Automation Archives - ThreatsHub Cybersecurity News

The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware

June 10, 2020 TH Author AI and machine learning, Automation, Cybersecurity, data science, Endpoint security, human-operated ransomware, lateral movement, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, Microsoft Threat Protection, PARINACOTA, probablistic approach, ransomware, Security, Security Intelligence, Threat protection

Microsoft Threat Protection uses a data-driven approach for identifying lateral movement, combining industry-leading optics, expertise, and data science to deliver automated discovery of some of the most critical threats today.
The post The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

RSA Conference 2020—Empower your defenders with artificial intelligence and automation

February 4, 2020 TH Author AI and machine learning, Automation, Zero Trust

The RSA Conference 2020 kicks off in less than three weeks—here are a few highlights to help you plan your time.
The post RSA Conference 2020—Empower your defenders with artificial intelligence and automation appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Introducing Microsoft Application Inspector

January 16, 2020 TH Author Automation, Security Intelligence

Microsoft Application Inspector is a new source code analyzer that helps you understand what a program does by identifying interesting features and characteristics.
The post Introducing Microsoft Application Inspector appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks

December 18, 2019 TH Author AI and machine learning, Automation, brute force attack, Cybersecurity, data science, Endpoint security, Event ID 4625, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, Microsoft Threat Experts, probablistic time series model, Remote Desktop Protocol (RDP), Security Intelligence, Threat protection, Windows Security

Microsoft Defender ATP data scientists and threat hunters collaborate to use a data science-driven approach to detecting RDP brute force attacks to protect customers against real-world threats.
The post Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

October 8, 2019 TH Author AI and machine learning, AMSI paired machine learning, Automation, behavior-based machine learning, behavioral blocking and containment, Cybersecurity, endpoint protection platform, Endpoint security, Microsoft Defender ATP, Microsoft security intelligence, Security Intelligence, threat and malware prevention

Two new machine learning protection features within the behavioral blocking and containment capabilities in Microsoft Defender ATP specialize in detecting threats by analyzing behavior, adding new layers of protection after an attack has started running.
The post In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Foundations of Flow—secure and compliant automation, part 2

September 11, 2019 TH Author Automation, Data governance, Threat protection

In part 2 of our two-part series, we go deeper into how Microsoft Flow secures your users and data, as well as enhances the IT experience.
The post Foundations of Flow—secure and compliant automation, part 2 appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

From unstructured data to actionable intelligence: Using machine learning for threat intelligence

August 8, 2019 TH Author AI and machine learning, Automation, Cybersecurity, Endpoint security, indicators of compromise (IoC), machine learning, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, Security Intelligence, threat intelligence, TTPs, Windows Security

Machine learning and natural language processing can automate the processing of unstructured text for insightful, actionable threat intelligence.
The post From unstructured data to actionable intelligence: Using machine learning for threat intelligence appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

New machine learning model sifts through the good to unearth the bad in evasive malware

July 25, 2019 TH Author AI and machine learning, antivirus, Automation, Cybersecurity, detection evasion, Endpoint security, LockerGoga, machine learning, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft security intelligence, monotonic models, next generation protection, Windows Defender Antivirus

Most machine learning models are trained on a mix of malicious and clean features. Attackers routinely try to throw these models off balance by stuffing clean features into malware. Monotonic models are resistant against adversarial attacks because they are trained differently: they only look for malicious features. The magic is this: Attackers can’t evade a monotonic model by adding clean features. To evade a monotonic model, an attacker would have to remove malicious features.
The post New machine learning model sifts through the good to unearth the bad in evasive malware appeared first on Microsoft Security. READ MORE HERE…

Microsoft Secure

Lessons learned from the Microsoft SOC—Part 2: Organizing people

April 23, 2019 TH Author Automation, CISO series, Ciso series page, Threat protection

In the second of our three-part series, we focus on the most valuable resource in the SOC—our people.
The post Lessons learned from the Microsoft SOC—Part 2: Organizing people appeared first on Microsoft Security. READ MORE HERE…