Jan. 10, 2024
On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Jeremy Dallman, Kimberly Ortiz, and Steve Ginty. Sherrod emphasizes the importance of understanding vulnerabilities before they're exploited in the wild and discusses the process of responding to security vulnerabilities, including identifying threat actors and the urgency of patch deployment, especially for vulnerabilities targeted by ransomware groups. The conversation also focuses on Security Copilot, a tool built on Microsoft's extensive threat intelligence, designed to make SOC analysts' work more accessible by providing immediate, relevant information on threats. This episode offers an insider's view on how these professionals track internal incident responses, share crucial intelligence with customers, and continuously evolve their processes to ensure swift, accurate delivery of threat intelligence. In this episode you’ll learn: -How collaborating with multiple MS teams enhances intel delivery -Interaction between Microsoft Defender Threat Intelligence and Security Copilot -Publishing actor profiles based on internal observations of techniques and procedures Some questions we ask: -How will the world of AI affect the role of threat intelligence? -What are you most excited about when it comes to AI in cybersecurity? -When do we share intel with customers, and has that process changed over the years? Resources: View Kimberly Ortiz on LinkedIn View Steve Ginty on LinkedIn View Jeremy Dallman on LinkedIn View Sherrod DeGrippo on LinkedIn MDTI: Now Anyone Can Tap Into Game-Changing Threat Intelligence The Future of Security with AI A Year in Intel: Highlights from Microsoft's Global Stand Against APTs The risk of trust: Social engineering threats and cyber defense Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.