Note This post is part of a series about Microsoft Threat Protection. You can find part 1 about unified hunting here: https://chrisonsecurity.net/2019/12/15/microsoft-threat-protection-unified-hunting/ In my last post about Microsoft Threat Protection (MTP) I talked about unified hunting where you can use data signals from Defender ATP, Office ATP, and (coming soon) MCAS / Azure ATP to…
Tag: Microsoft 365 Security
Microsoft Threat Protection – unified hunting
Note This post is part of a series about Microsoft Threat Protection. You can find part 2 about unified incident management here: https://chrisonsecurity.net/2020/01/24/microsoft-threat-protection-unified-incidents/ When you work on security incidents, information is key. What is just as important: correlation. The value of data heavily increases if it can be associated with other signals. At Ignite 2018,…