Common attacks and Microsoft capabilities that protect your organization

Have you seen these common attacks in your environment and wants to know how Microsoft protect your organization?

  • Attacker uses stolen credentials to gain access to the user’s files or to account and group management tools or access to a privileged service such as InfoSec systems like key management, configuration management, monitoring, backups, virtualization and others.
  • Attacker removes data from the environment.
  • Any employee clicks on a malicious link or opens a malicious file shared by the compromised user.
  • Attacker moves laterally, gaining access to cloud services and resources in the environment.
  • Malware changes signatures in a random timeframe using real company compromised code sign certificates
  • Automatic propagation that leave little time to react
  • Use multiple traversal techniques to try to fool protection systems
  • User uses an USB Device to copy data or User uses a cloud service to exfiltrate information or User uses wrong application to open or save documents at (IE: Partner app instead of Organization’s) or Personal Device was enrolled into the organization’s environment. After saving lots of data in the dev

I have attached a PDF document that has more attack scenarios like here and how Microsoft helps defend organizations. The document is a little old but helps you in quickly learning what solutions from Microsoft can come in handy for a particular type of attack. There are additional solutions also released recently by Microsoft which are not covered here.

Download the document from here – CloudSecurity_UseCases

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s