{"id":126992,"date":"2022-08-04T20:58:40","date_gmt":"2022-08-04T20:58:40","guid":{"rendered":"https:\/\/news.microsoft.com\/?p=446908"},"modified":"2022-08-04T20:58:40","modified_gmt":"2022-08-04T20:58:40","slug":"now-generally-available-microsoft-defender-experts-for-hunting-proactively-hunts-threats","status":"publish","type":"post","link":"https:\/\/sickgaming.net\/blog\/2022\/08\/04\/now-generally-available-microsoft-defender-experts-for-hunting-proactively-hunts-threats\/","title":{"rendered":"Now generally available, Microsoft Defender Experts for Hunting proactively hunts threats"},"content":{"rendered":"<p>Today, we announced the general availability of <a href=\"https:\/\/www.microsoft.com\/security\/business\/services\/microsoft-defender-experts-hunting\">Microsoft Defender Experts for Hunting<\/a> to support organizations and their cybersecurity employees with proactive threat hunting.<\/p>\n<p>Defender Experts for Hunting was created for customers who have a robust security operations center but want Microsoft to help them proactively hunt threats using Microsoft Defender data. Defender Experts for Hunting is a proactive threat hunting service that goes beyond the endpoint to hunt across endpoints, Microsoft Office 365,&nbsp;cloud applications, and identity. Our experts will investigate anything they find, then hand off the contextual alert information along with remediation instructions so you can quickly respond. Our Defender Experts for Hunting <a href=\"https:\/\/www.youtube.com\/watch?v=4t1JgE0X0jc\" target=\"_blank\" rel=\"noreferrer noopener\">explainer video<\/a> walks you through how it works. <\/p>\n<p>Capabilities include:<\/p>\n<ul>\n<li><strong>Threat hunting and analysis<\/strong>\u2014Defender Experts look deeper to expose advanced threats and identify the scope and impact of malicious activity associated with human adversaries or hands-on-keyboard attacks.<\/li>\n<li><strong>Defender Experts Notifications<\/strong>\u2014Notifications show up as incidents in <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\/siem-and-xdr\/microsoft-365-defender\">Microsoft 365 Defender<\/a>, helping to improve your security operations\u2019 incident response with specific information about the scope and method of entry.<\/li>\n<li><strong>Experts on Demand<\/strong>\u2014Click the \u201cAsk Defender Experts\u201d button in the Microsoft 365 Defender portal to get expert advice about threats your organization is facing. You can ask for help on a specific incident, nation-state actor, or attack vector.<\/li>\n<li><strong>Hunter-trained AI<\/strong>\u2014Defender Experts share their learning back into the automated tools they use to improve threat discovery and prioritization.<\/li>\n<li><strong>Reports<\/strong>\u2014An interactive report summarizing what we hunted and what we found.<\/li>\n<\/ul>\n<p>Bridgewater Associates, the world\u2019s largest hedge fund and one of Microsoft\u2019s first customers to implement a <a href=\"https:\/\/www.microsoft.com\/security\/business\/zero-trust\/\">Zero Trust<\/a> framework, helped Microsoft develop Defender Experts for Hunting, contributing decades of knowledge on how to keep intellectual property and investment data secure. The firm now uses Defender Experts for Hunting to extend its security teams so they can focus on the most complex and immediate security issues. Igor Tsyganskiy, Chief Technology Officer at Bridgewater Associates, believes in working together to protect one another from threats.<\/p>\n<p>\u201cCybersecurity is a cooperative rather than a competitive area,\u201d he said. \u201cIt takes a village to keep us all safer\u2026We are living in a digital world that is completely interconnected, and protecting ourselves singularly, separately from each other, is not going to work.\u201d<\/p>\n<h2>More threats\u2014not enough defenders<\/h2>\n<p>Modern adversaries are well-organized and possess skills and resources that can challenge even organizations without open cybersecurity roles. These adversaries are also relentless. Microsoft Security blocked more than <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2022\/05\/09\/building-a-safer-world-together-with-our-partners-introducing-microsoft-security-experts\/\">9.6 billion malware threats<\/a> and more than 35.7 billion phishing and malicious emails in 2021. They\u2019ve extended their attack focus from endpoints to identity, cloud apps, and email.<\/p>\n<p>It\u2019s getting harder every day for organizations to build and maintain a full security team, let alone one with the ever-expanding skillset required to meet the range of today\u2019s security demands. Proactive threat hunting\u2014one of the best ways to identify and respond to security threats\u2014is time-consuming, and most security teams are too busy with alert triage and security posture improvement efforts to spend time on proactive hunting.<\/p>\n<p>Additionally, organizations are struggling to recruit top security talent\u2014more important than ever since cybercrime is expected to cost the world USD10.5 trillion a year by 2025 (a 75 percent increase from the USD6 trillion in 2021).<sup>1<\/sup> With <a href=\"https:\/\/blogs.microsoft.com\/blog\/2021\/10\/28\/america-faces-a-cybersecurity-skills-crisis-microsoft-launches-national-campaign-to-help-community-colleges-expand-the-cybersecurity-workforce\/\" target=\"_blank\" rel=\"noreferrer noopener\">one in three security jobs<\/a> in the United States unfilled, cybersecurity employees often face huge workloads once hired. As a result, the average detection of a breach has been pushed out to 287 days as the number and impact of attacks continue to grow.