Better together with Azure WAF + Microsoft Defender for Storage + Defender for Azure SQL Databases
Authored by: Fernanda_Vela , saikishor, Yura_Lee Reviewed by: YuriDiogenes, Mohit_Kumar, Amir_Dahan, eitanbremler , Kitt_Weatherman Introduction Often, customers ask why additional workload protection is needed when a web application firewall is already in place. Azure Web Application Firewall (WAF) serves as a critical control at the application edge, inspecting inbound HTTP/S traffic and blocking common web-based exploits before they reach backend services. However, modern attack paths are no longer limited to the web entry point. Attackers increasingly target components that bypass HTTP/S inspection altogether such as direct access to storage and SQL through SDKs, native integration tools, private endpoints, or compromised identities and third-party integrations. This is where Microsoft Defender for Cloud complements WAF. While WAF focuses on securing the application boundary, Defender for Cloud extends protection into the resource layer by providing Cloud-Native Application Protection Platform (CNAPP) capabilities, including security posture management and workload protection. Using resource-native signals, it helps identify misconfigurations and detect suspicious control-plane and data-plane activity that would otherwise remain invisible to perimeter controls. The Azure Networking Security blog post “Zero Trust with Azure Firewall, Azure DDoS Protection, and Azure WAF: A practical approach” highlights WAF’s role in inspecting inbound HTTP/S traffic, detecting malicious request patterns (such as OWASP Top 10 vulnerabilities), and reducing direct exposure of backend endpoints by enforcing a controlled application entry point. Building on that foundation, this blog focuses on a “better together” approach that combines WAF with Microsoft Defender for Cloud protecting storage and database. Through practical scenarios and posture insights, we will underline how these controls together: Reduces attack surface at the application entry point Continuously improves security posture through configuration and exposure analysis Detects and responds to threats targeting storage accounts and SQL databases beyond the web perimeter By the end of this post, you will understand how Defender for Cloud’s Storage and SQL protections extend the visibility provided by WAF, enabling protection not only at the edge, but also across the underlying data services. Together, these controls form a cohesive model that addresses both external attack vectors and internal or indirect access paths. Note: This is not a deep configuration guide for rule tuning, nor a replacement for official product documentation. It is intended to help architects and security teams align responsibilities and understand how these services reinforce each other. Architecture: The architecture below shows the traffic flow and where each service fits in the lab used in this blog to simulate the attacks. Azure Application Gateway with WAF is the internet-facing entry point, inspecting inbound HTTP/S traffic before it reaches the backend. Behind it, Azure Firewall provides both network- and application-layer inspection for inbound and outbound flows. In the backend subnet, multiple VMs host the workload. For our demonstration, we focus on a single host running: OWASP Juice Shop (port 3000), An upload API that writes to Azure Storage (port 8080) An API that connects to Azure SQL Database (port 5000). This setup allows us to simulate realistic attack paths originating both from the internet and from within the network. Figure 1: Architecture that shows resources with Application Gateway with WAF, Azure Firewall Premium and inbound traffic Note: The patterns in this blog apply to both Azure WAF platforms: Application Gateway WAF and Azure Front Door WAF. The lab uses Application Gateway WAF for the demonstration. Now, let’s head to the next section where we dive deep into these services to understand their capabilities with some attacks, alerts and insights. Azure Web Application Firewall at the Edge As we may have understood by now, Azure WAF is the first layer of protection, inspecting external web traffic for malicious patterns. Each incoming request is evaluated against its rulesets to either allow, block or log this traffic by using its managed and custom rulesets. Now, what are these rulesets? Azure WAF uses managed rule sets like the Default Rule Set (DRS) (version 2.2 as of this writing), which incorporate OWASP Top 10 protections and Microsoft threat intelligence to block common attacks (SQL injection, XSS, remote file inclusion, etc.) in real time. Additional managed sets include a Bot Protection rule set (to guard against malicious bots scraping content) and HTTP DDoS rule set (to detect Layer 7 DDoS patterns). Beyond the built-ins, you can define custom WAF rules for application-specific needs—blocking or allowing traffic based on attributes like geolocation, IP ranges, or specific URL paths. Now let’s talk about an example scenario. In our lab, Azure WAF is protecting multiple backend services on different paths and ports. When an external attacker tries to exploit the Juice Shop app with a crafted XSSattack, Azure WAF immediately detects the malicious pattern and blocks the request at the gateway as seen below. Figure 2: An XSS attack on the juiceshop website, immediately results in a 403 Forbidden as WAF catches this attack in the application layer. However, WAF’s inspection is inherently limited to traffic it can see, primarily, the HTTP/S flows it fronts. Let’s say our attacker changes tactics: instead of trying to force malicious code through the web interface, they obtain a stolen storage key or credentials through phishing and attempt to access the Azure Storage account directly via APIs. This request never goes through WAF, so WAF cannot assess or block it. In such a case, Microsoft Defender for Storage’s threat detection monitors for such suspicious activity, for example by raising an alert about the unusual direct access or flagging a malware file uploaded to a blob container. Likewise, if our attacker exploited a weakness in application code to run malicious SQL commands on the database (whether through potentially harmful application or a suspicious service account), Defender for SQL monitors for and alerts anomalous query patterns or suspicious logins. This illustrates why WAF and Defender for Cloud are complementary: WAF stops web attacks at the door, while Defender for Cloud watches for threats that get inside or come through alternate doors. Figure 3: Single-host lab architecture with Azure Application Gateway (WAF) and resource‑level protection Figure 3 illustrates the key distinction: WAF inspects and protects the application entry point, while Defender for Cloud provides visibility into the resources themselves. Together, they cover both the path into the application and the behavior within the environment—forming a complete protection model across layers. Because not all access to storage and databases may flow through the application gateway, you also need resource-level posture and threat detection to see and stop activity that never appears in WAF logs. Cloud Security Posture Management with Defender for Cloud With the edge covered, the next challenge is reducing risk that originates from misconfiguration and resource exposure. Most successful attacks originate from exposed services and misconfigurations rather than direct application-layer exploits. Microsoft Defender for Cloud’s storage and database