MS Detects 5 Billion Cybersecurity Threats on Devices a Month

About Microsoft Defender Advanced Threat Protection

According to the statement from Microsoft, it is executing on the Microsoft Threat Protection’s “version”. It is built on the Microsoft Intelligent Security Graph which can offer users all-encompassing security service.

Microsoft Defender Advanced Threat Protection (ATP) is a better-known brand, but it is just a part of the Threat Protection stable which contains the recently launched Azure Sentinel managed SIEM service, Azure ATP, Azure Security Center, Microsoft Defender ATP, Office 365 ATP, Microsoft Cloud App Security, and Azure Active Directory (AD).

Windows Defender ATP Improves Threat Protection Ability

Windows Defender ATP has improved its threat protection ability so as to provide better protection for the computer and data.

Read More

Actually, a lot of Threat Protection services are supplied in subscription bundles for top enterprise customers of the graph database powered Microsoft 365 package, just like the recently released Microsoft 365 Identity & Threat Protection bundle which covers Microsoft Threat Protection, Microsoft Cloud APP Security and Azure AD.

In June, 2018, Microsoft announced its Threat Protection and it gave a snapshot of the volume of files sources which feed into the security graph from Outlook, OneDrive, Azure, Xbox Live, Windows, Bing, and Microsoft Accounts.

From then on, Microsoft has been sharing monthly updates on the “evolution” of Threat Protection. However, now the corporate vice president of Microsoft Security, Rob Lefferts, says that the company is “executing” on its vision and has shared various new figures.

Security Graph: Changed and Unchanged

The underlying security graph on some data source has grown largely over the past year. But some other sources only have little change for some reasons.

Now, the company says that it has analyzed 470 billion emails from Outlook. But this number was 400 billion one year ago. Also, this company is scanning over one billion Azure user accounts, and this number was 750 million Azure user accounts this time last year.

Authentications on Microsoft accounts scanned each month are also increased from 450 billion last year to 630 billion now.

Although there are so many changes, some things keep unchanged. Microsoft is still scanning 1.2 billion machines and detecting 5 billion cybersecurity threats on devices a month. Reportedly, it is still picking up and analyzing 6.5 trillion threats signals daily. It still scans over 180 billion Bing pages.

The key point of the graph-based intelligence is to connect the dots between numerous signals so as to develop the threat alerts and offer organizations with a clearer image of attacks which are underway like a phishing attack which can be the targeting machines, email accounts or which could come through the web.

Over the last year, Microsoft analyzed 300,000 phishing campaigns and 8 million business email compromise (BEC) attempts. These statistical data comes from Office 365 security analysts.

According to the figures come from the FBI, the BEC scams have become the largest source of losses for organizations at present.

[SOLVED] Windows Defender Not Turning on in Windows 11/10/8/7

Troubled by Windows Defender not turning on? Here are full solutions to repair Windows Defender in Windows 11/10/8/7 and the best way for PC protection.

Read More

The figures from the FBI shows that BEC scams have become the largest source of losses foe organizations now. It also estimates that the US enterprises alone lost $1.3bn to the scam last year. This figure almost doubles the figure swindled from US firms in 2017, and 10 times the amount they collectively lost in 2016. 

Still in 2018, Threat Protection blocked 5 billion phishing emails. In addition, every month, it detects 2 million incidents where attackers are attempting lateral movement in the already compromised organization.

Every month, it can detect 72 million vulnerabilities and 123 million weak security configurations, as well as block 14 million malicious sign-in attempts every year.

Last month, Microsoft launched a new Microsoft Threat Protection website where it showcases the Automated Incident response capabilities for SecOps teams, Azure Sentinel, and its human-powered Microsoft Threat Experts service.