers know it. They exploit these gaps using techniques like: Pass-the-Hash and Pass-the-Ticket attacks Credential stuffing and brute-force logins Privilege escalation and lateral movement Without visibility into on-prem identity activity, these threats can go undetected. That’s where Defender for Identity steps in. What Is Microsoft Defender for Identity? Defender for Identity is part of Microsoft Defender XDR—a cloud-based solution that monitors on-premises Active Directory for suspicious behavior. It uses behavioral analytics and threat intelligence to detect identity-based attacks in real time. Key capabilities: Detects compromised accounts and insider threats Monitors lateral movement and privilege escalation Surfaces risky users and abnormal access patterns Integrates with Microsoft 365 Defender and Sentinel for unified response Why It Pairs Perfectly with Microsoft Entra Microsoft Entra (formerly Azure AD) protects cloud identities with features like Conditional Access, Multifactor Authentication, and Identity Governance. But Entra alone can’t see what’s happening in your on-prem AD. By combining Entra and Defender for Identity, you get: End-to-end visibility across cloud and on-prem environments Real-time threat detection for suspicious activities like lateral movement, privilege escalation, and domain dominance Behavioral analytics to identify compromised accounts and insider threats Integrated response capabilities to contain threats quickly and minimize impact Actionable insights that help strengthen your identity posture and reduce risk Together, they deliver comprehensive identity protection—giving you the clarity, control, and confidence to defend against modern threats. Real-World Impact Imagine a scenario where an attacker gains access to a legacy on-prem account and begins moving laterally across systems. Defender for Identity detects the unusual behavior and flags the account as risky. Entra then blocks cloud access based on Conditional Access policies tied to that risk signal—stopping the attack before it spreads. Getting Started Deploy Defender for Identity sensors on your domain controllers Install a sensor - step-by-step instructions to install Defender for Identity sensors on your domain controllers to begin monitoring on-premises identity activity. Activate the sensor on a domain controller - Guidance on activating the installed sensor to ensure it starts collecting and analyzing data. Deployment overview - A high-level walkthrough of the Defender for Identity deployment process, including prerequisites and architecture. Connect Defender for Identity to Microsoft 365 Defender Integration in the Microsoft Defender portal - Learn how to connect Defender for Identity to Microsoft 365 Defender for centralized threat detection and response. Pilot and deploy Defender for Identity - Best practices for piloting Defender for Identity in your environment before full-scale deployment. Enable risk-based Conditional Access in Entra Configure risk policies in Entra ID Protection - Instructions for setting up risk-based policies that respond to identity threats in real time. Risk-based access policies overview - An overview of how Conditional Access uses risk signals to enforce adaptive access controls. Use Entra ID Governance to enforce least privilege Understanding least privilege with Entra ID Governance - Explains how to apply least privilege principles using Entra’s governance tools. Best practices for secure deployment - Recommendations for securely deploying Entra ID Governance to minimize identity-related risks. Integrate both with Microsoft Sentinel for advanced hunting Microsoft Defender XDR integration with Sentinel - How to connect Defender for Identity and other Defender components to Microsoft Sentinel for unified security operations. Send Entra ID data to Sentinel - Instructions for streaming Entra ID logs and signals into Sentinel for deeper analysis. Microsoft Sentinel data connectors - A catalog of available data connectors, including those for Entra and Defender for Identity, to expand your threat detection capabilities. Final Thoughts It's the perfect time to evaluate your identity protection strategy. By pairing Microsoft Entra with Defender for Identity, you gain full visibility across your hybrid environment—so you can detect threats early, respond quickly, and protect every identity with confidence. Ready to strengthen your identity perimeter? Start by deploying Defender for Identity and configuring Entra policies today.Cybersecurity Starts Here: Strong Passwords for Nonprofits
In the nonprofit world, trust is everything. Whether you're protecting donor data, safeguarding beneficiary information, or managing internal systems, your digital security matters. One of the simplest—and most powerful—ways to protect your organization is by using strong passwords. These tools form the first line of defense against cyber threats and help ensure your mission stays on track. Why Strong Passwords Matter Weak passwords are like unlocked doors—they invite trouble. Cybercriminals often exploit simple or reused passwords to gain unauthorized access, impersonate staff, steal sensitive data, or disrupt operations. A strong password acts as a digital lock: hard to guess, harder to crack. Characteristics of a strong password: At least 12 characters long A mix of uppercase, lowercase, numbers, and symbols Unique for every account Not based on personal info (no pet names, birthdays, or favorite sports teams!) Microsoft Tools That Help You Stay Secure Microsoft offers nonprofit-friendly tools to help enforce strong password policies and protect user identities: Microsoft Entra ID (formerly Azure Active