protection provide security posture insights that help identify and prioritize these security gaps at the resource level. Defender for Cloud has visibility insights that capture the resources’ misconfigurations on the control and data plane via the Recommendations view in the Azure portal, as shown in the example below: Figure 4: Juice Shop’s storage account and SQL server recommendations Figure 4 is a list of recommendations organized by risk level for this particular environment. The security team should harden the “defendertestsai” storage asset by preventing shared access keys, and the “juiceshop” SQL database by provisioning an Entra administrator. Each recommendation will also provide guidance to remediate these findings. The “Data & AI Dashboard” in Defender for Cloud, with Defender CSPM, will also provide security posture insight into storage, database and AI resources by surfacing their risks, alerts and sensitive data discovery all in one dashboard. Figure 5: Juice Shop’s Sensitive data discovery and Data threat detection dashboard in Defender for Cloud’s “Data&AI section”. Under Data closer look, in Figure 5, you can see in this example, starting from the left, sensitive information found in scanned resources, level alerts for databases and storage resources based on severity, templatized queries from the Cloud Security Explorer, and a graph displaying all internet exposed data resources below. These powerful insights on data resources all come from Defender for Cloud, designed to help customers harden their environment by priority through visibility across their entire data ecosystem based on risk level. Figure 6: Juice Shop’s attack path “Internet exposed Azure VM with high severity vulnerabilities allows lateral movement to Critical Storage used by Azure AI Foundry”. Attack paths are potential avenues in which an attacker can infiltrate and compromise data. In Figure 6 above, we see insight into not only the storage account itself, but the context around it: an internet exposed storage account is connected to other assets like a virtual machine and a managed identity that has permissions to manipulate data. These Defender for Cloud security posture insights complement WAF and complete the defense-in-depth security approach: harden the data services so that even if an attacker reaches them the blast radius is smaller, and the likelihood of compromise is reduced. Defender for Cloud’s advanced threat protection Even in well-secured environments, attackers often interact directly with storage accounts or databases through identities, APIs, or trusted internal paths. Reducing exposure is critical but not sufficient. Detection is required once an attacker begins interacting with data Defender for Cloud’s advanced threat protection for Storage and SQL surfaces resource-level security alerts such as suspicious access patterns, anomalous queries, and malware detections—often with richer context than perimeter telemetry alone. Let’s use a malware alert for a storage account in the Defender portal as an example: Figure 7: Juice Shop’s storage account security alert “Malicious blob uploaded to storage account”. Malware scanning is a common requirement for teams that process user uploads or must meet security benchmarks. In this lab, Juice Shop allows users to upload files (for example, feedback attachments), and the upload API writes those files to Azure Blob Storage. Azure WAF inspects the HTTP request that delivers the upload headers, parameters, payload patterns and blocks web-layer attacks like XSS or SQLi. Scanning blob contents after they land is a different job, performed at the resource layer by Defender for Storage. With Defender for Storage malware scanning enabled, each uploaded blob is scanned; if the verdict is malware, Defender for Cloud raises an alert such as “Malicious blob uploaded to storage account” as shown in figure 7. Then, with Defender for Storage’s automated malware remediation, the malicious blog is set to soft-delete for quarantine and further analysis. SQL databases are high-value targets for data access, privilege escalation, and exploitation of vulnerable applications. Database protection in Defender for Cloud has the visibility to provide customers with control plane and data plane level insight to alert on suspicious activity such as anomalous logons, unusual client applications, and injection-like query patterns. For example, here’s a potential SQL injection alert for a database in the Defender portal: Figure 8: Juice Shop’s database security alert on a potential SQL injection. These alerts typically include investigation context such as the client application, client principal name, and the statement or pattern in question, along with severity to help you prioritize, as shown in Figure 8. From there, analysts can use recommended response actions (for example, to contain risky access paths or harden the database) to reduce the chance of repeat activity. In practice, Defender for Cloud threat detection gives SOC teams prioritized, resource-specific alerts with the context needed to investigate quickly and take action at the storage and database layers. Conclusion Azure Application Gateway with WAF is a necessary control to reduce application-layer risk at the edge. But defense in depth requires the assumption that some threats will reach or target data services directly. By layering Microsoft Defender for Storage and Microsoft Defender for SQL on top of Azure WAF, you add continuous posture insights to reduce preventable exposure, plus threat protection that detects suspicious activity at the resource layer. Operated together, these services provide stronger prevention, better detection coverage, and clearer response paths than single control alone.Monthly news - May 2026
Microsoft Defender Monthly news - May 2026 Edition This is our monthly "What's new" blog post, summarizing product updates and various new assets we released over the past month across our Defender products. In this edition, we are looking at all the goodness from April 2026. We are now including news related to Defender for Cloud in the Defender portal. For all other Defender for Cloud news, have a look at the dedicated Defender for Cloud Monthly News here. 🚀 New Virtual Ninja Show episode: The future of identity protection with Predictive Shielding Network-layer data protection with Microsoft Entra GSA and Purview DLP Data lake federation: hunt across external data without ingesting it Weekly Security News: We publish a short 1ish minute video every week with updates across our Microsoft Security stack. Subscribe to our YouTube channel, so you don't miss the next episode. Actionable threat insights CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments Email threat landscape: Q1 2026 trends and insights Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook Detection strategies across cloud and identities against infiltrating IT workers Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise Microsoft Defender Blog post: Containing a domain compromise: How predictive shielding shut down lateral movement (Public Preview) You can now view the current status of automatic attack disruption and predictive shielding actions related to a specific incident. You view this data in the Activities tab of the incident page. Learn more We made several enhancements across the Advanced hunting experience, read this blog post for all the details. (Public Preview) The AIAgentsInfo table in advanced hunting now includes additional columns that provide deeper visibility into AI agents