Today, we announced the general availability of Microsoft Defender Experts for Hunting to support organizations and their cybersecurity employees with proactive threat hunting.

Defender Experts for Hunting was created for customers who have a robust security operations center but want Microsoft to help them proactively hunt threats using Microsoft Defender data. Defender Experts for Hunting is a proactive threat hunting service that goes beyond the endpoint to hunt across endpoints, Microsoft Office 365, cloud applications, and identity. Our experts will investigate anything they find, then hand off the contextual alert information along with remediation instructions so you can quickly respond. Our Defender Experts for Hunting explainer video walks you through how it works.

Capabilities include:

• Threat hunting and analysis—Defender Experts look deeper to expose advanced threats and identify the scope and impact of malicious activity associated with human adversaries or hands-on-keyboard attacks.
• Defender Experts Notifications—Notifications show up as incidents in Microsoft 365 Defender, helping to Improve your security operations’ incident response with specific information about the scope and method of entry.
• Experts on Demand—Click the “Ask Defender Experts” button in the Microsoft 365 Defender portal to get expert advice about threats your organization is facing. You can ask for help on a specific incident, nation-state actor, or attack vector.
• Hunter-trained AI—Defender Experts share their learning back into the automated tools they use to Improve threat discovery and prioritization.
• Reports—An interactive report summarizing what we hunted and what we found.

Bridgewater Associates, the world’s largest hedge fund and one of Microsoft’s first customers to implement a Zero Trust framework, helped Microsoft develop Defender Experts for Hunting, contributing decades of knowledge on how to keep intellectual property and investment data secure. The firm now uses Defender Experts for Hunting to extend its security teams so they can focus on the most complex and immediate security issues. Igor Tsyganskiy, Chief Technology Officer at Bridgewater Associates, believes in working together to protect one another from threats.

“Cybersecurity is a cooperative rather than a competitive area,” he said. “It takes a village to keep us all safer…We are living in a digital world that is completely interconnected, and protecting ourselves singularly, separately from each other, is not going to work.”

More threats—not enough defenders

Modern adversaries are well-organized and possess skills and resources that can challenge even organizations without open cybersecurity roles. These adversaries are also relentless. Microsoft Security blocked more than 9.6 billion malware threats and more than 35.7 billion phishing and malicious emails in 2021. They’ve extended their attack focus from endpoints to identity, cloud apps, and email.

It’s getting harder every day for organizations to build and maintain a full security team, let alone one with the ever-expanding skillset required to meet the range of today’s security demands. Proactive threat hunting—one of the best ways to identify and respond to security threats—is time-consuming, and most security teams are too busy with alert triage and security posture improvement efforts to spend time on proactive hunting.

Additionally, organizations are struggling to recruit top security talent—more important than ever since cybercrime is expected to cost the world USD10.5 trillion a year by 2025 (a 75 percent increase from the USD6 trillion in 2021).¹ With one in three security jobs in the United States unfilled, cybersecurity employees often face huge workloads once hired. As a result, the average detection of a breach has been pushed out to 287 days as the number and impact of attacks continue to grow.²

Technology alone is not enough to fight cybercrime

Many companies don’t face daily security attacks but need deep experience with threat hunting when they do, according to Tsyganskiy.  

“To manage security on its own, a company must sustain a very large and growing team,” he said. “It’s like trying to maintain your own police force. Given the low frequency of the most sophisticated attacks, this is an insane misallocation of resources 90 percent of the time.”

Microsoft is uniquely positioned to help customers meet today’s security challenges. We secure devices, identities, apps, and clouds—the fundamental fabric of our customers’ lives—with the full scale of our comprehensive multicloud, multiplatform solutions. Plus, we understand today’s security challenges because we live this fight ourselves every single day.

Now, our security expertise is your security expertise.

How Microsoft Defender Experts for Hunting works

Every day at Microsoft, threat hunters work alongside advanced systems to analyze billions of signals, looking for threats that might affect customers. Due to the sheer volume of data, we’re meticulous about surfacing threats that customers need to be notified about as quickly and accurately as possible. 

