.jpg?width=100&auto=webp&quality=80&disable=upscale "Picture of Richard Hay")
.jpg?width=400&auto=webp&quality=80&disable=upscale "Richard Hay")
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Microsoft's Cyber Defense Ops Center Shares Best Practices
Microsoft gets a birds eye view of the various types of cyber threats that happen around the world because of their vast cloud service portfolio, data centers that support those cloud services, and the customers using those services. That unique perspective allows the company to fine tune their approach to monitoring and responding to these threats each day.
2 Min Read
Microsoft Cyber Defense Operations Center (Image courtesy of Microsoft)
According to Microsoft, they have a view of the ever evolving cyberthreat landscape because of the fact they oversee more than 200 cloud based services, more than 100 datacenters, millions of devices, and over a billion customers around the globe.
All of this data and experience comes together in one place for Microsoft at the companies Cyber Defense Operations Center, CDOC for short, where they perform 24/7 monitoring to detect these cyber attacks in real time. This facility was opened in November 2015 and their automated platform can respond to a detected DDoS attack within 90 seconds while the team members work to mitigate the attack vector and sources.
"In the year since opening, we have advanced the policies and practices that accelerate the detection, identification and resolution of cybersecurity threats, and have shared our key learnings with the thousands of enterprise customers who have visited the CDOC. Today, we are sharing a Cyber Defense Operations Center strategy brief that details some of our best practices for how we Protect, Detect and Respond to cyberthreats in real time."
The company breaks down those three key areas of response for these cyberthreats like this:
Protect
Extensive monitoring and controls.
Software-defined networks.
Multifactor authentication.
Non-persistent administration using.
Proper hygiene.
Microsoft Malware Protection Center’s.
Threat modeling and attack surface analysis.
Classifying data.
Awareness training.
Detect
Monitoring network and physical environments.
Identity and behavioral analytics.
Machine learning.
Advanced analytical tools and processes.
Automated software-based processes.
Data scientists and security experts.
Respond
Automated response systems.
Well-defined, documented and scalable incident response processes.
Subject matter expertise.
Wide enterprise searching.
Deep forensic analysis.
Microsoft’s security software tools, automation and hyper-scale cloud infrastructure.
I am sure many of your organizations are looking to improve your own plans for dealing with any cyberthreats or other attacks against your own infrastructure so be sure to check out the full Cyber Defense Operations Center strategy brief (PDF, 1.88MB, and nine pages).
This document contains even more background and details about Microsoft's own experience and responses to attacks and other online threats.
----------
Looking for an awesome, no-nonsense technical conference for IT Pros, Devs, and Devops? Check out IT/Dev Connections!
Read more about:
MicrosoftAbout the Author
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
