Securing Office 365

Official blog of the Office 365 Security team

Defending Against Rules and Forms Injection

Over the last year, Office 365 security has been tracking an emergent attacker persistence mechanism...

Author: Brandon Koeller Date: 02/21/2018

Problem Overview Office 365 Security has been tracking an emergent threat to customer data in the...

Author: Brandon Koeller Date: 01/24/2018

Managing asset inventory in Office 365

In Office 365, servers are continuously provisioned and destroyed as the service is upgraded and...

Author: Matt Swann - MSFT Date: 12/21/2017

Using Frequency Analysis to Defend Office 365

As security threats evolve, so must defense. In Office 365, we have engineering teams dedicated to...

Author: Evan Zheng [MSFT] Date: 09/17/2017

Mitigating Client External Forwarding Rules with Secure Score

Client created rules, that Auto-Forward email from users mailboxes to an external email address, are...

Author: Stu-Clark Date: 07/25/2017

Hidden Treasure: Intrusion Detection with ETW (Part 2)

In our last post, we discussed how Event Tracing for Windows (ETW) provides a wealth of knowledge in...

Author: Zac Brown [MSFT] Date: 05/09/2017

DNS Intrusion Detection using Dnsflow

In the DNS Intrusion Detection in Office 365 post we introduced strategies implemented in Office 365...

Author: Amar Shroff Date: 04/25/2017

DNS Intrusion Detection in Office 365

In Office 365, we are committed to protecting our customer's data. We implement and exercise...

Author: Amar Shroff Date: 04/18/2017

Hidden Treasure: Intrusion Detection with ETW (Part 1)

Today’s defenders face an increasing obstacle with information asymmetry. With the advent of...

Author: Zac Brown [MSFT] Date: 04/11/2017

Defending Office 365 with Graph Analytics

In Office 365, we are continually improving the detection and response systems that safeguard your...

Author: Matt Swann - MSFT Date: 03/13/2017

Using the Office 365 Secure Score API

The Office 365 Security Engineering team is pleased to announce the availability of the Office 365...

Author: Brandon Koeller Date: 02/10/2017

New Security Analytics Service: Finding and Fixing Risk in Office 365

Microsoft is pleased to announce the preview availability of a new security analytics service called...

Author: Brandon Koeller Date: 08/03/2016

Finding Illicit Activity The Old Fashioned Way

Finding bad guys doing bad things in your cloud services is a hard thing to do under even the best...

Author: Brandon Koeller Date: 05/26/2016

How to Deal with Ransomware

What is Ransomware? Ransomware is a type of malware or virus that prevents user access to devices,...

Author: Alexs Pena Date: 04/06/2016

Addressing Your CxO's Top Five Cloud Security Concerns

Overview and the Kill Chain Customers frequently ask us how they can defend their Office365 tenancy....

Author: Brandon Koeller Date: 03/15/2016

How to review and mitigate the impact of phishing attacks in Office 365

As we mentioned in our one of our previous posts, many of the security support escalations we...

Author: Alexs Pena Date: 03/02/2016

Using Office 365 activity data to improve your Cybersecurity stance and capability

Overview and Contents As an Office 365 customer and tenant administrator, you have access to a wide...

Author: Jabols Date: 02/12/2016

How to fix a compromised (hacked) Microsoft Office 365 account

One of the most common security support requests we receive from our Office 365 customers is for...

Author: Alexs Pena Date: 12/16/2015