operating in your Microsoft 365 environment. These fields expand coverage beyond Copilot Studio to all agent types, including Microsoft Foundry, third-party marketplace, and custom line-of-business agents. (Generally Available) Built-in alert tuning rules are now generally available. Built-in alert tuning rules suppress alerts from common benign activity in Defender for Endpoint and Defender for Office 365 without affecting Automated Investigation and Response (AIR) investigations and email notifications. Microsoft Defender Experts for XDR customers can now see Defender Experts as a distinct entry in the Microsoft Defender portal navigation menu. This feature adds to the existing home page status card as in-portal experiences that provide consistent and predictable access to the service. Learn more Blog post: Simplifying AWS defense with Microsoft Sentinel UEBA Call to action: update automation by July 1, 2026 - Account Name is now consistently the UPN prefix for analytics rule alerts! Microsoft Sentinel is updating how the account entity's Account Name value is populated for analytics rule alerts when the full UPN is mapped into Account Name. This change improves consistency for downstream automation rules and Logic Apps playbooks. For more information, including before and after examples, read the blog article Update: Changing the Account Name Entity Mapping in Microsoft Sentinel. For all other Sentinel News, have a look at the "What's new in Microsoft Sentinel blog post - April edition" Microsoft Defender for Endpoint / Microsoft Defender Vulnerability Management (Public Preview) You can now view the current status of automatic attack disruption and predictive shielding actions related to a specific incident. You view this data in the Activities tab of the incident page. Learn more Microsoft Secure Score now includes the Ensure devices are updated to Secure Boot 2023 certificates and boot manager, which helps identify devices that haven't yet transitioned to the new Secure Boot 2023 certificates required ahead of the June 2026 expiration. To learn more about the recommendation, see Assess Secure Boot status with Microsoft Defender (blog). Microsoft Defender for Identity (Public Preview) Custom account correlation rules. Custom account correlation rules let you link accounts that belong to the same identity, such as privileged accounts with unique naming conventions. You can correlate accounts that don't share strong identifiers such as account ID, SID, object ID, or UPN by defining rules based on UPN prefix, UPN suffix, domain UPN, or employee ID. For more information, see Create custom account correlation rules. (Generally Available) The Automatic Windows event-auditing configuration for sensors v3.x is now generally available. Automatic Windows event-auditing streamlines deployment by automatically applying the required auditing settings to new sensors and correcting misconfigurations on existing ones.Monthly news - January 2026
Microsoft Defender Monthly news - January 2026 Edition This is our monthly "What's new" blog post, summarizing product updates and various new assets we released over the past month across our Defender products. In this edition, we are looking at all the goodness from December 2025. Defender for Cloud has its own Monthly News post, have a look at their blog space. 🚀 New Virtual Ninja Show episode: Advancements in Attack Disruption Vulnerability Remediation Agent in Microsoft Intune Microsoft Defender (Public Preview) The following advanced hunting schema tables are now available for preview: The CampaignInfo table contains contains information about email campaigns identified by Microsoft Defender for Office 365 The FileMaliciousContentInfo table contains information about files that were processed by Microsoft Defender for Office 365 in SharePoint Online, OneDrive, and Microsoft Teams General Availability of the Security Alert Triage Agent (previously named Phishing Triage Agent): this agent autonomously analyzes user‑reported phishing emails to determine whether they’re true threats or false positives, dramatically reducing manual triage workload. It continuously learns from analyst feedback and provides clear, natural‑language explanations for every verdict, giving SOC teams both speed and transparency. We're excited to share it is now generally available and, very soon, will expand to also triage cloud and identity alerts! Learn more on our docs. Public Preview of Dynamic Threat Detection Agent: Announced at Ignite, this always‑on agent hunts for unseen threats by continuously correlating telemetry and creating new, context‑aware detections on the fly—closing gaps traditional rules can’t see. We're excited to share it is now in Public Preview! Learn more on our docs. Public Preview of Threat Hunting Agent: Announced at Ignite, this agent gives every analyst the power to investigate like an expert by turning natural‑language questions into guided, real‑time hunts that surface hidden patterns, reveal meaningful pivots, and eliminate the need to write complex queries. We're excited to share it is now in Public Preview! Learn more on our docs. General Availability of the Threat Intelligence Briefing Agent: this agent delivers daily, tailored intelligence briefings directly in Microsoft Defender—automatically synthesizing Microsoft’s global threat insights with your organization’s context to surface prioritized risks, clear recommendations, and relevant assets so teams can shift from reactive research to proactive defense in minutes. We're excited to share it is now generally available! Learn more on our docs. (General Availability) The hunting graph in advanced hunting is now generally available. It also now has two new predefined threat scenarios that you can use to render your hunts as interactive graphs. (General Availability) Advanced hunting now supports custom functions that use tabular parameters. With tabular parameters, you can pass entire tables as inputs. This approach lets you build more modular, reusable, and expressive logic across your hunting queries. Learn more Note: The Phishing Triage Agent has since been expanded and is now called the Security Alert Triage Agent. Learn more at aka.ms/SATA Microsoft Defender for Endpoint (Public Preview) Triage collection: Use triage collection to prioritize incidents and hunt threats with the Sentinel Model Context Protocol (MCP) server. Microsoft Defender for Identity New ADWS LDAP search activity is now available in the 'IdentityQueryEvents' table in Advanced Hunting. This can provides visibility into directory queries performed through ADWS, helping customers track these operations and create custom detection based on this data. (Public Preview) New properties for 'sensorCandidate' resource type in Graph-API. Learn more here. Microsoft Defender for Cloud Apps Integration of Defender for Cloud Apps permissions with Microsoft Defender XDR Unified RBAC is now available worldwide. For more information, see Map Microsoft Defender for Cloud Apps permissions to the Microsoft Defender XDR Unified RBAC permissions. To activate the Defender for Cloud Apps workload, see Activate Microsoft Defender XDR Unified RBAC. (Public Preview) The Defender for Cloud Apps app governance unused app insights feature helps administrators identify and manage unused Microsoft 365-connected OAuth apps, enforce policy-based governance, and use advanced hunting queries for better security. This feature is now available for most commercial cloud customers. For more information, see Secure apps with app hygiene features.