How we hunt:

• Step 1: Microsoft Defender Experts monitor telemetry and look for malicious activity across the Microsoft 365 Defender platform associated with human adversaries or hands-on-keyboard attacks.
• Step 2: If a threat is found to be valid, analysts conduct a deep-dive investigation, harnessing machine learning and gathering threat details, including scope and method of entry, to help protect your organization’s endpoints, email, cloud apps, and identities.
• Step 3: Our AI system and human hunters prioritize threat signals. Defender expert notifications appear in Microsoft 365 Defender, alerting you to the threat and sharing threat details.

Get started

To start your proactive threat hunting journey with Microsoft Defender Experts for Hunting, please complete the customer interest form to request a follow-up from our field team. To learn more, visit the Defender Experts for Hunting product page, download the datasheet, or watch a short video.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

¹Cybercrime To Cost The World USD10.5 Trillion Annually By 2025, Steve Morgan. November 13, 2020.

²Cost of a Data Breach Report 2021, IBM. 2021.

In May, the privacy-first browser DuckDuckGo suffered backlash from the community after a publication posted that while the browser blocked Google and Facebook trackers, it allowed Microsoft trackers to continue running.

At the time, the company’s CEO made a statement about what was happening – by saying it wasn’t allowing all or even most Microsoft tracking attempts in its browsers – and promised changes. Now, DuckDuckGo is announcing increased protection from Microsoft trackers through its browsing apps.

Starting next week, DuckDuckGo will expand the third-party tracking scripts it blocks from loading on websites to include scripts from Microsoft. This update applies to the iOS and Android apps and browser extensions with beta apps to follow in the coming month.

DuckdDuckGo’s CEO and founder Gabriel Weinberg says:

This web tracking protection is not offered by most other popular browsers by default and sits on top of many other DuckDuckGo web tracking protections. This all means our browsing apps and extensions currently offer more protection against Microsoft trackers by default than Chrome, Firefox, Safari, and more.

Also, to help clear up some other misconceptions floating around, Microsoft scripts were never embedded in our search engine or apps, which do not track you. Websites insert these scripts for their own purposes, and so they never sent any information to DuckDuckGo. Additionally, we were already restricting Microsoft tracking through our other web tracking protections, like blocking Microsoft’s third-party cookies in our browsers.

DuckDuckGo will also offer a new help page that offers a “comprehensive explanation of all the web tracking protections” the browser provides across platforms. The company is also making available its tracker protection list publicly available so people can see for themselves what DuckDuckGo is blocking, and report any issues.

Last but not least, the company explains how it’s working towards private ad conversions. According to Weinberg, “advertising on DuckDuckGo is done in partnership with Microsoft,” but viewing ads on the browser is anonymous as “Microsoft has committed to not profile users on ad clicks.”

To evaluate whether an ad on DuckDuckGo is effective, advertisers want to know if their ad clicks turn into purchases (conversions). To see this within Microsoft Advertising, they use Microsoft scripts from the bat.bing.com domain. Currently, if an advertiser wants to detect conversions for their own ads that are shown on DuckDuckGo, 3rd-Party Tracker Loading Protection will not block bat.bing.com requests from loading on the advertiser’s website following DuckDuckGo ad clicks, but these requests are blocked in all other contexts as described above. For anyone who wants to avoid this, it’s possible to disable ads in DuckDuckGo search settings.

Eventually, the company plans to replace the reliance on the bat.bing domain by working on architecture for private ad conversions that can be externally validated as non-profiling.

Last but not least, DuckDuckGo is sharing the list of Microsoft domains where the company will be blocking tracking requests:

How do you feel about these changes DuckDuckGo is committing to? Share your thoughts in the comment section below.

FTC: We use income earning auto affiliate links. More.

