Office 365 Threat Intelligence Actionable insights to global
Office 365 Threat Intelligence Actionable insights to global attack trends
What is threat intelligence? Mail “Gartner defines threat intelligence as "Threat intelligence is evidencebased knowledge (e. g. , context, mechanisms, indicators, implications and action-oriented advice) about existing or emerging menaces or hazards to assets. " – Gartner , How to Collect, Refine, Utilize and Create Threat Intelligence, 03 October 2016 Metadata Malware Machine infections TI Sources Phish Geo. IP Spoof Threat indicators Information Activity DLP hits Audit activities Click trace Insight/Analysis
Remediation is costly
A hacker’s advantage is preparation & knowledge Who to target in attacks… What type of attack to launch… When to launch an attack… Hackers How often to attack… Who is attacking them… What type of attacks are happening… Analysts When attackers strike… How often to attacks occur…
Knowledge is built on visibility Attack type Time of attack Breach origination Who is the target? Frequency of attack Breach perpetrator
Visibility enables preparation Strategy & Best Practices Security Implementation
Office 365 threat intelligence built on Microsoft Security Graph Locky Ch an Re ad Malware ge d ge na Ma Read Linda r Finance Important Infected Gopi Edite d rde wa d Sensitive ce Re Read r Fo d Targeted Phish Infected Credit cards
Office 365 Threat Intelligence
Threat Intelligence Proactively detect advanced attacks before they reach your organization. Gain insights drawn from Microsoft’s broad global presence. Systematically protect your organization with dynamic policies. Respond to changing malware threats in real time. Get an integrated view of security through an intuitive interface.
© 2015 Microsoft Corporation. All rights reserved.
- Slides: 10