You're reading from Mastering Microsoft Defender for Office 365 Streamline Office 365 security with expert tips for setup, automation, and advanced threat hunting

Product type Paperback

Published in Sep 2024

Publisher Packt

ISBN-13 9781835468289

Length 426 pages

Edition 1st Edition

Tools

Office 365

Concepts

Cybersecurity

Author (1):

Samuel Soto

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1 – Introduction and Basic Configuration FREE CHAPTER

2. Chapter 1: The Security Wild West

3. Chapter 2: Basic Components of Defender for Office 365

4. Chapter 3: Basic Checks and Balances

5. Chapter 4: Basics of Configuration

6. Part 2 - Day-to-Day Operations

7. Chapter 5: Common Troubleshooting

8. Chapter 6: Message Quarantine Procedures

9. Chapter 7: Strengthening Email Security

10. Chapter 8: Catching What Passed the Initial Controls

11. Chapter 9: Incidents and Security Operations

12. Part 3 – Making the Tool Work for Your Organization

13. Chapter 10: Magnifying the Unseen – Threat Intelligence and Reports

14. Chapter 11: Integration and Artificial Intelligence

15. Chapter 12: User Awareness and Education

16. Index

Why subscribe?

17. Other Books You May Enjoy

How Defender for Office 365 could have averted famous attacks

Let’s examine notable attacks that involved attack vectors targeted by Defender for Office 365. Although it would be unwise to claim that a single tool could have prevented these attacks, it is crucial to assess its potential positive influence on the outcome of the attack.

Democratic National Committee email hack

In 2016, the Democratic National Committee (DNC) noticed some unusual activity in its email systems. They hired a cybersecurity firm, CrowdStrike, for incident response and investigation support. This investigation led to the discovery of two state-sponsored hacking groups, Cozy Bear (APT29) and Fancy Bear (APT28), involved in the breach.

Attack vector

To breach the DNC’s network, the attackers mainly relied on spear-phishing emails. These emails mimicked legitimate ones and often contained malicious attachments or links. The attackers could install malware on the computers of the DNC...