TTPs - 1

2026 (1)

January (1)

security: Turning threat reports into detection insights with AI

Microsoft Security Blog

2026-01-29

The Microsoft Security Blog describes an AI-assisted workflow that converts lengthy incident reports and threat writeups into actionable detections by automatically extracting TTPs, mapping them to existing detection coverage, and flagging gaps — completing in minutes instead of days while preserving human expert review.

2025 (1)

August (1)

security: Storm-0501’s evolving techniques lead to cloud-based ransomware

Microsoft Security Blog

2025-08-27

Microsoft reports that financially motivated threat actor Storm-0501 has shifted from deploying on-premises endpoint ransomware toward cloud-based ransomware tactics, increasingly focusing on cloud-specific TTPs after previously targeting hybrid cloud environments.