Check out 9to5Mac on YouTube for more Apple news:

Uncover adversaries with new Microsoft Defender threat intelligence products

The threat landscape is more sophisticated than ever and damages have soared—the Federal Bureau of Investigation’s 2021 IC3 report found that the cost of cybercrime now totals more than USD6.9 billion.¹ To counter these threats, Microsoft is continuously aggregating signal and threat intelligence across the digital estate, which is enabling us to track threat actors much more closely and to better understand their behavior over time. Today, Microsoft tracks 35 ransomware families, and more than 250 unique nation-states, cybercriminals, and other threat actors. Our cloud also processes and analyzes more than 43 trillion security signals every single day. This massive amount of intelligence derived from our platform and products gives us unique insights to help protect customers from the inside out. In addition, our acquisition of RiskIQ just over a year ago, has allowed us to provide customers unique visibility into threat actor activity, behavior patterns, and targeting. They can also map their digital environment and infrastructure to view their organization as an attacker would. That outside-in view delivers even deeper insights to help organizations predict malicious activity and secure unmanaged resources.

Building on our vision to provide unmatched, actionable threat intelligence, we’re thrilled to announce two new security products that provide deeper context into threat actor activity and help organizations lock down their infrastructure and reduce their overall attack surface:

• Track threat actor activity and patterns with Microsoft Defender Threat Intelligence. Security operations teams can uncover attacker infrastructure and accelerate investigation and remediation with more context, insights, and analysis than ever before. While threat intelligence is already built into the real-time detections of our platform and security products like the Microsoft Defender family and Microsoft Sentinel, this new offering provides direct access to real-time data from Microsoft’s unmatched security signals. Organizations can proactively hunt for threats more broadly in their environments, empower custom threat intelligence processes and investigations, and Improve the performance of third-party security products. 
• See your business the way an attacker can with Microsoft Defender External Attack Surface Management. The new Defender External Attack Surface Management gives security teams the ability to discover unknown and unmanaged resources that are visible and accessible from the internet—essentially the same view an attacker has when selecting a target. Defender External Attack Surface Management helps customers discover unmanaged resources that could be potential entry points for an attacker.

These new threat intelligence offerings expand our growing security portfolio, offer deeper insights into threat actors and their behaviors, and help security teams accelerate the identification and prioritization of risks. Keep studying for more detail on these solutions, as well as the new detection and response capabilities for SAP from Microsoft Sentinel. Plus, find out where you can see a live product demo of all of our threat intelligence products at Black Hat.

Unmask your adversaries with Microsoft Defender Threat Intelligence 

Today, any device connected to the internet is susceptible to vulnerabilities. Understanding the gaps that can lead to vulnerabilities is key to building resilience.

Microsoft Defender Threat Intelligence maps the internet every day, providing security teams with the necessary information to understand adversaries and their attack techniques. Customers can access a library of raw threat intelligence detailing adversaries by name, correlating their tools, tactics, and procedures (TTPs), and can see active updates within the portal as new information is distilled from Microsoft’s security signals and experts. Defender Threat Intelligence lifts the veil on the attacker and threat family behavior and helps security teams find, remove, and block hidden adversary tools within their organization.

This depth of threat intelligence is created from the security research teams formerly at RiskIQ with Microsoft’s nation-state tracking team, Microsoft Threat Intelligence Center (MSTIC), and the Microsoft 365 Defender security research teams. The volume, scale, and depth of intelligence is designed to empower security operations centers (SOCs) to understand the specific threats their organization faces and to harden their security posture accordingly. This intelligence also enhances the detection capabilities of Microsoft Sentinel and the family of Microsoft Defender products.

Microsoft recognizes the importance of working together as a security community to help protect the digital world from threats. As such, the existing free edition will continue to be available. And as we look ahead, we’re excited to continue our journey of innovation and integration. Look for more news later this year on the expanding capabilities of our portfolio.  

Discover your vulnerabilities with Microsoft Defender External Attack Surface Management

Organizations need to see their business the way an attacker can so they can eliminate gaps and strengthen their security posture to help reduce the potential for attack. Many businesses have internet-facing assets they may not be aware of or have simply forgotten about. These are often created by shadow IT, mergers, and acquisitions, incomplete cataloging, business partners’ exposure, or simply rapid business growth. 

