Is your cloud integration security keeping your IT team up at night?
The release of the Microsoft Graph Security API has completely changed our integration efforts. Improve security by connecting solutions, Build more intelligent security apps, Stream alerts to your SIEM, Build automated security workflows without writing code & Empower a security ecosystem.
Start with a secure foundation
Take advantage of multi-layered security provided by Microsoft across physical datacenters, infrastructure, and operations in Azure. Gain from the state-of-art security delivered in Azure data centers globally. Rely on a cloud that is built with customized hardware, has security controls integrated into the hardware and firmware components, and added protections against threats such as DDoS.
Microsoft Graph Security API
Advanced security with Intelligent Security Graph
Digital transformation is dissolving network boundaries and expanding the attack surface to new devices, users, applications, and platforms.
Microsoft Reports
69%
Of enterprises also have multi cloud/hybrid IT environments today
96%
Of malware is seen only once
$3.62M
Is the average cost of a data breach
The Intelligent Security Graph uses advanced analytics to link a massive amount of threat intelligence and security data from Microsoft and partners to combat cyberthreats. Insights from the Intelligent Security Graph power real-time threat protection in Microsoft products and services.
How Graph Security Works
1. Detecting and remediating phishing attempts
The attack
A user receives a well-disguised phishing email on a personal email account and opens the attachment, infecting the machine with malware.
The identification
Windows Defender ATP detects unusual activity on the device, alerts the customer, and shares information about the suspected malware via the Intelligent Security Graph.
The action
Office 365 begins to block this attachment and remove the file from all other mailboxes.
The mitigation
Windows Defender ATP initiates an automated investigation on all protected devices to determine if other machines have been affected and takes action to remove the malware.
2. Identifying and blocking malicious content on the web
The attack
A user clicks on webpage link that lures him/her to a dangerous part of the web or to download malicious software.
The identification
Windows Defender SmartScreen and Application Control query the Intelligent Security Graph to determine if link and/or application is safe.
The action
If the reputation of either is not good, the user is either blocked or warned.
The mitigation
Intelligence about a new malicious website content is processed by the Intelligent Security Graph within minutes of it showing up on the web.
3. Detecting advanced threats
The attack
Azure Security Center detects an application on a virtual machine that may be masquerading as a common application and an authorized user.
The identification
It links insights from Active Directory Information Protection about users who have recently accessed the machine.
The action
By querying the Intelligent Security Graph, Security Center sees that the machine is communicating with a malicious IP address, likely connecting to a control center or exfiltrating data.
The mitigation
That single incident provides the customer with all of the data they need to remediate the threat.
Security in Billions – Intelligence
Big data is transforming how security experts defend against cyberattacks.
API layer for integration
The Security Graphic API provides a unified gateway to access and act on security insights across Microsoft and partner solutions. Developers can leverage the Security Graph to build intelligent security services that:
- Integrate and correlate security alerts from multiple sources
- Unlock contextual data to inform investigations
- Automate SecOps for greater efficiency
How we can help
folio1 helps businesses innovate through transformational technology that places the emphasis on keeping confidential data under lock and key.
Key areas
- Implermentation of Microsoft Security API Graph
- Minimise unscheduled downtime across API integration
- Set-up of monitoring with real-time alerts
- Multiple layers of protection with built-in redundancy
- Centralised administration of user access rights
- Azure Sentinel Cloud-Native Services Solution SIEM
- Secure your interests with SLA management and support
Are you ready to do what’s necessary to protect your business?
Find out how we can help. Or fill in the form to book your free consultation.
folio1 is a specialist cloud solution partner with Microsoft Azure services. Partnering with industry leaders to provide end to end solutions.
Book your free consultation
Azure Services