Just before the RSA Conference, we announced the cloud-abased SOC we call Azure Sentinel.
With all the noise and excitement which we had around this, another important announcement got kind of lost, even though it is at least as impactful: I am talking of Microsoft Threat Experts. To quote the announcement:
Microsoft Threat Experts enables SOCs to jump-start threat investigations by providing context-rich intelligence. This release of the service includes 2 capabilities:
Targeted attack notifications: Alerts that are tailored to organizations provide as much information as can be quickly delivered to bring attention to critical threats in their network, including the timeline, scope of breach, and the methods of intrusion.
Experts on demand: When a threat exceeds the SOC’s capability to investigate, or when more actionable information is needed, security experts provide technical consultation on relevant detections and adversaries. In cases where a full incident response becomes necessary, seamless transition to Microsoft incident response (IR) services is available.
Additionally, you can watch the video:
You should basically read the whole announcement: Announcing Microsoft Threat Experts