cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Microsoft 365 Defender Blog
Options
2,047

Monthly news - September 2022

Heike Ritter on Oct 03 2022 12:45 PM
Microsoft 365 Defender Monthly news September 2022 This is our monthly "What's new" blog post, summarizing product updat...
1,965

Discover XDR integrations and services in the New Microsoft 365 Defender Partner Catalog

Simaya_Ouli on Sep 22 2022 06:40 AM
The new Microsoft 365 Defender Partner Catalog enables you to easily discover technology and services partners that work...
3,965

Top Threat Protection use cases in Microsoft Defender for Cloud Apps

assafyatziv on Sep 22 2022 06:39 AM
The combined power of Microsoft Defender for Cloud Apps and Microsoft 365 Defender provides unique threat protection cap...
3,132

Monthly news - August 2022

Heike Ritter on Sep 01 2022 10:13 AM
Microsoft 365 Defender Monthly news August 2022 This is our monthly "What's new" blog post, summarizing product updates ...
10.3K

Hunt in Microsoft 365 Defender without KQL!

Tali Ash on Aug 24 2022 06:15 AM
To reduce the learning curve for hunting and enable all analysts to hunt easily, we are excited to announce that a Guide...
6,518

Hunt for compromised Azure subscriptions using Microsoft Defender for Cloud Apps

doredry on Aug 24 2022 06:00 AM
In our present threat landscape, attackers are constantly trying to compromise organizations, each with their own set of...
6,482

The new Microsoft 365 Defender APIs in Microsoft Graph are now available in public preview!

Naama Schlesinger on Aug 18 2022 11:24 AM
Public Preview: Microsoft 365 Defender APIs in MS Graph: Incidents, Alerts, and Hunting
5,171

Protect sensitive SharePoint sites with Defender for Cloud Apps

Keith_Fleming on Aug 08 2022 06:00 AM
Over the last couple of years, customers have continued to migrate their on-premises resources to the cloud. The ongoing...
5,875

Monthly news - July 2022

Heike Ritter on Aug 01 2022 09:13 AM
Microsoft 365 Defender Monthly news July 2022 This is our monthly "What's new" blog post, summarizing product updates an...
9,348

Monthly news - June 2022

Heike Ritter on Jul 01 2022 08:21 AM
Microsoft 365 Defender Monthly news June 2022 We are excited to publish our first "What's new" blog post, a new monthly ...
4,878

Microsoft Defender for Cloud Apps experiences are now part of Microsoft 365 Defender

Yulia_Zhurbinsky on Jun 23 2022 01:31 PM
Microsoft Defender for Cloud Apps SecOps experiences are now part of Microsoft 365 Defender in public preview.
5,021

New URL & domain pages in Microsoft 365 Defender

Oren_Saban on Jun 20 2022 08:12 AM
Want to easily investigate, take actions and pivot on URLs and domains? The new URL & domain pages will make it easier t...
2,531

The power of incidents in Microsoft 365 Defender

Idan_Pelleg on Jun 16 2022 05:46 AM
Incidents in Microsoft 365 Defender are powerful tools allowing SecOps to triage, investigate and response to cyber-atta...
2,707

Microsoft 365 Defender Streaming API: Identity and CloudApp Events in General Availability

Michael Shalev on May 18 2022 12:27 AM
Have you ever wanted to run automated jobs, enrichment, or custom analytics over login, authentication, reconnaissance, ...
2,213

Introducing predefined policies in app governance

Anand Menon on May 13 2022 05:24 PM
New predefined policies on app governance empower admins to find risky apps quickly without having to manually define co...
13.4K

Detecting and Remediating Impossible Travel

assafyatziv on May 12 2022 09:31 AM
Behind the scenes of the new impossible travel detection improvements – Microsoft Defender for Cloud Apps
5,843

What’s new: Unified Microsoft SIEM & XDR GitHub community

Tali Ash on Mar 09 2022 09:48 AM
We are announcing our new unified GitHub community for Microsoft SIEM and XDR, enabling SOC teams to centrally discover ...
3,166

New and improved incident queue

Idan_Pelleg on Mar 06 2022 01:07 AM
With the new incident queue, you can find incidents with specific names, IDs, or assets, and you can also specify a cust...
5,723

