data-driven security insights machine learning intelligent automation … · 2019-06-20 ·...
TRANSCRIPT
![Page 1: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/1.jpg)
![Page 2: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/2.jpg)
Data-driven security insights
Machine Learning
Intelligent Automation
Cloud Scale
![Page 3: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/3.jpg)
![Page 4: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/4.jpg)
Extensive machine learning to:• Reduce manual effort• Reduce wasted effort
on false positives• Speed up detection
![Page 5: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/5.jpg)
![Page 6: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/6.jpg)
Defense-in-depth
This Photo by Unknown Author is licensed under CC BY-SA-NC
![Page 7: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/7.jpg)
![Page 8: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/8.jpg)
Resilience: Designed to recover quickly
THEN NOWReliability:Designed not to fail
!
!
!
!
Prevent:Every possible attackProtect, Detect, & Respond along the kill chain
!
!
!
!!
!
Assume
Compromise:
![Page 9: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/9.jpg)
![Page 10: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/10.jpg)
Securing Privileged Access
Office 365 Security
Rapid Cyberattacks (Wannacrypt/Petya)
https://aka.ms/MCRA Video Recording StrategiesOffice 365
Dynamics 365
+Monitor
Azure Sentinel – Cloud Native SIEM and SOAR (Preview)
SQL Encryption &
Data Masking
Data Loss Protection
Data Governance
eDiscovery
![Page 11: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/11.jpg)
Data-driven security insights
Machine Learning
Intelligent Automation
Cloud Scale
![Page 12: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/12.jpg)
Data-driven security insights
![Page 13: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/13.jpg)
Microsoft Trust Center
![Page 14: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/14.jpg)
Microsoft Threat Protection
![Page 15: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/15.jpg)
![Page 16: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/16.jpg)
![Page 17: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/17.jpg)
![Page 18: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/18.jpg)
![Page 19: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/19.jpg)
![Page 20: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/20.jpg)
Threat & Business Prioritization Helping customers focus on the right things at the right time
Threat Context
Business Context
![Page 21: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/21.jpg)
Automated Compensation Bridging between the IT and Security admins
Game changing IT/Security bridge scenarios
![Page 22: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/22.jpg)
![Page 23: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/23.jpg)
DEMO:Threat Vulnerability Management
![Page 24: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/24.jpg)
Data-driven security insights
Help you continuously improve your security posture by
decreasing attack surface in a very targeted way
![Page 25: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/25.jpg)
Machine learning
![Page 26: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/26.jpg)
![Page 27: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/27.jpg)
![Page 28: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/28.jpg)
![Page 29: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/29.jpg)
Early adopters are finding that Azure Sentinel reduces
threat hunting from hours to seconds.
![Page 30: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/30.jpg)
![Page 31: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/31.jpg)
AZURE AD PASSWORD PROTECTION
https://www.microsoft.com/en-
us/research/publication/password-
guidance/
https://pages.nist.gov/800-63-
3/sp800-63b.html
Passwordless
CRITICAL BEST PRACTICES
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview
• Azure AD reporting - Risk events are part of Azure AD's security reports.
For more information, see the users at risk security report and the risky sign-
ins security report.
• Azure AD Identity Protection - Risk events are also part of the reporting
capabilities of Azure Active Directory Identity Protection.
• Use the Identity Protection risk events API to gain programmatic access to
security detections using Microsoft Graph.
0. Do Nothing (Not Recommended)
![Page 32: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/32.jpg)
DEMO:Azure Sentinel
![Page 33: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/33.jpg)
Machine learning
Helps protect you by looking for what you cannot see
![Page 34: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/34.jpg)
Intelligent automation
![Page 35: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/35.jpg)
![Page 36: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/36.jpg)
![Page 37: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/37.jpg)
![Page 38: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/38.jpg)
DEMO:Workflow automation
![Page 39: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/39.jpg)
Intelligent automation
Helps you come to the right conclusion, fast, and helps
you respond & recover quickly
![Page 40: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/40.jpg)
Leveraging cloud scale
![Page 41: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/41.jpg)
![Page 42: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/42.jpg)
![Page 43: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/43.jpg)
![Page 44: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/44.jpg)
Security Dashboards
Deliver Rapid Insights into
Security State Across All
Workloads
API
![Page 45: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/45.jpg)
Microsoft Intelligent Security Graph
Knowledge of detections
shared
Knowledge of detections
shared
Knowledge of detections
shared
Azure ATP, Azure AD Identity Protection
Behavioral-based detection of
advanced credential theft attacks &
lateral movement, on premises &
cloud identities. Build automated
response policies based on
anomalous behavior.
Office 365 TI & AIR, Microsoft Secure Score, Threat Experts, Threat
AnalyticsInvestigate and respond to attacks
by seeing activity, correlating signals
and taking remediation actions –
manually or using automation.
Improve security posture and
educate users. Allow Microsoft
Threat Hunters to have your back,
Microsoft Defender ATP Exploit Guard & Antivirus
Protect against malicious files on
disk and in memory with advanced
local & cloud Machine Learning.
Hardening through Dynamic
Application Whitelisting,
Ransomware Protection and
outbound connection blocking.
Office 365 Advanced Threat Protection
Protect from dangerous links, phishing
attempts & malicious attachments.
Detect potential malicious
collaboration behavior
Microsoft Defender ATP Detection & Response, Auto Investigation & Remediation
Behavioral based detection of advanced
attacks on the endpoint using deeply
integrated sensors. AI-based investigation
and remediation
Graph Security API
Email attachment
Email message
1st and 3rd
party Threat Intelligence
added
Malicious File
Leverage SIEM connector options
to consume alerts
MO
NIT
OR
Microsoft Cloud App Security
Discover and assess risks, control
access in real time, protect your
information and detect and
protect against threats. Integrate
to uncover data exfiltration,
block unsanctioned cloud apps.
Conditional AccessProtect your data from
malicious hackers with a risk-
based conditional access policy
that can be applied to all apps
and all users, whether on-
premises or in the cloud
Microsoft Defender ATP SmartScreen, Firewall, Threat & Vulnerability
ManagementHelps protect against
phishing and malware
websites and malicious
downloads. Risk-driven
approach to the discovery,
prioritization, and
remediation of endpoint
vulnerabilities and
misconfigurations
![Page 46: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/46.jpg)
SIEMSecurity Incident Event
Management
MONITOR?
Microsoft Intelligent Security Graph
SOAR!
Azure SentinelSecurity Orchestration, Automation
& Response
Analytics
Correlation
Categorization
Normalizing
Cloud born SIEM
Better Integration
Graph API based
Fast Analytics
Security Data Lake
No Data on prem
Workflow automation
![Page 47: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/47.jpg)
Leveraging cloud scale
Ensures reduced complexity, lower TCO and always
enough capacity so you can absorb the blows
![Page 48: Data-driven security insights Machine Learning Intelligent Automation … · 2019-06-20 · Data-driven security insights help you continuously improve your security posture by decreasing](https://reader034.vdocuments.us/reader034/viewer/2022042311/5ed8cebe6714ca7f47689a3a/html5/thumbnails/48.jpg)
Data-driven security insightshelp you continuously improve your security posture by decreasing attack surface in a very targeted way
Machine Learninghelps protect you by looking for what you cannot see
Intelligent Automationhelps you come to the right conclusion, fast, and helps you respond & recover quickly
Cloud Scaleensures reduced complexity, lower TCO and always enough capacity so you can absorb the blows