cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Microsoft 365 Defender Blog
Options
1,288

Microsoft 365 Defender Streaming API: Identity and CloudApp Events in General Availability

Michael Shalev on May 18 2022 12:27 AM
Have you ever wanted to run automated jobs, enrichment, or custom analytics over login, authentication, reconnaissance, ...
1,282

Introducing predefined policies in app governance

Anand Menon on May 13 2022 05:24 PM
New predefined policies on app governance empower admins to find risky apps quickly without having to manually define co...
4,673

Detecting and Remediating Impossible Travel

assafyatziv on May 12 2022 09:31 AM
Behind the scenes of the new impossible travel detection improvements – Microsoft Defender for Cloud Apps
4,962

What’s new: Unified Microsoft SIEM & XDR GitHub community

Tali Ash on Mar 09 2022 09:48 AM
We are announcing our new unified GitHub community for Microsoft SIEM and XDR, enabling SOC teams to centrally discover ...
2,561

New and improved incident queue

Idan_Pelleg on Mar 06 2022 01:07 AM
With the new incident queue, you can find incidents with specific names, IDs, or assets, and you can also specify a cust...
4,376

Reduce time to response with classification

Oren_Saban on Feb 22 2022 01:51 PM
The new classification experience provides insights on similar alerts observed in the past, and tailored recommendations...
2,041

The new, fully supported, Splunk Add-on for Microsoft Security is available

Michael Shalev on Feb 17 2022 10:17 AM
Download the Splunk-supported Add-on for Microsoft Security to ingest Microsoft 365 Defender Incidents or Microsoft Defe...
3,433

CloudAppEvents in advanced hunting now includes non-Microsoft apps and new data columns

assafyatziv on Dec 15 2021 03:15 AM
We're excited to share that all activities monitored by Microsoft Defender for Cloud Apps are covered in advanced huntin...
2,907

Protect printers, cameras and the rest of your IoT devices with Microsoft 365 Defender

Chris Hallum on Dec 07 2021 10:57 AM
Microsoft Defender for IoT is part of the Microsoft SIEM and XDR offering. Click to learn more and try the preview today...
7,052

Announcing the new advanced hunting page and link to incident feature

Tali Ash on Nov 02 2021 01:13 PM
The Microsoft 365 Defender team is thrilled to share that we have made several enhancements to the advanced hunting expe...
2,839

Assign incidents and alerts to someone else

Idan_Pelleg on Oct 03 2021 07:29 AM
To control and manage incidents and alerts in the organization, sometimes you would need to assign them to a specific an...
12.3K

New Incident Graph view in Microsoft 365 Defender

Idan_Pelleg on Sep 02 2021 08:22 AM
The new incident graph view in Microsoft 365 Defender allows you to view the full story of an attack.
4,731

Advanced Hunting: Surfacing more email data from Microsoft Defender for Office 365

VipulPandey on Aug 24 2021 05:33 AM
We’re happy to share new enhancements to the advanced hunting data for Microsoft Defender for Office 365 in Microsoft 36...
12.8K

Microsoft 365 Defender Ninja August 2021 special edition!

Heike Ritter on Aug 13 2021 10:05 AM
Are you enjoying the summer or winter – wherever you are in the world, and want to keep up to date with the latest and g...
4,865

Microsoft 365 Defender Ninja Training: August 2021 update

Heike Ritter on Aug 04 2021 11:33 AM
Get an update about the latest additions we made to the Microsoft 365 Defender Ninja training.
4,415

Take your security to the next level with professional security services

Aviv_Eldan on Jul 08 2021 09:18 AM
We’re excited to announce a new professional services catalog now available in Microsoft 365 Defender.
2,958

New webinar series: Monthly threat insights

Heike Ritter on Jun 15 2021 10:37 AM
We’re happy to announce a new monthly webinar series called “monthly threat insights”. On the third Wednesday of each mo...
8,364

Announcing Microsoft 365 Defender Streaming API Public Preview

Michael Shalev on Jun 02 2021 06:53 PM
Have you ever wondered how to export security events from Microsoft 365 Defender to your Analytics, SIEM, or SOAR system...
3,841

New alert page for Microsoft 365 Defender incident detections!

