Exam Ref SC-200 Microsoft Security Operations Analyst

Chapter 1 Mitigate threats using Microsoft 365 Defender

In recent years, the proliferation of endpoint protection, detection, and response technologies enabled security operations teams to gain better visibility into attacks that target endpoints. This is one reason that dwell time—the measurement of time between the start of an incident and when a security operations team detects the intrusion—has decreased from a 78-day median in 2019 to 56 days in 2020 (Source: FireEye 2020 M-Trends). Unfortunately, this trend also encouraged malicious actors to increase their use of other attack vectors, such as email, cloud applications, and identities. These additional attack vectors pressure security teams to cover more ground in these additional domains, ...

Get Exam Ref SC-200 Microsoft Security Operations Analyst now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Exam Ref SC-200 Microsoft Security Operations Analyst by Yuri Diogenes, Jake Mowrer, Sarah Young

Chapter 1

Mitigate threats using Microsoft 365 Defender

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly