question about security threats

alii 1 Reputation point
2022-12-19T19:03:18.557+00:00

How does Microsoft classify security threats to its software?

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,158 questions
Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
959 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. David Broggy 5,671 Reputation points MVP
    2022-12-20T01:16:23.873+00:00

    Hi Alii,
    That's a pretty broad question, but I'll give you my perspective.

    Microsoft classified security threats in several ways, including:
    Risk scores - often based on best practices, risk scores usually include recommendations on how to improve your configurations to reduce your risk against real-world internal and external threats.
    These risk scores are provided within security.microsoft.com and in Azure (In Defender for Cloud). So the software I'm referring to here are SaaS related services.

    Microsoft also uses risk severity values and Mitre ATT&CK to help security professionals provide their own classification of security threats within Microsoft Sentinel.

    • so if there are specific known threats that are related to vulnerabilities in software, you can classify the threat severity level and also categorize the ATT&CK tactic/technique in order to provide granular classifications of threat categories.

    Hope that helps.

    0 comments No comments