Idan_Pelleg on May 19 2021 03:43 AM
Microsoft 365 Defender automatically expands incidents to tell the full story of an attack. It does this by leveraging t...
4,543

Microsoft Defender for Identity native alert page in Microsoft 365 Defender

Daniel Naim on May 13 2021 08:00 AM
We are excited to announce that starting today, Microsoft Defender for Identity alerts are natively integrated into Micr...
5,905

Microsoft Cloud App Security: The Hunt for Insider Risk

erin_boris on May 11 2021 10:37 PM
If you haven’t read the first post by Sebastien Molendijk, head over to Microsoft Cloud App Security: The hunt in a mult...
3,232

Easily find anomalies in incidents and alerts

Idan_Pelleg on May 09 2021 11:54 PM
Microsoft 365 security Home page and Incidents page now include a trend graph of all the incidents and alerts over the l...
7,817

Blog Series: Limitless Advanced Hunting with Azure Data Explorer (ADX)

Jeff_Chin on May 06 2021 11:53 AM
Leverage the power of Azure Data Explorer (ADX) to extend your Microsoft 365 Defender (XDR) / Microsoft Defender For End...
3,344

Best practices for leveraging Microsoft 365 Defender API's - Episode Three

msftdario on Apr 26 2021 09:15 AM
In this episode we will demonstrate use cases detailing how to access the API data and use this information in other pro...
13.9K

Unified experiences across endpoint and email are now generally available in Microsoft 365 Defender

Amir_Lande on Apr 19 2021 09:51 AM
We’re excited to announce that we have reached a new milestone in our XDR journey: the integration of our endpoint and e...
8,350

Launching threat analytics for Microsoft 365 Defender

Dana_Bargury on Mar 24 2021 08:48 AM
Empower your SecOps team with a threat intelligence solution that gives actionable reports on the latest threats relativ...
4,073

Azure Sentinel and Microsoft 365 Defender incident integration

Idan_Pelleg on Mar 14 2021 03:20 AM
Harness the breadth and depth of integrated SIEM and XDR with new Microsoft 365 Defender integration and Sentinel
5,590

Best practices for leveraging Microsoft 365 Defender API's - Episode Two

msftdario on Mar 10 2021 02:04 AM
In this episode we will demonstrate use cases detailing how to access the API data and use this information in other pro...
7,958

Microsoft Cloud App Security: The Hunt in a multi-stage incident

Sebastien Molendijk on Mar 09 2021 12:55 AM
Welcome to our first post in the “Microsoft Cloud App Security: The Hunt” blog series! Using Microsoft 365 Defender, our...

Latest Comments

PeterJ_Inobits
in Using gMSA account in Microsoft Defender for Identity in multi-domain forests. on May 02 2022 11:11 AM
What is the situation with respect to multi forest environments. Am I correct in assuming I would need a GMSA per forest even if there are bidirectional forest trusts in place?
0 Likes
kraken85
in Blog Series: Limitless Advanced Hunting with Azure Data Explorer (ADX) on Apr 17 2022 07:34 PM
is there any third party integration that allow us to create alerting based a schedule custom hunting queries against Azure Data Explorer's data?
0 Likes
BenRoberts
in Become a Microsoft 365 Defender Ninja on Mar 26 2022 09:14 PM
I think the first question in the Intermediate Knowledge check needs updating? https://docs.microsoft.com/en-us/microsoft-365/security/defender/incident-queue?view=o365-worldwide#specify-a-time-range "The default list of incidents is for those that occurred in the lastSpoiler (Highlight to read)six ...
1 Likes
martinrojahn
in Unified experiences across endpoint and email are now generally available in Microsoft 365 Defender on Mar 10 2022 06:18 AM
Hi @Amir_LandeAny update on making the new Microsoft 365 Defender portal working for multitenancy? This is a breaking change for CSPs & MSSPs.
0 Likes
liatlishaa
in Reduce time to response with classification on Feb 27 2022 04:40 AM
@markscottuk Hi, We are going to add a customization capability for our closing reasons in the following months (and statuses). As part of this capability, you will be able to define any set of classification reasons for your workspaces. The ASC-Sentinel sync is and will still be in the classificati...
0 Likes