Directory) Centralized identity and access management Multi-factor authentication (MFA) to prevent unauthorized logins Conditional access policies and role-based access control Microsoft 365 Security Center Monitor password-related alerts and suspicious sign-ins Enforce password expiration and complexity policies View security recommendations tailored to your organization Microsoft Defender for Endpoint Detects brute-force password attacks and credential theft Protects devices from malware and phishing attempts Integrates with Microsoft 365 for unified threat response Tips for Nonprofit Teams Building a culture of cybersecurity starts with small, consistent actions: Make it policy: Require strong passwords use across your organization Train your team: Host a lunch-and-learn or share a how-to guide on password safety Enable MFA: Add multi-factor authentication for all accounts Audit regularly: Review access and update credentials when staff roles change Clean up old accounts: Remove unused logins and shared credentials Your Mission Deserves Protection Cybersecurity isn’t just an IT issue—it’s a mission-critical priority. By adopting strong password practices, you’re taking a proactive step to protect your people, your data, and your impact. Microsoft’s ecosystem offers scalable, nonprofit-friendly tools to help you build a secure foundation—so you can focus on what matters most: serving your community.Strengthen Your Security Posture This October with Smarter Endpoint Protection
As organizations accelerate digital transformation, endpoints have become the frontline of defense—and the most frequent target. From phishing emails to fileless malware, attackers are exploiting gaps in visibility and response. It’s no longer enough to react after the fact. You need security that’s proactive, intelligent, and built for scale. Microsoft Defender for Endpoint delivers exactly that—combining real-time detection, automated remediation, and deep threat analytics to help you stay ahead of adversaries. Detection: Smarter Than Signature-Based Security Defender for Endpoint uses a multi-layered detection strategy that goes far beyond traditional methods: Behavioral Analysis: It monitors how apps and users behave, flagging anomalies like privilege escalation or lateral movement. Machine Learning & AI: Defender analyzes trillions of signals daily to identify patterns that indicate emerging threats—even zero-day attacks. Threat Intelligence: Backed by Microsoft’s global security graph, it detects known malware, ransomware, and nation-state tactics in real time. Endpoint Detection & Response (EDR): It continuously collects and analyzes endpoint data to surface suspicious activity and indicators of compromise. Response: Automated, Precise, and Scalable Once a threat is detected, Defender doesn’t just alert—it acts: Automated Investigation & Remediation: Defender uses AI to investigate alerts, determine root cause, and automatically contain or remove threats. Attack Timeline: Security teams get a visual map of the attack’s progression, helping them understand how it started and spread. Live Response: Analysts can remotely connect to compromised devices, run scripts, collect forensic data, and take corrective action. Integration with Microsoft Sentinel: Defender feeds threat data into your SIEM for broader visibility and correlation across your environment. Real-World Impact Take the example of a nonprofit organization targeted by a phishing campaign. Defender for Endpoint detected unusual PowerShell activity, isolated the device, and triggered an automated investigation. Within minutes, the threat was neutralized—no data loss, no downtime. Why It Matters During Cybersecurity Awareness Month, it’s the perfect time to evaluate your endpoint security. Defender for Endpoint doesn’t just detect threats—it empowers your team to respond with speed and confidence. Getting Started with Microsoft Security 1. Review Your Microsoft Secure Score - Start by assessing your current security posture in the Microsoft 365 Defender portal. Secure Score provides a prioritized list of recommendations to improve your organization's security based on real usage and configurations. Link: Assess your security posture through Microsoft Secure Score - Microsoft Defender XDR | Microsoft Learn 2. Enable Automated Investigation & Remediation (AIR) - Reduce response time and manual effort by turning on AIR. It automatically investigates alerts, determines root causes, and takes remediation actions—helping you contain threats faster. Link: Use automated investigations to investigate and remediate threats - Microsoft Defender for Endpoint | Microsoft Learn 3. Explore Threat Analytics in Defender - Threat Analytics provides expert-driven insights into emerging threats, vulnerabilities, and attack techniques—tailored to your environment. Use it to stay ahead of adversaries and understand how global threats impact your organization. Link: Threat analytics in Microsoft Defender XDR - Microsoft Defender XDR | Microsoft Learn 4. Connect Microsoft Defender to Sentinel - Integrate Defender with Microsoft Sentinel to unify your security operations. This enables centralized monitoring, advanced hunting, and automated incident response across your entire digital estate. Link: Connect Microsoft Defender XDR data to Microsoft Sentinel | Microsoft Learn This Cybersecurity Awareness Month, empower your organization to stay one step ahead of evolving threats. With Microsoft Defender for Endpoint, you gain intelligent, automated protection and deep visibility—so you can detect, respond, and neutralize risks before they turn into breaches.Protect AI apps with Microsoft Defender
Stay in control with Microsoft Defender. You can identify which AI apps and cloud services are in use across your environment, evaluate their risk levels, and allow or block them as needed — all from one place. Whether it’s a sanctioned tool or a shadow AI app, you’re equipped to set the right policies and respond fast to emerging threats. Microsoft Defender gives you the visibility to track complex attack paths — linking signals across endpoints, identities, and cloud apps. Investigate real-time alerts, protect sensitive data from misuse in AI tools like Copilot, and enforce controls even for in-house developed apps using system prompts and Azure AI Foundry. Rob Lefferts, Microsoft Security CVP, joins me in the Mechanics studio to share how you can safeguard your AI-powered environment with a unified security approach. Identify and protect apps. Instantly surface all generative AI apps in use across your org — even unsanctioned ones. How to use Microsoft Defender for Cloud Apps. Extend AI security to internally developed apps. Get started with Microsoft Defender for Cloud. Respond with confidence. Stop attacks in progress and ensure sensitive data stays protected, even when users try to bypass controls. Get full visibility in Microsoft Defender incidents. Watch our video. QUICK LINKS: 00:00 — Stay in control with Microsoft Defender 00:39 — Identify and protect AI apps 02:04 — View cloud apps and website in use 04:14 — Allow or block cloud apps 07:14 — Address security risks of internally developed apps 08:44 — Example in-house developed app 09:40 — System prompt 10:39 — Controls in Azure AI Foundry 12:28 — Defender XDR 14:19 — Wrap up Link References Get started at https://aka.ms/ProtectAIapps Unfamiliar with Microsoft Mechanics? As Microsoft’s official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast Keep getting this insider knowledge, join us on social: Follow us on Twitter: https://twitter.com/MSFTMechanics Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics Video Transcript: - While generative AI can help you do more, it can also introduce new security risks. Today, we’re going to demonstrate how you can stay in control with Microsoft Defender to discover the GenAI cloud apps that people in your organization are using right now and approve or block them based on their risk. And for your in-house developed AI apps, we’ll look at preventing jailbreaks and prompt injection attacks along with how everything comes together with Microsoft Defender incident management, to give you complete visibility into your events. Joining me once again to demonstrate how to get ahead of everything is Microsoft Security CVP, Rob Lefferts. Welcome back. - So glad to be back. - It’s always great to have you on to keep us ahead of the threat landscape. In fact, since your last time on the show, we’ve seen a significant increase in the use of generative AI apps, and some of them are sanctioned by IT but many of them are not. So what security concerns does this raise? - Each of those apps really carries their own risk, and even in-house developed apps aren’t necessarily immune to risk. We see some of the biggest risks with Consumer apps, especially the free ones, which are often designed to collect training data as users upload files into them or paste content into their prompts that can then be used to retrain the underlying model. So, before you know it, your data might be part of the public domain, that is, unless you get ahead of it. - And as you showed, this use of your data is often written front and center in the terms and conditions of these apps. - True, but not everyone reads all the fine print. To be clear, people go into these apps with good intentions, to work more efficiently and get more done, but they don’t always know the risks; and that’s where we give you the capabilities you need to identify and protect Generative AI SaaS apps using Microsoft Defender for Cloud Apps. And you can combine this with Microsoft Defender for Cloud for your internally developed apps alongside the unified incident management capabilities in Microsoft Defender XDR where the activities from both of these services and other connected systems come together in one place. - So given just how many cloud apps there are out there and a lot of companies building their own apps, where would you even start? - Well, for most orgs, it starts with knowing which external apps people in your company are using. If you don’t have proactive controls in place yet, there’s a pretty good chance that people are bringing their own apps. Now to find out what they’re using, right from the unified Defender portal, you can use Microsoft Defender for Cloud Apps for a complete view of cloud apps and websites in use inside your organization. The signal comes in from Defender-onboarded computers and phones. And if you’re not already using Defender for Cloud Apps, let me start by showing you the Cloud app catalog. Our researchers at Microsoft are continually identifying and classifying new cloud apps as they surface. There are over 34,000 apps across all of these filterable categories that are all based on best practice use cases across industries. Now if I scroll back up to Generative AI, you’ll see that there are more than 1,000 apps. And I’ll click on this control to filter the list down, and it’s a continually expanding list. We even add to it when existing cloud apps integrate new gen AI capabilities. Now once your signal starts to come in from your managed devices, moving back over to the dashboard, you’ll see that I have visibility into the full breadth of Cloud Apps in use, including Generative AI apps and lots of other categories. The report under Discovered