Microsoft Defender: New Advanced hunting enhancements
Co-author: Jeremy Tan As a security analyst who actively hunts for critical threats, one of the most frustrating things that can happen is hitting a limit mid-query or encounter an experience that doesn’t behave as expected. The resulting friction and time spent troubleshooting or navigating takes valuable focus away from the investigation itself. To address this, we’ve made several enhancements across the experience to ensure investigations can scale seamlessly so analysts can stay focused on finding and stopping threats without interruption. These updates are based on your feedback and our commitment to continually improve the experience for analysts and customers alike. Scaling Investigations with Expanded Limits We’ve made several enhancements across the experience to expand limits and better support large-scale investigations so analysts can query, explore, and act on more data with fewer constraints. Results limitation increase (Preview) We have heard your feedback on the need for larger data sets and are excited to announce that the results limitation in advanced hunting has been raised from 30,000 to 100,000 records. Now, queries returning up to 100,000 results will display all available data. If a query exceeds this threshold, results are truncated as before, but the increase allows for more comprehensive analysis and improved incident response. Records limitation picker (Preview) One common challenge in advanced hunting has been the risk of running queries that return overwhelming result sets, consuming excessive resources and potentially hitting system limits. The new records limitation picker addresses this by allowing you to explicitly set how many rows a query should return, directly from the editor toolbar. Choose from predefined limits: 1,000, 5,000, or 10,000, 30,000 and 100,000 rows. Select the maximum system limit (currently 100,000 records). Define a custom value as needed. The selected limit applies alongside any KQL-defined row limitations, with the lower value always taking precedence. Your choice persists across page refreshes, navigation, and browser restarts. By default, tenants start at the maximum row limit, but you can tailor your selection via page preferences. This enhancement greatly improves performance and prevents unexpected limitations, making hunting safer and more efficient. Partial results on size limit (GA) Previously, queries that exceeded the 64 mb results size limit would fail outright, forcing analysts to modify their queries and rerun them. With the latest update, partial results are now provided when the size limit is reached: Queries return the maximum records that fit within the 64 MB cap. A clear message bar indicates when results are partial due to size constraints. This allows you to act on available data immediately, without repeating query adjustments. This improvement speeds up investigations and provides valuable data even in scenarios where limits are reached. Enhanced UI for Faster, More Intuitive Investigations We’ve made significant enhancements to the user experience delivering a more streamlined interface that helps analysts move through incidents with greater clarity, act with confidence, and spend less time searching and more time responding. Hear from one of our customers: “The recent updates to the Defender Advanced Hunting experience have gone a long way toward decluttering the interface and lowering the barrier for analysts and engineers who were previously more comfortable working exclusively in Microsoft Sentinel in the Azure portal. By simplifying navigation, reducing unnecessary visual noise, and adding pinnable tabs, the XDR portal now feels more familiar. This usability improvement has helped shift long-standing Sentinel users toward the XDR experience without forcing a change in how teams think about their data or workflows.” -Matt McCullogh, Senior SIEM Engineer, Best Buy Query details side pane: enhanced visibility and troubleshooting (GA) Understanding query execution and troubleshooting errors has often required tedious trial and error. The new query execution details side pane surfaces rich, actionable metadata for every query—successful or failed. With this feature, you can: View execution time breakdowns, data sources, scopes, and resource utilization. Examine response characteristics and detailed error information. Navigate tabs such as overview, raw statistics, and errors for comprehensive diagnostics. Access the side pane easily after running a query, or even from error messages in failure scenarios. This transparency makes it far easier to investigate issues and optimize your hunting experience. Improved error-handling for Advanced hunting queries (GA) Advanced hunting now provides improved output messages, including clearer error messages that explain query failures and actionable suggestions for common issues. This update simplifies troubleshooting and helps reduce downtime with complex queries. Simpler Navigation, More Powerful Hunting Alongside these updates, the Advanced hunting UI has received several enhancements focused on usability and streamlined workflows. Users can now easily filter results with a single click, making data exploration more efficient and responsive and enhanced configuration of the schema tree now allows for collapsing or expanding all nodes with ease. Additionally, the page layout has been thoughtfully restructured, organizing components in a more intuitive manner for a modern, cohesive experience that makes advanced hunting both powerful and easy to use. Rename tabs (GA) Another notable usability enhancement is the ability for users to rename their working tabs within advanced hunting. This feature enables users to organize their work sessions more efficiently, allowing for clear identification of ongoing investigations and queries without requiring them to save their work as long-term functions or queries. By simply renaming tabs, users can quickly switch between tasks and keep their workspace well-structured, further improving workflow and productivity. Saving KQL functions to log analytics workspace (GA) In addition to the above enhancements, we are delighted to introduce the ability to save KQL functions directly from the advanced hunting page into your log analytics workspace. To utilize this feature: Pick a folder under shared functions → Sentinel workspace functions. Functions saved in this folder are available for use in workbooks, analytics rules, and for execution in advanced hunting. Note: functions saved here are not available in custom detection rules. This new capability empowers you to build reusable logic and streamline your security workflows across Microsoft Sentinel and advanced hunting. Conclusion These enhancements represent our continued commitment to supporting your security investigations with robust, flexible, and efficient tools. We look forward to your feedback and to bringing even more improvements in the future. Learn more about the new advanced hunting enhancements in our documentation.Security Copilot for SOC: bringing agentic AI to every defender
Cybersecurity has entered an era of relentless complexity. As threat actors increasingly leverage artificial intelligence to automate attacks, evade detection, and scale their tactics, defenders are challenged to keep up. In this new era, security operations centers (SOCs) must transform to not just react, but to anticipate, disrupt, and outpace the next wave of cyberthreats. Microsoft’s goal is to empower every organization to meet this challenge head-on by transforming how security operates. We believe the future of the SOC is more than just agentic: it’s predictive and proactive. This means moving beyond fragmented tools and manual processes, and instead embracing a unified, intelligent approach where AI-driven skills and agents work in concert with human expertise. To bring this vision to life, it’s essential to look at the SOC through the lens of its lifecycle—a dynamic continuum that spans from anticipation and prevention through to recovery and optimization—and to recognize the unique challenges and opportunities within each stage. With Security Copilot’s GenAI and agentic capabilities woven across this lifecycle, Microsoft is delivering an integrated defense platform that enables defenders to move faster, act smarter, and stay ahead of adversaries. Introducing agentic innovation across the SOC lifecycle At Ignite, our agentic innovations are concentrated in three of the five SOC lifecycle pillars, and each one represents a leap forward in how analysts anticipate, detect, triage and investigate threats. Predict and prevent Threat Intelligence Briefing Agent: Introduced in March, this agent has already helped security teams move from reactive to anticipatory defense. At Ignite, we’re announcing that the Threat Intelligence Briefing Agent is now fully embedded in the Microsoft Defender portal, delivering daily, tailored briefings that synthesize Microsoft’s unparalleled global intelligence with organization-specific context in just minutes. Teams no longer need to spend hours gathering TI from disparate sources—the agent automates this process, offering the most current and relevant insights. Analysts can reference the summary to prioritize action, using the agent’s risk assessments, clear recommendations, and links to vulnerable assets to proactively address exposures. Detect and disrupt Dynamic Threat Detection Agent: Detections have long been bottlenecked by the limitations of traditional alerting systems, which rely on predefined logic that can’t scale fast enough to match the speed and variability of modern attacks— resulting in blind spots and missed threats. The Dynamic Threat Detection Agent addresses this challenge head-on. Instead of depending on static rules or isolated input, it continuously analyzes incidents and telemetry, searching for gaps in coverage and correlating signals across the entire security stack. For example, this is how it surfaced a recent AWS attack: a threat actor used an EntraID account to federate into an AWS admin account to exfiltrate sensitive data. The Dynamic Threat Detection Agent generated an alert before the intruder even authenticated into the single sign-on flow, driven by a correlated signal from Sentinel. That alert didn’t exist beforehand; the agent created it on the fly to stop the attack. The result is an adaptive system that extends Microsoft’s industry-leading, research-based detections with context-aware alerts tailored to each organization, closing gaps and revealing threats that legacy systems miss. Triage and investigate Security Alert Triage Agent (previously named Phishing Triage Agent): In March 2025, we introduced the Security Alert Triage Agent, built to autonomously handle user-submitted phishing reports at scale. The agent classifies incoming alerts and resolves false positives, escalating only the malicious cases that require human expertise. At Microsoft Ignite, we’re announcing its general availability, backed by strong early results: the agent identifies 6.5 times more malicious alerts, improves verdict accuracy by 77%, and frees analysts to spend 53% more time investigating real threats. St. Luke’s even said it’s saving their team nearly 200 hours each month. Coming soon, we’ll be extending these autonomous triage capabilities beyond phishing to identity and cloud alerts, bringing the same precision and scale to more SOC workflows. Note: The Phishing Triage Agent has since been expanded and is now called the Security Alert Triage Agent. Learn more at aka.ms/SATA Threat Hunting Agent: this agent reimagines the investigation process. Instead of requiring analysts to master complex query languages or sift through mountains of data, Threat Hunting Agent enables natural language investigations with contextual insight. Analysts can vibe with the agent by asking questions in plain English, receive direct answers, and be guided through comprehensive hunting sessions. It levels up the existing Security Copilot NL2KQL capability by enabling teams to explore patterns, pivot intuitively and uncover hidden signals in real time for a fluid, context-aware experience. This not only accelerates investigations but makes advanced threat hunting accessible to every member of the SOC, regardless of experience level. Agents built into your workflows To make the agents easily accessible and help security teams get started more quickly, we are excited to announce that Security Copilot will be available to all Microsoft 365 E5 customers. Rollout starts today for existing Security Copilot customers with Microsoft 365 E5 and will continue in the upcoming months for all Microsoft 365 E5 customers. Customers will receive 30-day advanced notice before activation. Learn more: https://aka.ms/SCP-Ignite25 Discover more: the Security Store The Security Store, now generally available, is the central hub for discovering, deploying, and managing first-party and third-party security agents. Today, it provides instant access to 20+ agents deployable directly in the Microsoft Defender portal, all within a broader ecosystem of 100+ trusted security solutions. Whether you're investigating incidents, hunting threats, or automating response, the Security Store extends Defender with vetted, scenario-aligned tools that can be set up in minutes. Learn more in this blog. Introducing new GenAI embedded capabilities Security Copilot isn’t just growing through agents—it’s also gaining new embedded capabilities: GenAI skills that help SOC teams work faster, operate at greater scale, and get upleveled directly inside Microsoft Defender. Today, we’re excited to introduce new innovations: Analyst Notes represent a meaningful shift in how investigation work is captured and shared. For organizations that choose to opt into this capability, Copilot automatically reconstructs an analyst’s investigation session—from the moment they open an incident to the moment they close it—and turns that activity into clear, structured notes. The system can even track multiple sessions in parallel and attribute actions to the right incident, and analysts can fully review and edit the generated notes before saving them. This not only saves teams valuable time and effort, it preserves the actual investigation path with far greater accuracy and consistency than manual documentation ever could. The result is a living, cumulative record of how the SOC investigates threats: easier handoffs, stronger auditability, faster onboarding, and a deeper shared understanding of how incidents unfold across multiple SecOps members and phases. Standard Operating Procedures (SOPs) for guided response allows organizations to upload their own internal procedures so Security Copilot can align its recommendations with established guidebooks and compliance requirements. Guided response is one of the ways Copilot helps analysts navigate an incident: it offers one-click actions across triage, containment, investigation and remediation that teams can take immediately. With SOPs uploaded, these recommendations draw directly from organizational workflows and policy standards, ensuring they are contextually relevant and trusted. For defenders, this translates into greater confidence and faster, more consistent decision-making. We’re also eager to share that we’re introducing auto-generated content configuration for Security Copilot’s incident summaries. This new feature allows security admins to decide how and when summaries are produced, choosing between always auto-generating, manual trigger only, or auto-generating based on incident severity. The configuration is managed directly in the Microsoft Defender portal, giving organizations flexibility to fine-tune Copilot’s outputs to their operational needs. Join us at Ignite We invite you to learn more and see these innovations in action at Microsoft Ignite. Don’t miss our featured sessions: Microsoft Defender: Building the agentic SOC with guest Allie Mellen on Wednesday, November 19 th with Allie Mellen, Corina Feuerstein, and Rob Lefferts. Learn more. Empowering the SOC: Security Copilot and the rise of Agentic Defense on Friday, November 21 st with Corina Feuerstein and Cristina da Gama. Learn more. Join us to discover how Microsoft is shaping the future of cybersecurity—making intelligent, agentic defense accessible to every organization.What’s new in Microsoft Defender XDR at Secure 2025
Protecting your organization against cybersecurity threats is more challenging than ever before. As part of our 2025 Microsoft Secure cybersecurity conference announcements, we’re sharing new product features that spotlight our AI-first, end-to-end security innovations designed to help - including autonomous AI agents in the Security Operations Center (SOC), as well as automatic detection and response capabilities. We also share information on how you can expand your protection by bringing data security and collaboration tools closer to the SOC. Read on to learn more about how these capabilities can help your organization stay ahead of today’s advanced threat actors. Expanding AI-Driven Capabilities for Smarter SOC Operations Introducing Microsoft Security Copilot’s Security Alert Triage Agent (previously named Phishing Triage Agent) Today, we are excited to introduce Security Copilot agents, a major step in bringing AI-driven automation to Microsoft Security solutions. As part of this, we’re unveiling our newest innovation in Microsoft Defender: the Security Alert Triage Agent. Acting as a force multiplier for SOC analysts, it streamlines the triage of user-submitted phishing incidents by autonomously identifying and resolving false positives, typically cleaning out over 95% of submissions. This allows teams to focus on the remaining incidents – those that pose the most critical threats. Phishing submissions are among the highest-volume alerts that security teams handle daily, and our data shows that at least 9 in 10 reported emails turn out to be harmless bulk mail or spam. As a result, security teams must sift through hundreds of these incidents weekly, often spending up to 30 minutes per case determining whether it represents a real threat. This manual triage effort not only adds operational strain but also delays the response to actual phishing attacks, potentially impacting protection levels. The Security Alert Triage Agent transforms this process by leveraging advanced LLM-driven analysis to conduct sophisticated assessments –such as examining the semantic content of emails– to autonomously determine whether an incident is a genuine phishing attempt or a false alarm. By intelligently cutting through the noise, the agent alleviates the burden on SOC teams, allowing them to focus on high-priority threats. Figure 1. A phishing incident triaged by the Security Copilot Security Alert Triage Agent To help analysts gain trust in its decision-making, the agent provides natural language explanations for its classifications, along with a visual representation of its reasoning process. This transparency enables security teams to understand why an incident was classified in a certain way, making it easier to validate verdicts. Analysts can also provide feedback in plain language, allowing the agent to learn from these interactions, refine its accuracy, and adapt to the organization’s unique threat landscape. Over time, this continuous feedback loop fine-tunes the agent’s behavior, aligning it more closely with organizational nuances and reducing the need for manual verification. The Security Copilot Security Alert Triage Agent is designed to transform SOC operations with autonomous, AI-driven capabilities. As phishing threats grow increasingly sophisticated and SOC analysts face mounting demands, this agent alleviates the burden of repetitive tasks, allowing teams to shift their focus to proactive security measures that strengthen the organization’s overall defense. Note: The Phishing Triage Agent has since been expanded and is now called the Security Alert Triage Agent. Learn more at aka.ms/SATA Security Copilot Enriched Incident Summaries and Suggested Prompts Security Copilot Incident Summaries in Microsoft Defender now feature key enrichments, including related threat intelligence and asset risk –enhancements driven by customer feedback. Additionally, we are introducing suggested prompts following incident summaries, giving analysts quick access to common follow-up questions for deeper context on devices, users, threat intelligence, and more. This marks a step towards a more interactive experience, moving beyond predefined inputs to a more dynamic, conversational workflow. Read more about Microsoft Security Copilot agent announcements here. New protection across Microsoft Defender XDR workloads To strengthen core protection across Microsoft Defender XDR workloads, we're introducing new capabilities while building upon existing integrations for enhanced protection. This ensures a more comprehensive and seamless defense against evolving threats. Introducing collaboration security for Microsoft Teams Email remains a prevalent entry point for attackers. But the fast adoption of collaboration tools like Microsoft Teams has opened new attack surfaces for cybercriminals. Our advancements within Defender for Office 365 allow organizations to continue to protect users in Microsoft Teams against phishing and other emerging cyberthreats with inline protection against malicious URLs, safe attachments, brand impersonation protection, and more. And to ensure seamless investigation and response at the incident level, everything is centralized across our SOC workflows in the unified security operations platform. Read the announcement here. Introducing Microsoft Purview Data Security Investigations for the SOC Understanding the extent of the data that has been impacted to better prioritize incidents has been a challenge for security teams. As data remains the main target for attackers it’s critical to dismantle silos between security and data security teams to enhance response times. At Microsoft, we’ve made significant investments in bringing SOC and data security teams closer together by integrating Microsoft Defender XDR and Microsoft Purview. We are continuing to build upon the rich set of capabilities and today, we are excited to announce that Microsoft Purview Data Security Investigations (DSI) can be initiated from the incident graph in Defender XDR. Ensuring robust data security within the SOC has always been important, as it helps protect sensitive information from breaches and unauthorized access. Data Security Investigations significantly accelerates the process of analyzing incident related data such as emails, files, and messages. With AI-powered deep content analysis, DSI reveals the key security and sensitive data risks. This integration allows analysts to further analyze the data involved in the incident, learn which data is at risk of compromise, and take action to respond and mitigate the incident faster, to keep the organization’s data protected. Read the announcement here. Figure 2. An incident that shows the ability to launch a data security investigation. OAuth app insights are now available in Exposure Management In recent years, we’ve witnessed a substantial surge in attackers exploiting OAuth applications to gain access to critical data in business applications like Microsoft Teams, SharePoint, and Outlook. To address this threat, Microsoft Defender for Cloud Apps is now integrating OAuth apps and their connections into Microsoft Security Exposure Management, enhancing both attack path and attack surface map experiences. Additionally, we are introducing a unified application inventory to consolidate all app interactions into a single location. This will address the following use cases: Visualize and remediate attack paths that attackers could potentially exploit using high-privilege OAuth apps to access M365 SaaS applications or sensitive Azure resources. Investigate OAuth applications and their connections to the broader ecosystem in Attack Surface Map and Advanced Hunting. Explore OAuth application characteristics and actionable insights to reduce risk from our new unified application inventory. Figure 3. An attack path infused with OAuth app insights Read the latest announcement here AI & TI are critical for effective detection & response To effectively combat emerging threats, AI has become critical in enabling faster detection and response. By combining this with the latest threat analytics, security teams can quickly pinpoint emerging risks and respond in real-time, providing organizations with proactive protection against sophisticated attacks. Disrupt more attacks with automatic attack disruption In this era of multi-stage, multi-domain attacks, the SOC need solutions that enable both speed and scale when responding to threats. That’s where automatic attack disruption comes in—a self-defense capability that dynamically pivots to anticipate and block an attacker’s next move using multi-domain signals, the latest TI, and AI models. We’ve made significant advancements in attack disruption, such as threat intelligence-based disruption announced at Ignite, expansion to OAuth apps, and more. Today, we are thrilled to share our next innovation in attack disruption—the ability to disrupt more attacks through a self-learning architecture that enables much earlier and much broader disruption. At its core, this technology monitors a vast array of signals, ranging from raw telemetry data to alerts and incidents across Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) systems. This extensive range of data sources provides an unparalleled view of your security environment, helping to ensure potential threats do not go unnoticed. What sets this innovation apart is its ability learn from historical events and previously seen attack types to identify and disrupt new attacks. By recognizing similar patterns across data and stitching them together into a contextual sequence, it processes information through machine learning models and enables disruption to stop the attack much earlier in the attack sequence, stopping significantly more attacks in volume and variety. Comprehensive Threat Analytics are now available across all Threat Intelligence reports Organizations can now leverage the full suite of Threat Analytics features (related incidents, impacted assets, endpoints exposure, recommended actions) on all Microsoft Threat Intelligence reports. Previously only available for a limited set of threats, these features are now available for all threats Microsoft has published in Microsoft Defender Threat Intelligence (MDTI), offering comprehensive insights and actionable intelligence to help you ensure your security measures are robust and responsive. Some of these key features include: IOCs with historical hunting: Access IOCs after expiration to investigate past threats and aid in remediation and proactive hunting. MITRE TTPs: Build detections based on threat techniques, going beyond IOCs to block and alert on specific tactics. Targeted Industries: Filter threats by industry, aligning security efforts with sector-specific challenges. We’re proud of our new AI-first innovations that strengthen security protections for our customers and help us further our pledge to customers and our community to prioritize cyber safety above all else. Learn more about the innovations designed to help your organization protect data, defend against cyber threats, and stay compliant. Join Microsoft leaders online at Microsoft Secure on April 9. We hope you’ll also join us in San Francisco from April 27th-May 1 st 2025 at the RSA Conference 2025 to learn more. At the conference, we’ll share live, hands-on demos and theatre sessions all week at the Microsoft booth at Moscone Center. Secure your spot today.Microsoft 365 E5 Security is now available as an add-on to Microsoft 365 Business Premium
