// Security NEWS // Microsoft: "We Detect 5 Billion Cybersecurity Threats on Devices a Month"

vijbzabyss (69)in #news • 5 years ago

Microsoft claims to run its "vision" of Microsoft Threat Protection, its all-encompassing security service, which relies on the Microsoft Intelligent Security Graph.

Source

While Windows or now Microsoft Defender Advanced Threat Protection (ATP) is a better-known brand, it is only one part of the Threat Protection stable covering the recently launched Azure Sentinel managed SIEM service, Microsoft Defender ATP, Office 365 ATP, Azure ATP, Microsoft Cloud App Security, Azure Security Center and Azure Active Directory (AD).

470 billion emails analyzed Outlook

Diverse Threat Protection services are offered in subscription bundles to top-tier enterprise customers of its graph database powered Microsoft 365 package, as Microsoft 365 Identity and Threat Protection, who combines Threat Protection Microsoft (Azure ATP, Windows Defender ATP and Office 365 ATP), but also Cloud App Security Microsoft and Azure AD.

Microsoft announced Threat Protection last June and gave an overview of the volume of data sources that feed into its security graph, in particular from Outlook, OneDrive, Azure, Live Xbox, Windows, Bing and Accounts Microsoft.

The company shares monthly updates on Threat Protection's "evolution" since then, but at the moment Rob Lefferts, corporate vice-president of Microsoft Security, asserts the company is "executing" on its vision and has shared some new figures.

For some data sources, the underlying security graph has increased significantly over the past year, while other sources, for various reasons, have experienced little change.

Microsoft now reports it's analyzed 470 billion emails from Outlook, up from 400 billion a year ago. The publisher is also scanning over a billion Azure user accounts, up from 750 million accounts in 2018.

Authentication on Microsoft accounts scanned each month are also up, from 450 billion last year to 630 billion today.

Some data, however, remain unchanged. The company continues to analyze 1.2 billion terminals and detects about five billion threats to them each month. In addition, the publisher continues to pick up and analyze 6,500 billion threat signals a day, and still scans more than 18 billion Bing pages.

The purpose of the graph-based intelligence is to establish reconciliations by crossing different signals to develop threat alerts and provide organizations with a clearer picture of the ongoing attacks, such as a phishing attack that could target devices, email accounts, etc.

Source

1.2 billion terminals communicate data

During 2018, the company analyzed 300,000 phishing campaigns and eight million attempts to compromise professional emails (BEC), according to data from Office 365 security analysts.

BEC scams have become the biggest source of losses for organizations today, according to FBI figures. The Bureau estimates that US companies alone lost $1.3 billion in 2018.

Also in 2018, Microsoft claims that Threat Protection blocked five billion phishing emails, while every month, it detects two million incidents where attackers attempt to move sideways in an already compromised organization.

Every month, Microsoft has detected 72 million vulnerabilities, 123 million weak security configurations. It also blocks about 14 million malicious connection attempts every year.

Microsoft is finally launching a new Microsoft Threat Protection site, where it presents its automated incident response capabilities for the SecOps, Azure Sentinal teams, and its Microsoft Threat Experts service.

Sources : Microsoft and Microsoft Security

Stay Informed, Stay Safe