News

'Experts on Demand' Now Available in Microsoft Threat Experts Service

Microsoft on Monday announced that its "experts on demand" security consulting service, part of its Threat Experts service, has reached the "general availability" (GA) commercial-release stage.

The Threat Experts managed detection and response security service was declared to be at the GA stage back in late April, according to Microsoft. However, the experts-on-demand component within it still remained at the preview stage back then. Microsoft Threat Experts also includes a second security service, called "targeted attack notifications," which is a messaging service that notifies organizations about detected threats, but it hit GA back in April.

The experts-on-demand capability lets an organization's security operations center (SOC) team send questions to Microsoft about suspicious network activities. In response, Microsoft may allow "the SOC to have a line of communication and consultation with Microsoft Threat Experts," per the announcement. In this case, by "Threat Experts," Microsoft literally means its security personnel, who get involved in discussing the incident.

Communications with these Microsoft security experts happens through the Windows Defender Security Center portal, per this Microsoft Threat Experts configuration document. Their advice consists of "insights into attacks, technical guidance on next steps, and advice on risk and protection." A response from Microsoft's security experts will happen "within two days." However, at that time, they may request more information or ask for file samples, or they may state whether the information was sufficient or if more time is needed.

Organizations wanting to use the Threat Experts service with its experts-on-demand and targeted attack notifications components need to be subscribed to the top-of-the-line Microsoft 365 E5 plan, which provides access to the Microsoft Defender Advanced Threat Protection (ATP) security service. Organizations with that licensing still need to apply to use the Threat Experts service. The application gets initiated by organizations using the Microsoft Defender ATP portal, Microsoft's configuration document explained.

It's possible to try out the experts-on-demand capability in the Threat Experts service. Organizations need to have Microsoft Defender ATP deployed. They get the "90-day free trial via the Microsoft Defender Security Center." Details are described in Microsoft's configuration document.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Azure Active Directory ID Protection 'Refresh' Now Available

    Microsoft's enhancements to the Azure Active Directory Identity Protection service are now said to be "generally available" (GA), or ready for commercial use, per a Wednesday announcement.

  • Microsoft Releases Windows 10 Version 1909

    Microsoft on Tuesday announced the release of Windows 10 version 1909, a new operating system product that's also known as the "Windows 10 November 2019 Update."

  • November Microsoft Security Bundle Addresses 75 Vulnerabilities

    Of that number, 13 vulnerabilities are rated "Critical" to patch, while 62 vulnerabilities are deemed "Important."

  • The Future of Office 365 Pricing

    With a raft of new Office 365 features in the pipeline, Microsoft also seems ready to change the way it bills its subscribers. Will it replicate Azure's pay-per-use model, or will it look like something else entirely?

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.