The threat landscape continues to evolve creating ongoing challenges for small and medium businesses (SMBs) that are faced with increased regulations and cyberinsurance requirements. Today, Microsoft 365 Business Premium delivers core security solutions to SMBs that help safeguard data, defend against cyberthreats, and manage access and devices. With the growing volume of attacks and increased sophistication of threats, there are SMBs that want enhanced cybersecurity protection for their business. We are pleased to announce that Business Premium customers are now able to purchase Microsoft 365 E5 Security as an add-on to further enhance their security. E5 Security brings new security value on top of Business Premium with Microsoft Entra ID Plan 2, Microsoft Defender for Identity, Microsoft Defender for Endpoint Plan 2, Microsoft Defender for Office 365 Plan 2, and Microsoft Defender for Cloud Apps. (ENHANCED) Identity and access controls Business Premium includes Microsoft Entra ID P1, which provides single sign-on, multi-factor authentication (MFA), and conditional access to help SMBs manage user identities and enable access to applications and resources from trusted users, devices, and locations. Microsoft Entra ID P2 offers advanced security and governance features including Microsoft Entra ID Protection and Microsoft Entra ID Governance. Microsoft Entra ID protection offers risk-based conditional access that helps block identity attacks in real time using behavioral analytics and signals from both user risk and sign-in risk. It also enables SMBs to detect, investigate, and remediate potential identity-based risks using sophisticated machine learning and anomaly detection capabilities. With detailed reports and alerts, your business is notified of suspicious user activities and sign-in attempts, including scenarios like a password-spray where attackers try to gain unauthorized access to company employee accounts by trying a small number of commonly used passwords across many different accounts. ID Governance capabilities are also included to help automate workflows and processes that give users access to resources. For example, IT admins historically manage the onboarding process manually and generate repetitive user access requests for Managers to review which is time consuming and inefficient. With ID Governance capabilities, pre-configured workflows facilitate the automation of employee onboarding, user access, and lifecycle management throughout their employment, streamlining the process and reducing onboarding time. (NEW) Extended Detection and Response (XDR) Microsoft Defender XDR delivers a unified and efficient approach to incident-level visibility across the attack lifecycle. Together XDR and exposure management (XSPM) consolidate multiple siloed security solutions to provide best-of-breed capabilities across identities, endpoints, apps, and email. (NEW) Identity threat detection and response (ITDR) Identities are one of the most common attack vectors making identity-specific threat detection and response a critical element to secure your business. Microsoft Defender for Identity includes dedicated sensors and connectors for common identity elements that offer visibility into your unique identity landscape and provide detailed posture recommendations, robust detections and response actions. These powerful detections are then automatically enriched and correlated with data from other domains across Defender XDR for true incident-level visibility. (ENHANCED) Device security Microsoft Defender for Business (MDB) already brings enterprise-grade device protection capabilities to Business Premium customers across Windows, MacOS, iOS, and Android devices. It includes vulnerability management, next-generation antivirus protection, AI-powered endpoint detection and response with automatic attack disruption, and automated investigation and remediation. With streaming APIs, customers and partners can build Managed Detection and Response (MDR) services with Defender for Business. For customers who need advanced hunting, Microsoft Defender for Endpoint P2 adds advanced hunting, and 6 months of data retention on the device, along with endpoint security for IoT devices. (ENHANCED) Email and Collaboration security Microsoft Defender for Office 365 P1 in Business Premium includes SafeLinks with time of click URL filtering, safe attachments with real-time attachment scanning in sandbox, and phishing and malware defense across email, Microsoft Teams, OneDrive and SharePoint. It also has AI-powered LLM-based threat protection with 99.995% attacker intent detection accuracy. With Defender for Office 365 P2, you gain access to cyber-attack simulation training, which provides SMBs with a safe and controlled environment to simulate real-world cyber-attacks, helping to train employees in recognizing phishing attempts. Additionally automated response capabilities and post-breach investigations help reduce the time and resources required to identify and remediate potential security breaches. Detailed reports are also available that capture information on employees’ URL clicks, internal and external email distribution, and more. (NEW) Software-as-a-service (SaaS) security Microsoft Defender for Cloud Apps is a comprehensive, AI-powered software-as-a-service (SaaS) security solution that enables IT teams to identify and manage shadow IT and ensure that only approved applications are used. It protects against sophisticated SaaS-based attacks, OAuth attacks, and risky interactions with GenAI apps by combing SaaS app discovery, security posture management, app-to-app protection, and integrated threat protection. IT teams can gain full visibility into their SaaS app landscape, understand the risks and set up controls to manage the apps. SaaS security posture management quickly identifies app misconfigurations and provides remediation actions to reduce the attack surface. E5 Security delivers added protection to meet the growing needs of SMBs in a package that is cost-effective. Purchasing E5 Security has 57% savings when compared to the cost of separately purchasing the individual products that are included. FAQ When will E5 Security be available for purchase? E5 Security is available for purchase as an add-on to Business Premium starting today, 3/6. How can I purchase E5 Security? You can purchase E5 Security as an add-on to Business Premium through Microsoft Security for SMBs website or through your Partner. Does Microsoft 365 Business Premium plus Microsoft 365 E5 Security allow mixed licensing for endpoint security solutions? Microsoft Defender for Business does not support mixed licensing so a tenant with Defender for Business (included in Microsoft 365 Business Premium) along with Defender for Endpoint Plan 2 (included in Microsoft 365 Security) will default to Defender for Business. For example, if you have 80 users licensed for Microsoft 365 Business Premium and you’ve added Microsoft 365 E5 Security for 30 of those users, the experience for all users will default to Defender for Business. If you would like to change that to the Defender for Endpoint Plan 2 experience, you should license all users for Defender for Endpoint Plan 2 (either through standalone or Microsoft 365 E5 Security) and then contact Microsoft Support to request the switch for your tenant. You can learn more here. What are the differences between Microsoft Defender for Business and Microsoft Defender for Endpoint P2? MDB includes many of the same features as MDE P2, including enterprise-grade device protection for Windows, MacOS, iOS, and Android devices, vulnerability management, next-generation antivirus protection, AI-powered endpoint detection and response with automatic attack disruption, and automated investigation and remediation. MDE P2 adds endpoint security for IoT devices, threat hunting, and 6 months of data retention on the device. A detailed comparison is available here. As a Partner, how do I build Managed Detection and Response (MDR) services with MDB? For partners or customers looking to build their own security operations center (SOC) with MDR, Defender for Business supports the streaming of device events (device file, registry, network, logon events and more) to Azure Event Hub, Azure Storage, and Microsoft Sentinel to support advanced hunting and attack detection. If you are using the streaming API for the first time, you can find step-by-step instructions in the Microsoft 365 Streaming API Guide on configuring the Microsoft 365 Streaming API to stream events to your Azure Event Hubs or to your Azure Storage Account. To learn more about Microsoft Security solutions for SMBs you can visit our website. Partners can access training resources, customer decks and deployment checklists from our Business Premium Partner Playbook and find additional resources for Microsoft Security for Partners.
