Microsoft Defender for Cloud Apps: Behaviors
Microsoft 365 Defender Advanced Hunting has introduced a new data type called "Behaviors". This addition will enable the security teams to prioritize critical security alerts in their environment without compromising important contextual information provided in the behavior that may be crucial for an investigation. Behaviors will provide a descriptive summary of what took place in a format helpful for identifying and measuring attacks, and attached to the MITRE tactics and techniques that are commonly used to test coverage against most organizations’ security measures. With Behaviors, anomalies will only be correlated when they are relevant, and the context of related incidents will be enriched. Some detections in Defender for Cloud Apps have already been transformed to the new Behaviors data type and can be accessed through advanced hunting. This new feature will optimize the alerts queue and enable security teams to focus on the most relevant alerts in their environment. The release date for Behaviors is August CY2023 with preview date set for March CY2023.
The post Microsoft Defender for Cloud Apps: Behaviors originally appeared on M365 Admin.
Published on:
Learn more
Related posts
Cloud Discovery anomaly detection policy to be retired
Microsoft has announced that the "Cloud Discovery anomaly detection" policy in Defender for Cloud Apps will be retired due to the high rate of...
Data Loss Prevention – Out-of-box Advanced Hunting queries for Data Loss Prevention incidents in Microsoft 365 Defender
This post provides information about how to use out-of-box advanced hunting queries for Data Loss Prevention incidents in Microsoft 365 Defend...
GitHub Advanced Security for Azure DevOps public preview starts now!
If you're an Azure DevOps user, you'll be glad to know that GitHub Advanced Security is now available in public preview. This follows a privat...
Configuration Change – Microsoft Defender for Cloud Apps threat protection policies
Microsoft is making changes to the default threat protection policies for Microsoft Defender for Cloud Apps. These policies will now be disabl...
Microsoft Defender for Office 365: 100 Admin Submission at once
Microsoft Defender for Office 365 admins can now submit up to 100 emails for analysis at once from advanced hunting, threat explorer, and user...
Microsoft Intune: Anomaly detection
The recently launched anomaly detection feature in Microsoft Intune serves as an invaluable tool for IT administrators. With this feature, adm...
Microsoft Purview | Insider Risk Management: Enhancements to detection and triage
The latest update to Microsoft Purview Insider Risk Management brings several enhancements to its security detection and triage experiences. A...
Secure your hybrid, multicloud, and edge environments with cloud-based threat detection
Learn how to secure your hybrid, multicloud, and edge environments with cloud-based threat detection in this informative video. The video high...
Advanced Threat Hunting with Microsoft 365 Defender
In this podcast episode, Michael and Michael dive into the world of advanced threat hunting using Microsoft 365 Defender. Joining the conversa...