Enterprise Mobility and Security Blog

EMS_Cloud_5

Active Directory Access Control List – Attacks and Defense

Recently there has been a lot of attention and a few different blog posts (references at the end of the post) regarding the use of Discretionary Access Control List (DACL) for privilege escalation in a Domain environment. This potential attack vector involves the creation of an escalation path based in AD object permissions (DACLs). For...

Continue reading

ems_industry-scenario-2

How Microsoft EMS can support you in your journey to EU GDPR compliance – Part 6

The General Data Protection Regulation (GDPR) strengthens the right of individuals in the European Union (EU) to control their personal data and requires organizations to bolster their privacy and data protection measures. Enterprise Mobility + Security (EMS) technologies may help you meet these new requirements. In the whitepaper “Beginning Your GDPR Journey,” we introduced five...

Continue reading

EMS_STB13_Ken_01

Introducing Microsoft Advanced Threat Analytics v1.8!

We are pleased to announce the general availability of Microsoft Advanced Threat Analytics (ATA) v1.8. This is a key release for our customers with several new features and improvements. Cyberattacks continue to get more sophisticated, and so in turn, we must continue to tune our products and detections. As a leading solution in the user...

Continue reading

Ransomware detection with Microsoft Advanced Threat Analytics and Cloud App Security

The rise of ransomware and its media presence in recent months has highlighted, perhaps now more than ever, the importance of robust security systems to detect and respond to devious and evolving threats. We know extortion via ransomware is an effective scare tactic – after all, victims can be of both consumer and commercial variants...

Continue reading

ems_business-scenario-insights-1

Automate Advanced Threat Analytics Lightweight Gateway deployment with Powershell

Guest post by Cathy Smith, Senior Consultant, Cybersecurity Group. This blog discusses an open-source project that Cathy leads that automates ATA Lightweight deployment with Powershell. We are happy to share this project and encourage the ATA ecosystem to contribute here! Advanced Threat Analytics (ATA) Version 1.6 introduced a new deployment option, the ATA Lightweight Gateway,...

Continue reading

ems-hybrid-cloud_webinars_square

How to simulate and detect attacks with the Advanced Threat Analytics Playbook

One of the biggest pieces of feedback the Advanced Threat Analytics (ATA) team has received is a request for a clear, easy way to simulate attacks and see how ATA detects them. So that’s exactly what we did. We’ve written a playbook that contains: A step-by-step guide to simulating different techniques used in real-world advanced attack...

Continue reading

EMS_Security1

Ransomware lateral movement, and how Microsoft Advanced Threat Analytics can help

This post is authored by Arbel Zinger, Program Manager, Advanced Threat Analytics Product Team Companies across the globe were affected by an increased amount of ransomware attacks that caused an estimated damage of $1 billion. Ransomware attacks are becoming more powerful and crafty to force victims to pay their ransoms. Ransomware is now looking for...

Continue reading

Cybersecurity attackers toolkit – what you need to know

Cybersecurity attackers toolkit – what you need to know

Cyber attackers have many tools available to them to infiltrate an enterprise network, find that sensitive piece of data they’re looking for, and exfiltrate it from your enterprise. In conversations with customers, I’ve found that some are familiar with these tools; however, many aren’t, or they are not fully aware of how powerful these tools...

Continue reading

Mechanics_icon

Introducing Microsoft Advanced Threat Analytics for your Datacenter

This post was authored by Michael Dubinsky, Senior Program Manager, Microsoft Advanced Threat Analytics. On today’s episode of Microsoft Mechanics we take a look at how Microsoft Advanced Threat Analytics (ATA) detects advanced attacks and insider threats in your environment. My name is Michael Dubinsky, and I lead the product team for Microsoft ATA. In...

Continue reading