Enterprise Office 365 customers can now try Microsoft's automated incident response to thwart email attacks.
Microsoft has made its Automated Incident Response in Office 365 Advanced Threat Protection (ATP) generally available to enterprise customers.
The automation feature, announced in preview earlier this April, aims to help security analysts respond faster and more systematically to a barrage of security alerts.
Microsoft is making two categories of automated incident response generally available. The first are automatic investigations that commence in response to new alerts, such as users reporting phishing email, users clicking on a link determined to be malicious, malware being detected in received email, and phishing email that has landed in a user's mailbox.
The second category consists of manually initiated investigations that use Microsoft's 'automated playbook' sequences for different scenarios and attack types.
For example, one playbook helps security analysts respond to user reports of phishing email, while the 'weaponized URL playbook' assists in the response to a URL found to be malicious. Security analysts can launch these investigations through Microsoft's Threat Explorer tool.
The playbooks "correlate similar emails sent or received within the organization and any suspicious activities for relevant users". The playbooks also flag suspicious activities on user accounts, such as mail forwarding, mail delegation, Office 365 Data Loss Prevention (DLP) violations, or suspicious email sending patterns.
Overall, the playbooks aim to help analysts quickly contain a threat, for example, by locking down accounts and devices as well as requiring multi-factor authentication, and ultimately removing the threat.
The investigation dashboard provides details about the investigation number, the time it started and ended, pending actions required, as well as users, devices and emails investigated.
The automated incident response features are available to organizations with the Office 365 ATP Plan 2, which costs $5 per user a month, as well as Office 365 Enterprise E5 tier, which costs $35 per user a month.
Email messages containing malware removed after a delivery alert trigger an investigation into similar emails and related user actions in Office 365.
Once a year, Linux's top developers meet at Linux Plumbers and the Kernel Summit to hash out problems and concerns with Linux development. Here's what happens. ...
Mozilla touts SLAs for critical security bug fixes and premium support as it seeks revenue beyond Google search.
Microsoft is looking into new Windows Desktop Search problems, caused by its latest Windows 10 1903 patch.
Security issue fixed in late June, with the release of Chrome OS 75. Additional remediation steps below.
Enterprises embracing DevOps see more frequent software delivery, change lead times, and other benefits, survey by Google Cloud and DORA finds.
2 Door Metal Storage Cabinet
Microsoft addresses bug causing CPU problems for the past two weeks for Windows 10 version 1903 users.
Windows 10, Windows 7, Windows 8.1, Office 2016, Windows Sever 2012 - DK,https://www.windowskeybank.com/