<sup>2<\/sup><\/p>\n<h2>Technology alone is not enough to fight cybercrime<\/h2>\n<p>Many companies don\u2019t face daily security attacks but need deep experience with threat hunting when they do, according to Tsyganskiy. &nbsp;<\/p>\n<p>\u201cTo manage security on its own, a company must sustain a very large and growing team,\u201d he said. \u201cIt\u2019s like trying to maintain your own police force. Given the low frequency of the most sophisticated attacks, this is an insane misallocation of resources 90 percent of the time.\u201d<\/p>\n<p>Microsoft is uniquely positioned to help customers meet today\u2019s security challenges. We secure devices, identities, apps, and clouds\u2014the fundamental fabric of our customers\u2019 lives\u2014with the full scale of our comprehensive multicloud, multiplatform solutions. Plus, we understand today\u2019s security challenges because we live this fight ourselves every single day.<\/p>\n<p>Now, our security expertise is&nbsp;<em>your<\/em>&nbsp;security expertise.<\/p>\n<h2>How Microsoft Defender Experts for Hunting works<\/h2>\n<p>Every day at Microsoft, threat hunters work alongside advanced systems to analyze billions of signals, looking for threats that might affect customers. Due to the sheer volume of data, we\u2019re meticulous about surfacing threats that customers need to be notified about as quickly and accurately as possible.&nbsp;<\/p>\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"576\" src=\"https:\/\/www.sickgaming.net\/blog\/wp-content\/uploads\/2022\/08\/now-generally-available-microsoft-defender-experts-for-hunting-proactively-hunts-threats.png\" alt=\"This flow diagram describes how Microsoft Defender Experts for Hunting can be split into three distinct steps. These are track, hunt, and analyze. These three steps form the basis of the service and allow Microsoft to proactively reveal the unseen threats impacting customers. \" class=\"wp-image-119282\"><\/figure>\n<p><strong>How we hunt:<\/strong><\/p>\n<ul>\n<li><strong>Step 1<\/strong>: Microsoft Defender Experts monitor telemetry and look for malicious activity across the Microsoft 365 Defender platform associated with human adversaries or hands-on-keyboard attacks.<\/li>\n<li><strong>Step 2<\/strong>: If a threat is found to be valid, analysts conduct a deep-dive investigation, harnessing machine learning and gathering threat details, including scope and method of entry, to help protect your organization\u2019s endpoints, email, cloud apps, and identities.<\/li>\n<li><strong>Step 3<\/strong>: Our AI system and human hunters prioritize threat signals. Defender expert notifications appear in Microsoft 365 Defender, alerting you to the threat and sharing threat details.<\/li>\n<\/ul>\n<h2>Get started<\/h2>\n<p>To start your proactive threat hunting journey with <a href=\"https:\/\/aka.ms\/DefenderExpertsForHuntingGetStarted\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Defender Experts for Hunting<\/a>, please <a href=\"https:\/\/aka.ms\/DEX4HuntingCustomerInterestForm\" target=\"_blank\" rel=\"noreferrer noopener\">complete the customer interest form<\/a> to request a follow-up from our field team. To learn more, visit the <a href=\"https:\/\/www.microsoft.com\/security\/business\/services\/microsoft-defender-experts-hunting\">Defender Experts for Hunting<\/a> product page, <a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RE4Vwph?culture=en-us&amp;country=US\" target=\"_blank\" rel=\"noreferrer noopener\">download the datasheet<\/a><strong>, <\/strong>or <a href=\"https:\/\/www.youtube.com\/watch?v=4t1JgE0X0jc\" target=\"_blank\" rel=\"noreferrer noopener\">watch a short video<\/a>.<\/p>\n<p>To learn more about Microsoft Security solutions,&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/business\/solutions\">visit our&nbsp;website<\/a>.&nbsp;Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/blog\/\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us at&nbsp;<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noreferrer noopener\">@MSFTSecurity<\/a>&nbsp;for the latest news and updates on cybersecurity.<\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\">\n<p><sup>1<\/sup><a href=\"https:\/\/cybersecurityventures.com\/cyberwarfare-report-intrusion\/\" target=\"_blank\" rel=\"noreferrer noopener\">Cybercrime To Cost The World USD10.5 Trillion Annually By 2025<\/a>, Steve Morgan. November 13, 2020.<\/p>\n<p><sup>2<\/sup><a href=\"https:\/\/www.ibm.com\/downloads\/cas\/OJDVQGRY\" target=\"_blank\" rel=\"noreferrer noopener\">Cost of a Data Breach Report 2021<\/a>, IBM. 2021.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Today, we announced the general availability of Microsoft Defender Experts for Hunting to support organizations and their cybersecurity employees with proactive threat hunting. Defender Experts for Hunting was created for customers who have a robust security operations center but want Microsoft to help them proactively hunt threats using Microsoft Defender data. Defender Experts for Hunting [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":126993,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[49],"tags":[50,52],"class_list":["post-126992","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-news","tag-recent-news","tag-security"],"_links":{"self":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts\/126992","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/comments?post=126992"}],"version-history":[{"count":0,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/posts\/126992\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/media\/126993"}],"wp:attachment":[{"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/media?parent=126992"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/categories?post=126992"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sickgaming.net\/blog\/wp-json\/wp\/v2\/tags?post=126992"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}