Tag: microsoft defender xdr
-
Harnessing threat intelligence using externaldata operator
Having a Threat Intelligence Platform (TIP) to maintain Indicators of Compromise (IoCs) is somewhat a standard these days. However, not all organizations use a TIP such as MISP, but this shouldn’t prevent anyone from using threat intelligence feeds for hunting, especially when it comes to Microsoft Defender XDR. Table of Contents What are threat intelligence…
-
Operationalizing MITRE ATT&CK with Microsoft Security (Part 1)
The MITRE ATT&CK framework has emerged as a cornerstone of modern cybersecurity, empowering organizations to navigate the complex world of cyber attacks with greater clarity and effectiveness. The ATT&CK matrix provides a comprehensive knowledge base of adversary tactics, techniques, and procedures (TTPs) that enable security teams to better understand, detect, and respond to sophisticated threats.…