Microsoft Defender External Attack Surface Management scans the internet and its connections every day. This builds a complete catalog of a customer’s environment, discovering internet-facing resources—even the agentless and unmanaged assets. Continuous monitoring, without the need for agents or credentials, prioritizes new vulnerabilities. With a complete view of the organization, customers can take recommended steps to mitigate risk by bringing these unknown resources, endpoints, and assets under secure management within their security information and event management (SIEM) and extended detection and response (XDR) tools.  

Protect business-critical information within SAP with Microsoft Sentinel 

In the spirit of continuous innovation and bringing as much of the environment under secure management as possible, we are proud to announce the new Microsoft Sentinel solution for SAP. Security teams can now monitor, detect, and respond to SAP alerts, such as privilege escalation and suspicious downloads, all from our cloud-native SIEM. Business-specific risks can be unique and complicated. With the Microsoft Sentinel solution for SAP, customers can build custom detections for the threats they face and reduce the risk of catastrophic interruption.

Learn more

To learn more about these products, join us at Black Hat USA and see live demos at the Microsoft Booth 2340 from August 10 to 11, 2022. You can also register now for the Stop Ransomware with Microsoft Security digital event on September 15, 2022, to watch in-depth demos of the latest threat intelligence technology.  

Explore our new solutions:

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

¹Internet Crime Report 2021, Internet Crime Complaint Center, Federal Bureau of Investigation. 2021.

The trend of digital transformation grew swiftly, with business now looking vastly different than even just a decade ago. One of the most notable changes of digital transformation is the abundance of digital devices and applications being adopted and leveraged, especially by industries that usually weren’t known for their technology use. Now, an industry like manufacturing is virtually unrecognizable, with factory floors being transformed into digital havens ripe with devices adding efficiency and ease to a variety of processes.

Historically, manufacturing has always been on the slower side when it came to adopting innovative technology, but the potential of Industry 4.0 has changed that notion as of late. Just a couple of years ago in 2019, the industry 4.0 market was at $70 billion, but it is expected to triple to $210 billion by 2026.

“The huge level of interest in improving efficiencies across manufacturing organizations comes as no surprise as 4.0 technology encompasses holds virtually an endless amount of potential, especially when the workflow and collaboration between people and people – and people and machines – becomes more automated,” said Jeff Li, Senior Director, Partner Service Assurance and head of partnership development and innovation at ConnX, a systems integration, software and platform development, and managed services company serving large global enterprises.

ConnX, a Microsoft Gold Partner for decades, announced it has introduced a premium version of Microsoft’s popular Dynamics 365 product line of enterprise resource planning and customer relationship management intelligent business applications, fully integrated with Microsoft Teams and Microsoft Office 365 – embedding click to call, message, share screens and instantly opening up video collaboration.

 “Using Teams integration, our customers can now invite anyone in their organization to view and collaborate on customer records right within a Teams chat or channel. They can also make and receive calls from within Dynamics 365 to get work done more efficiently. Customer service representatives can find, view, and act upon customer case records, including troubleshooting steps and follow-up action tracking. Possibly most exciting is its application for field service teams, who can leverage the benefits of this integration and our optimization networking capabilities to be far more efficient and effective on the ground, especially when machines with sensors can automatically alert when factory infrastructure may be at risk of shutting down.”

Among the vast array of new devices and applications available today, Li explained, manufacturers are utilizing real-time data analysis, artificial intelligence (AI), machine learning, and most notably the Internet of Things (IoT) to create “smart” factories.

“There is no longer a reason to separate communications in real time as machine-to-machine or person-to-person,” Li said.  “The same networking and edge orchestration and service assurance technology work equally well in the new software-defined networking world. The opportunity to create powerful mash-ups is very exciting as it can drive substantial cost reduction, risk reduction, and faster time to resolution.”

While the vast array of new technology has of course brought new possibilities, practices, and potential revenue streams, it has also brought new challenges to manufacturing IT teams who, in the past, didn’t deal with this volume of technology. To handle the new load of devices and applications, IT teams within manufacturing have begun searching for a communications platform that fits the unique needs of their factory.

While there are a variety of innovative devices and applications that can help create the communication and collaboration platform organizations today seek, the most used platform today is Microsoft Teams. These platforms, like Microsoft Teams, enable real-time responses to security incidents, mobile and fixed inspection, and supervision using drones and video analytics to help increase worker safety on factory floors.

• Dual Datacenter / Carrier Redundancy / Failover
• DID Porting / Bring Your Own Carrier
• 24 x 7 Global NOC support model
• Enhanced End-to-End monitoring and management
• Seamless Service Migration
• Dynamic E-911
• Embedded Fraud Detection and Robocall Protection

Edited by Erik Linask

The Reputation Connector for Microsoft Dynamics 365 will help large enterprises enrich customer insights with sentiment data

SAN RAMON, Calif., Aug. 2, 2022 /PRNewswire/ -- Reputation, a global leader in reputation experience management (RXM), today announced it will integrate customer sentiment and feedback data into Microsoft Dynamics 365 and Power BI via PowerApps, creating a more seamless experience for brands looking to centralize customer feedback and data. Microsoft is the first major technology partner under The RepNetwork, Reputation's new partner program.

This collaboration comes as the Reputation Connector for Healthcare is made available at Microsoft AppSource. Organizations that use both Reputation and Microsoft can now connect their marketing, sales, and business intelligence tools with Reputation data, allowing them to store business data and customer feedback in one central location.

"We are thrilled that the Reputation Connector for Dynamics 365 is now available in Microsoft AppSource," says Brent Nixon, Reputation's Chief Ecosystem Officer. "Microsoft is the cornerstone of the technology stack for many large organizations, so we are delighted to provide our clients with the ability to uncover deeper customer insights by integrating customer sentiment data from Reputation into Dynamics 365. This first iteration of the app is for the healthcare industry, but we're excited to roll out these capabilities for all industries as part of our ever-evolving collaboration with Microsoft."

Used by millions of companies around the world, Microsoft is a leading provider of computer software for enterprise organizations. Its reach across a variety of industries will only further Reputation's goal of changing the way companies act on customer feedback.

"Combined with Dynamics 365, Reputation allows our customers to get the full picture of customer sentiment data and operationalize patient feedback to Improve overall experience and deliver business outcomes," said Toby Bowers, General Manager, Industry, Apps & Data Marketing at Microsoft.

The Reputation Connector for Dynamics 365 is now available. For more information on Reputation's partner program, The RepNetwork, please visit https://reputation.com/partners.

About Reputation
Reputation (formerly Reputation.com), creator of the Reputation Experience Management category, is changing the way companies gather and act on customer feedback to drive decision making and enhance Customer Experience (CX) programs. Reputation's interaction-to-action platform translates vast amounts of solicited and unsolicited feedback data into prescriptive insights that companies use to learn from and grow. Thousands of global organizations rely on the patented algorithms behind Reputation Score X™ to provide a reliable index of brand performance in order to make targeted business improvements. Backed by Marlin Equity Partners, Bessemer Venture Partners and Kleiner Perkins, and trusted by over 250 integration partners, including Google, Facebook, Salesforce, J.D. Power, Amazon and Web.com, Reputation turns feedback into the fuel to grow businesses around the world. Visit reputation.com to learn more.

View original content to get multimedia:https://www.prnewswire.com/news-releases/reputation-collaborates-with-microsoft-to-enhance-customer-data-301598051.html

SOURCE Reputation

India’s tech skills gap

The TechSaksham tech skills programme in India has helped almost 2,500 women students since its launch last year. Image: TechSaksham

TechSaksham: helping women into industry

Women college graduates in India are getting help to transition into industry through a practical tech skills programme called TechSaksham. Image: TechSaksham

Women in India are making progress at work

Women are underrepresented in STEM roles

TechSaksham is set to address India’s wider gender gap in online learning than traditional classroom-based education in STEM fields. Image: WEF/Coursera

Lack of internet access is a barrier