Office 365 Threat Intelligence Actionable insights to global

Office 365 Threat Intelligence Actionable insights to global attack trends

What is threat intelligence? Mail “Gartner defines threat intelligence as "Threat intelligence is evidencebased knowledge (e. g. , context, mechanisms, indicators, implications and action-oriented advice) about existing or emerging menaces or hazards to assets. " – Gartner , How to Collect, Refine, Utilize and Create Threat Intelligence, 03 October 2016 Metadata Malware Machine infections TI Sources Phish Geo. IP Spoof Threat indicators Information Activity DLP hits Audit activities Click trace Insight/Analysis

Remediation is costly

A hacker’s advantage is preparation & knowledge Who to target in attacks… What type of attack to launch… When to launch an attack… Hackers How often to attack… Who is attacking them… What type of attacks are happening… Analysts When attackers strike… How often to attacks occur…

Knowledge is built on visibility Attack type Time of attack Breach origination Who is the target? Frequency of attack Breach perpetrator

Visibility enables preparation Strategy & Best Practices Security Implementation

Office 365 threat intelligence built on Microsoft Security Graph Locky Ch an Re ad Malware ge d ge na Ma Read Linda r Finance Important Infected Gopi Edite d rde wa d Sensitive ce Re Read r Fo d Targeted Phish Infected Credit cards

Office 365 Threat Intelligence

Threat Intelligence Proactively detect advanced attacks before they reach your organization. Gain insights drawn from Microsoft’s broad global presence. Systematically protect your organization with dynamic policies. Respond to changing malware threats in real time. Get an integrated view of security through an intuitive interface.