Microsoft Defender Experts for Hunting, our newest managed threat hunting service, delivered industry-leading results during the inaugural MITRE Engenuity ATT&CK® Evaluations for Managed Services.
We provided a seamless, comprehensive, and rapid response to the simulated attack using expert-led threat hunting and an industry-leading extended detection and response (XDR) platform—Microsoft 365 Defender. This evaluation showcased our service’s strength in the following areas:
In-depth visibility and analytics across all stages of the attack chain. Comprehensive managed hunting. Seamless alert prioritization and consolidation into notifications for the security operations center (SOC). Tailored hunting guidance and advanced hunting queries (AHQ) to optimize investigations. Frequently updated and customized recommendations for rapid containment and remediation. Threat actor attribution with tactics, techniques, and procedures (TTP) context. Technology powered by a team of expert hunters and a customer-centric approach. Commitment to managed extended detection and response (MXDR) partners running on Microsoft 365 Defender. In-depth visibility and analytics across all stages of the attack chain
Figure 1. Microsoft Defender Experts for Hunting coverage. Fully reported—including initial access, execution, persistence, credential access, lateral movement, and collection—reflects 100 percent acceptance of evidence submission. Majority reported—including defense evasion, discovery, exfiltration, and command and control—reflects some gaps in evidence acceptance.
Comprehensive managed hunting
Microsoft Defender Experts for Hunting team identified all threats and provided a cohesive attack timeline with remediation guidance.
From the early stages of the intrusion, our hunters alerted the customer that a malicious archive masquerading as marketing materials was potentially part of a
Read more