apps provides visibility into the cloud apps with the broadest use within your managed network. And from there, you can again see categories of discovered apps. I’ll filter by Generative AI again, and this time it returns the specific apps in use in my org. Like before, each app has a defined risk score of 0 to 10, with 10 being the best, based on a number of parameters. And if I click into any one of them, like Microsoft Copilot, I can see the details as well as how they fair for general areas, a breadth of security capabilities, as well as compliance with standards and regulations, and whether they appear to meet legal and privacy requirements. - And this can save a lot of valuable time especially when you’re trying to get ahead of risks. - And Defender for Cloud Apps doesn’t just give you visibility. For your managed devices enrolled into Microsoft Defender, it also has controls that can either allow or block people from using defined cloud apps, based on the policies you have set as an administrator. From each cloud app, I can see an overview with activities surrounding the app with a few tabs. In the cloud app usage tab, I can drill in even more to see usage, users, IP addresses, and incident details. I’ll dig into Users, and here you can see who has used this app in my org. If I head back to my filtered view of generative AI apps in use, on the right you can see options to either sanction apps so that people can keep using them, or unsanction them to block them outright from being used. But rather than unsanction these apps one-by-one like Whack-a-Mole, there’s a better way, and that’s with automation based on the app’s risk score level. This way, you’re not manually configuring 1,000 apps in this category; nobody wants to do that. So I’ll head over to policy management, and to make things easier as new apps emerge, you can set up policies based on the risk score thresholds that I showed earlier, or other attributes. I’ll create a new policy, and from the dropdown, I’ll choose app discovery policy. Now I’ll name it Risky AI apps, and I can set the policy severity here too. Now, I’m going to select a filter, and I’ll choose category first, I’ll keep equals, and then scroll all the way down to Generative AI and pick that. Then, I need to add another filter. In this case, I’m going to find and choose risk score. I’ll pause for a second. Now what I want to happen is that when a new app is documented, or an existing cloud app incorporates new GenAI capabilities and meets my category and risk conditions, I want Defender for Cloud Apps to automatically unsanction those apps to stop people from using them on managed devices. So back in my policy, I can adjust this slider here for risk score. I’ll set it so that any app with a risk score of 0 to 6 will trigger a match. And if I scroll down a little more, this is the important part of doing the enforcement. I’ll choose tag app as unsanctioned and hit create to make it active. With that, my policy is set and next time my managed devices are synced with policy, Defender for Endpoint will block any generative AI app with a matching risk score. Now, let’s go see what it looks like. If I move over to a managed device, you’ll remember one of our four generative AI apps was something called Fakeyou. I have to be a little careful with how I enunciate that app name, and this is what a user would see. It’s clearly marked as being blocked by their IT organization with a link to visit the support page for more information. And this works with iOS, Android, Mac, and, of course, Windows devices once they are onboarded to Defender. - Okay, so now you can see and control which cloud apps are in use in your organization, but what about those in-house developed apps? How would you control the AI risks there? - So internally developed apps and enterprise-grade SaaS apps, like Microsoft Copilot, would normally have the controls and terms around data usage in place to prevent data loss and disallow vendors from training their models on your data. That said, there are other types of risks and that’s where Defender for Cloud comes in. If you’re new to Defender for Cloud, it connects the security team and developers in your company. For security teams, for your apps, there’s cloud security posture management to surface actions to predict and give you recommendations for preventing breaches before they happen. For cloud infrastructure and workloads, it gives you insights to highlight risks and guide you with specific protections that you can implement for all of your virtual machines, your data infrastructure, including databases and storage. And for your developers, using DevOps, you can even see best practice insights and associated risks with API endpoints being used, and in Containers see misconfigurations, exposed secrets and vulnerabilities. And for cloud infrastructure entitlement management, you can find out where you have potentially overprovisioned or inactive entitlements that could lead to a breach. And the nice thing is that from the central SecOps team perspective, these signals all flow into Microsoft Defender for end-to-end security tracking. In fact, I have an example here. This is an in-house developed app running on Azure that helps an employee input things like address, tax information, bank details for depositing your salary, and finding information on benefits options that employees can enroll into. It’s a pretty important app to ensure that the right protections are in place. And for anyone who’s entered a new job right after graduation, it can be confusing to know what benefits options to choose from, things like 401k or IRA for example in the U.S., or do you enroll