Official blog of the Office 365 Security team
Defending Against Rules and Forms Injection
Over the last year, Office 365 security has been tracking an emergent attacker persistence mechanism...
Date: 02/21/2018
Defending Against Illicit Consent Grants
Problem Overview Office 365 Security has been tracking an emergent threat to customer data in the...
Date: 01/24/2018
Managing asset inventory in Office 365
In Office 365, servers are continuously provisioned and destroyed as the service is upgraded and...
Date: 12/21/2017
Using Frequency Analysis to Defend Office 365
As security threats evolve, so must defense. In Office 365, we have engineering teams dedicated to...
Date: 09/17/2017
Mitigating Client External Forwarding Rules with Secure Score
Client created rules, that Auto-Forward email from users mailboxes to an external email address, are...
Date: 07/25/2017
Hidden Treasure: Intrusion Detection with ETW (Part 2)
In our last post, we discussed how Event Tracing for Windows (ETW) provides a wealth of knowledge in...
Date: 05/09/2017
DNS Intrusion Detection using Dnsflow
In the DNS Intrusion Detection in Office 365 post we introduced strategies implemented in Office 365...
Date: 04/25/2017
DNS Intrusion Detection in Office 365
In Office 365, we are committed to protecting our customer's data. We implement and exercise...
Date: 04/18/2017
Hidden Treasure: Intrusion Detection with ETW (Part 1)
Today’s defenders face an increasing obstacle with information asymmetry. With the advent of...
Date: 04/11/2017
Defending Office 365 with Graph Analytics
In Office 365, we are continually improving the detection and response systems that safeguard your...
Date: 03/13/2017
Using the Office 365 Secure Score API
The Office 365 Security Engineering team is pleased to announce the availability of the Office 365...
Date: 02/10/2017
New Security Analytics Service: Finding and Fixing Risk in Office 365
Microsoft is pleased to announce the preview availability of a new security analytics service called...
Date: 08/03/2016
Finding Illicit Activity The Old Fashioned Way
Finding bad guys doing bad things in your cloud services is a hard thing to do under even the best...
Date: 05/26/2016
Addressing Your CxO's Top Five Cloud Security Concerns
Overview and the Kill Chain Customers frequently ask us how they can defend their Office365 tenancy....
Date: 03/15/2016
Using Office 365 activity data to improve your Cybersecurity stance and capability
Overview and Contents As an Office 365 customer and tenant administrator, you have access to a wide...
Date: 02/12/2016
How to fix a compromised (hacked) Microsoft Office 365 account
One of the most common security support requests we receive from our Office 365 customers is for...
Date: 12/16/2015