Reduce time to response with classification

Oren_Saban on Feb 22 2022 01:51 PM
The new classification experience provides insights on similar alerts observed in the past, and tailored recommendations...
3,479

The new, fully supported, Splunk Add-on for Microsoft Security is available

Michael Shalev on Feb 17 2022 10:17 AM
Download the Splunk-supported Add-on for Microsoft Security to ingest Microsoft 365 Defender Incidents or Microsoft Defe...
4,425

CloudAppEvents in advanced hunting now includes non-Microsoft apps and new data columns

assafyatziv on Dec 15 2021 03:15 AM
We're excited to share that all activities monitored by Microsoft Defender for Cloud Apps are covered in advanced huntin...
3,818

Protect printers, cameras and the rest of your IoT devices with Microsoft 365 Defender

Chris Hallum on Dec 07 2021 10:57 AM
Microsoft Defender for IoT is part of the Microsoft SIEM and XDR offering. Click to learn more and try the preview today...
7,697

Announcing the new advanced hunting page and link to incident feature

Tali Ash on Nov 02 2021 01:13 PM
The Microsoft 365 Defender team is thrilled to share that we have made several enhancements to the advanced hunting expe...
3,459

Assign incidents and alerts to someone else

Idan_Pelleg on Oct 03 2021 07:29 AM
To control and manage incidents and alerts in the organization, sometimes you would need to assign them to a specific an...
13.3K

New Incident Graph view in Microsoft 365 Defender

Idan_Pelleg on Sep 02 2021 08:22 AM
The new incident graph view in Microsoft 365 Defender allows you to view the full story of an attack.
5,553

Advanced Hunting: Surfacing more email data from Microsoft Defender for Office 365

VipulPandey on Aug 24 2021 05:33 AM
We’re happy to share new enhancements to the advanced hunting data for Microsoft Defender for Office 365 in Microsoft 36...
13.5K

Microsoft 365 Defender Ninja August 2021 special edition!

Heike Ritter on Aug 13 2021 10:05 AM
Are you enjoying the summer or winter – wherever you are in the world, and want to keep up to date with the latest and g...
5,744

Microsoft 365 Defender Ninja Training: August 2021 update

Heike Ritter on Aug 04 2021 11:33 AM
Get an update about the latest additions we made to the Microsoft 365 Defender Ninja training.
5,143

Take your security to the next level with professional security services

Aviv_Eldan on Jul 08 2021 09:18 AM
We’re excited to announce a new professional services catalog now available in Microsoft 365 Defender.

Latest Comments

Anilrtds
in What’s new: Unified Microsoft SIEM & XDR GitHub community on Sep 30 2022 03:41 AM
Security experts at ACE Managed Security are thrilled at the announcement of the unified threat intelligence community. With new threats emerging at any given moment, being a part of a community of threat hunters will benefit from SIEM analysts and threat responders immensely. ACE Managed SIEM, one ...
0 Likes
ceemon
in The new Microsoft 365 Defender APIs in Microsoft Graph are now available in public preview! on Sep 15 2022 09:00 AM
Do you happen to know if this will be able to delineate MDE alerts which have had suppression applied or if excludes them altogether? The old v1 Alerts Graph excluded them but the new Streaming API does not which forced us to stay with SIEM API because of the APIs inability to do this. Roadmap wise,...
0 Likes
MOD-A830
in Protect sensitive SharePoint sites with Defender for Cloud Apps on Sep 14 2022 04:12 AM
Hello @Keith_Fleming , thank you. Currently, I do not have a requirement for this. I just thought about it, because it might become a requirement to have multiple session policies targeting the same group.
0 Likes
Keith_Fleming
in Protect sensitive SharePoint sites with Defender for Cloud Apps on Sep 09 2022 09:28 AM
Hi @MOD-A830, The scoping for the label occurs in the CA policy in this case with the use of authentication context. If you do have multiple policies scoped to SharePoint that overlap with multiple groups its possible you might seem some unexpected behavior. Currently the Defender for Cloud Apps pol...
0 Likes
MOD-A830
in Protect sensitive SharePoint sites with Defender for Cloud Apps on Sep 09 2022 02:24 AM
Can this policy (in Defender for Cloud Apps) conflict with any other policies that are filtered to SharePoint Online as app? For example, if I want to block file download for sensitive data from SharePoint for a specific group, then I would scope my CA policy to this group and add a filter in Defend...
0 Likes