Defending Container Runtime from Malware with Microsoft Defender for Containers
In cloud-native environments, malware protection is no longer traditional antivirus — it is runtime workload security, ensuring containerized applications remain safe throughout their lifecycle. Many organizations focus on scanning container images before deployment. While image scanning is important, this does not stop runtime attacks. Image scanning protects before deployment, but malware detection protects during execution. Malware can enter cloud environments through container images, compromised CI/CD pipelines, exposed services, or misuse of legitimate administrative tools, making runtime malware detection an essential security control rather than an optional enhancement. Runtime Malware detection and Prevention acts as the last line of defence when preventive controls fail. If malware executes successfully inside a container, it may attempt Privilege escalation, Container escape and Host compromise. Antimalware in Defender for Containers Defender for Containers antimalware, powered by Microsoft Defender Antivirus cloud protection, near-real-time malware detection directly into container environments. The antimalware feature is available via Helm with sensor version 0.10.2 for AKS, GKE, and EKS. Defender for Containers Sensor Defender for Containers Antimalware provides: Runtime monitoring of container activity Malware detection on Container Workloads Malware detection for Kubernetes nodes Alerts integrated into Defender XDR Anti-malware detection and blocking - Microsoft Defender for Cloud | Microsoft Learn Container antimalware protection in Defender for Containers is powered by three main components: 1) Defender Sensor - version 0.10.2 installed via Helm or arc-extension The Defender sensor runs inside the Kubernetes cluster and monitors workload activity in real time. It provides: Runtime visibility into container processes Binary execution monitoring Behavioral inspection Alert and Block Malware execution Multicloud Support (Azure Kubernetes Service, AWS EKS, GCP GKE) Prerequisites: Ensure the following components of the Defender for containers plan are enabled: Defender sensor Security findings Registry access Kubernetes API access To Install Defender Sensor for Antimalware, ensure there are sufficient resources on your Kubernetes Cluster and outbound connectivity. In addition to the core sensor memory and CPU requirements, you need: Component Request Limit CPU 50m 300m Memory 128Mi 500Mi All sensor components use outbound-only connectivity (no inbound access required). To install Defender for Containers sensor follow the guidance here To Verify the sensor deployed successfully on all nodes, use the commands as screenshot below: You should see the collectors pods in Running state with 3/3 containers. 2) Antimalware Policy Engine Policies define what happens when malware is detected: Alert only Block execution Ignore (allowlisted cases) Policies can be scoped to Azure subscriptions, AWS Accounts and GCP Projects and also to Specific clusters, Namespaces, Pods, Images, Labels or workloads. This allows organizations to reduce false positives while enforcing strict security where needed. Host vs Workload Protection — How Sensor Covers Both Antimalware Rules can be applied to Resource scopes: Scope What Is Protected Workload (Container) Processes inside containers Host (Node) Kubernetes node OS and runtime Default rules include: Default antimalware workload rule Default antimalware host rule This matters because attackers often escape containers and target kubelet, container runtime, and node filesystem. Blocking malware at both workload and host layers prevents cluster takeover. To configure the Antimalware policy follow the guidance here To verify the antimalware policy is deployed to the cluster, login to your K8s cluster and use the commands as screenshot below: 3) Cloud Protection (Microsoft Defender Antivirus Cloud) Defender for Containers Sensor integrates with Microsoft Defender Antivirus cloud protection, which provides Global threat intelligence, Machine learning classification, Reputation scoring, Zero-day detection. When suspicious binaries appear, cloud analysis determines whether they should be allowed or blocked. To test Malware detection and blocking, upload an EICAR file to a running Container on your cluster. If policy action = Block Malware, the sensor performs enforcement. Blocking actions include, Killing malicious process and Generates Defender for Cloud alert as below: The malware is detected and execution is blocked. Defender for Cloud Alerts are also available in Defender XDR portal. Security Operations teams can further investigate the infected file by navigating to the Incidents and Alerts section in the Defender portal. When a container or pod is determined to be compromised, Defender XDR enables Security Operations Team to take response actions. For more details : Investigate and respond to container threats in the Microsoft Defender portal Binary Drift Detection and Prevention : Containers are expected to be immutable. Running containers should only execute binaries that came from the original container image. This is extremely important because most container attacks involve Curl/wget downloading malware, Crypto miners dropped post-compromise, Attack tools installed dynamically. For more details refer Binary drift detection and blocking Defender detects runtime drift, such as New binaries downloaded after deployment Files written into container filesystem Tools installed via reverse shell Payloads dropped by attackers To Configure drift detection and prevention policy follow the guidance here . When a drift is detected on a container workload, Defender for Container sensor detects drift and prevents it from being drifted. To test drift prevention, deploy a container and introduce a drift in the running container. The drift will be detected by the sensor and prevents drift, and alert is generated as shown in the screenshot below: References: Anti-malware detection and blocking Install Defender for Containers sensor using Helm Binary drift detection and blocking Investigate and respond to container threats in the Microsoft Defender portal Reviewed by: Eyal Gur, Principal Product Manager, Microsoft Defender for Cloud
