At today's Ignite 2018 conference, Microsoft announced a new end-to-end security solution called Microsoft Threat Protection. Microsoft Threat Protection is designed to provide a view of an organization's overall threat landscape so that administrators can easily spot new threats and attacks.

Microsoft Threat Protection Service
Microsoft Threat Protection Service

"We are building on what we learned with Office, Azure, and Windows Advanced Threat Protection services and are bringing them togetherinto one integrated Microsoft Threat Protection experience." stated Frank X. Shaw, Corporate Vice President, Communications for Microsoft.

Microsoft Threat Protection will pull the data from Office 365 Threat Intelligence, Azure Active Directory Identity Protection, and Windows Advanced Threat Protection and combine them into one centralized dash board.

As part of the Threat Protection service, artificial intelligence will be used to detect known threats and discover new ones. The AI will then offer solutions that administrators can use to mitigate detected threats.

The Threat Protection dashboard

The Threat Protection dashboard is broken up into different cards that provide information about active threats, resolved incidents, and what users, devices, and email accounts are at most risk. 

The most prominent card is called "Your active incidents" and lists security threats that have been recently detected. You can see a portion of the active incidents card below, which shows threats such as detected phishing campaigns, suspicious PowerShell activity, and Golden Ticket attacks.

Active incidents
Active incidents

As administrators resolve these issues, they will also appear in the "Your resolved incidents" card as shown in the image below.

Resolved Incidents
Resolved Incidents card

The Detection section includes three cards that are equally important as they narrow down to users, devices, and email accounts that may be at particular risk from an active threat.

Detection Section of the Threat Protection Service
Detection section of the Microsoft Threat Protection service

The dashboard also includes an RSS feed section that can be used to aggregate security news from various sources so that administrators can stay up-to-date with the latest threats.

Having a birds eye view of an organizations security landscape is an important tool for any administrator as it allows them to monitor threats from once place rather than utilizing different dashboards for each service.

Related Articles:

Windows 10 Cumulative and Compatibility Updates Released

Known Problems & Fixes for October 2018 Windows 10 Updates

Windows 10 Audio Not Working After Installing Latest Windows Updates

Microsoft Fix for Windows JET Database Bug Not Perfect, Micropatch Available

HP PCs Getting WDF_VIOLATION BSOD After Installing Windows 10 Updates