Back to updates

Security Operations - 1

2026 (4)

February (3)

security: Unify now or pay later: New research exposes the operational cost of a fragmented SOC

Microsoft Security Blog

2026-02-17

Microsoft and Omdia report that fragmented security tooling and workflows are increasing SOC operational strain and contributing to overload.

security: The strategic SIEM buyer’s guide: Choosing an AI-ready platform for the agentic era

Microsoft Security Blog

2026-02-11

Microsoft Security Blog published a post promoting a new buyer’s guide for selecting a unified, AI-ready SIEM platform aimed at supporting “agentic” AI-era security operations.

security: The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD

Microsoft Security Blog

2026-02-05

Microsoft explains that many incidents stem from inconsistent implementation of known security controls and describes its support for Operation Winter SHIELD to help organizations close this “implementation gap.”

January (1)

security: Turning threat reports into detection insights with AI

Microsoft Security Blog

2026-01-29

The Microsoft Security Blog describes an AI-assisted workflow that converts lengthy incident reports and threat writeups into actionable detections by automatically extracting TTPs, mapping them to existing detection coverage, and flagging gaps — completing in minutes instead of days while preserving human expert review.

2025 (4)

November (1)

security: Charting the future of SOC: Human and AI collaboration for better security

Microsoft Security Blog

2025-11-25

Microsoft describes its experience building autonomous AI agents for managed detection and response (MDR) and argues that GenAI-powered security operations centers (SOCs) will reshape how humans and AI collaborate to improve detection, investigation, and response.

October (2)

security: Disrupting threats targeting Microsoft Teams

Microsoft Security Blog

2025-10-07

Microsoft highlights that threat actors are abusing Microsoft Teams features across the attack chain and urges defenders to proactively monitor, detect, and respond. The blog recommends layered countermeasures and optimal controls across identity, endpoints, data and app protection, and network controls to better protect enterprise Teams users.

security: Microsoft named a Leader in the IDC MarketScape for XDR

Microsoft Security Blog

2025-10-02

Microsoft was named a Leader in IDC’s inaugural Worldwide Extended Detection and Response (XDR) Software MarketScape for 2025, recognized for its deep integration, intelligent automation, and unified security operations solutions, as reported on the Microsoft Security Blog.

September (1)

security: Empowering defenders in the era of agentic AI with Microsoft Sentinel

Microsoft Security Blog

2025-09-30

Microsoft Sentinel is expanding into an agentic security platform: the Sentinel data lake is generally available, and Sentinel graph plus the Sentinel Model Context Protocol (MCP) server are available in public preview to enable richer data, graph-based analysis, and model-aware agentic workflows for defenders.