Microsoft Introduces Azure Advanced Threat Protection
The recent years have witnessed a distinct and consistent escalation in cyberattacks’ scope, scale, and sophistication, impacting organizations across all verticals and locations. This escalation is manifested not only in increasing proliferation of threat-actor groups, but also in the diversity of the utilized attack Tools Techniques and Procedures (TTPs), ranging from zero-day exploits to weaponized antimalware and publicly available toolkits.
This threat landscape is driving a change in the common security paradigm, bringing security stakeholders to realize that a resourceful and determined attacker will at a certain point succeed in bypassing the traditional prevention and detection controls.
To proactively respond to these threats, there is a need for a security layer that operates following the successful bypass of these controls and is tasked with detecting the malicious activity consecutive to this bypass.
Introducing Azure Advanced Threat Protection for Users
We are excited to announce Azure Advanced Threat Protection (ATP) for Users, a new cloud service which empowers your Security Operations team to detect and investigate advanced attacks and insider threats across the entire scope of users and entities in your network. Leveraging cloud infrastructure and Azure scale, Azure ATP is built to support the most demanding workloads of security analytics for the modern enterprise.
Azure ATP fuses together unique machine learning algorithms, world-class security research, and the breadth and depth of the critical security data available to Microsoft as a major enterprise vendor. It will help protect from both known and unknown attack vectors, detecting threats early in the kill chain before they mature into actual damage.
Read the entire article here, Introducing Azure Advanced Threat Protection – Enterprise Mobility and Security Blog
Via the fine folks at Microsoft.