into an employee stock purchasing program? It’s actually a really good scenario for generative AI when you think about it. And if you can act on the options it gives you to enroll into these services, again, it’s super helpful for the employees and important to have the right controls in place. Obviously, you don’t want your salary, stock, or benefits going into someone else’s account. So if you’re familiar with how generative AI apps work, most use what’s called a system prompt to enforce basic rules. But people, especially modern adversaries, are getting savvy to this and figuring out how to work around these basic guardrails: for example, by telling these AI tools to ignore their instructions. And I can show you an example of that. This is our app’s system prompt, and you’ll see that we’ve instructed the AI to not display ID numbers, account numbers, financial information, or tax elections with examples given for each. Now, I’ll move over to a running session with this app. I’ve already submitted a few prompts. And in the third one, with a gentle bit of persuasion, basically telling it that I’m a security researcher, for the AI model to ignore the instructions, it’s displaying information that my company and my dev team did not want it to display. This app even lets me update the bank account IBAN number with a prompt: Sorry, Adele. Fortunately, there’s a fix. Using controls as part of Azure AI Foundry, we can prevent this information from getting displayed to our user and potentially any attacker if their credentials or token has been compromised. So this is the same app on the right with no changes to the system message behind it, and I’ll enter the prompts in live this time. You’ll see that my exact same attempts to get the model to ignore its instructions no matter what I do, even as a security researcher, have been stopped in this case using Prompt Shields and have been flagged for immediate response. And these types of controls are even more critical as we start to build more autonomous agentic apps that might be parsing messages from external users and automatically taking action. - Right, and as we saw in the generated response, protection was enforced, like you said, using content safety controls in Azure AI Foundry. - Right, and those activities are also passed to Defender XDR incidents, so that you can see if someone is trying to work around the rules that your developers set. Let me quickly show you where these controls were set up to defend our internal app against these types of prompt injection or jailbreak attempts. I’m in the new Azure AI Foundry portal under safety + security for my app. The protected version of the app has Prompt shields for jailbreak and indirect attacks configured here as input filters. That’s all I had to do. And what I showed before was a direct jailbreak attack. There can also be indirect attacks. These methods are a little sneakier where the attacker, for example, might poison reference data upstream with maybe an email sent previously or even an image with hidden instructions, which gets added to the prompt. And we protect you in both cases. - Okay, so now you have policy protections in place. Do I need to identify and track issues in their respective dashboards then? - You can, and depending on your role or how deep in any area you want to go, all are helpful. But if you want to stitch together multiple alerts as part of something like a multi-stage attack, that’s where Defender XDR comes in. It will find the connections between different events, whether the user succeeded or not, and give you the details you need to respond to them. I’m now in the Defender XDR portal and can see all of my incidents. I want to look at a particular incident, 206872. We have a compromised user account, but this time it’s not Jonathan Wolcott; it’s Marie Ellorriaga. - I have a feeling Jonathan’s been watching these shows on Mechanics to learn what not to do. - Good for him; it’s about time. So let’s see what Marie, or the person using her account, was up to. It looks like they found our Employee Assistant internal app, then tried to Jailbreak it. But because our protections were in place, this attempt was blocked, and we can see the evidence of that from this alert here on the right. Then we can see that they moved on to Microsoft 365 Copilot and tried to get into some other finance-related information. And because of our DLP policies preventing Copilot from processing labeled content, that activity also wouldn’t have been successful. So our information was protected. - And these controls get even more important, I think, as agents also become more mainstream. - That’s right, and those agents often need to send information outside of your trust boundary to reason over it, so it’s risky. And more than just visibility, as you saw, you have active protections to keep your information secure in real-time for the apps you build in-house and even shadow AI SaaS apps that people are using on your managed devices. - So for anyone who’s watching today right now, what do you recommend they do to get started? - So to get started on the things that we showed today, we’ve created end-to-end guidance for this that walks you through the entire process at aka.ms/ProtectAIapps; so that you can discover and control the generative AI cloud apps people are using now, build protections into the apps you’re building, and make sure that you have the visibility you need to detect and respond to AI-related threats. - Thanks, Rob, and, of course, to stay up-to-date with all the latest tech at Microsoft, be sure to keep checking back on Mechanics. Subscribe if you haven’t already, and we’ll see you again soon.
