Connect with us

Hi, what are you looking for?

Cyber Security

New File Analysis Add-on with Microsoft 365 Defender Enable Deeper Insights

Microsoft has taken another step towards security which has revolutionized the way security professionals use Microsoft 365 Defender across devices as well as cloud applications.

This time they have pivoted the process of examining a single file across multiple systems and applications.

Microsoft 365 Defenders has been used by organizations worldwide to monitor and analyze files and devices’ activities across their networks.

This includes several executable files and documents like Word, Excel, and others.

New File Analysis Interface

The modified interface provides complete insight into a single file and its potential impact on the organization.

However, this time the file can be tracked from the time of its introduction and its lateral movement across devices inside the organization, along with its related cloud applications, incidents, alerts, and many other statistics, including the Worldwide prevalence of the file.

Microsoft 365 Defender Interface (Source: Microsoft)

Enhanced Pivoting

The current update also includes further analysis after finding about the file’s existence on a device. It shows information like file execution status, first and last seen of the file on the device, process time it took to initiate, and other file names associated with the device.

File History

The Cloud Apps page provides insight into the file’s existence on cloud applications along with the Microsoft Cloud Apps policies.

This enables security professionals to anticipate cloud-based threats and take precautionary measures.

Cloud Apps Page (Source: Microsoft)

In addition to these features, the new update also has options to analyze based on MITRE ATT&CK techniques for understanding a file and its potential capabilities after execution. 

For this, the “File Content” page can be utilized, which includes Process Writes, Process creation, Network activities, File Writes, File Deletes, Registry Reads, Registry Writes, Strings, Imports, and Exports.

File Contents Page (Source: Microsoft)

The new update on the Microsoft 365 Defender will supposedly help security professionals to gather multiple pieces of information and secure their organizations.

Microsoft has released a complete report about their new features, showing their capabilities in detail.

Source: https://cybersecuritynews.com/file-analysis-with-microsoft-365-defender/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

In recent findings from Check Point Research, a significant phishing attack targeting more than 40 prominent Colombian companies has been uncovered.  The attackers behind this campaign...

Cyber Security

According to recent reports, a threat actor has compromised the confidential information of 3,200 Airbus vendors. The exposed data includes sensitive details such as...

Cyber Security

A group of Researchers unearthed critical code Proton Mail vulnerabilities that could have jeopardized the security of Proton Mail, a renowned privacy-focused webmail service. ...

Cyber Security

Telegram Messenger offers global, cloud-based instant messaging with several features:- Cybersecurity researchers at Securlist recently found several Telegram mods on Google Play in various...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO