www.microsoft.com
Open in
urlscan Pro
2600:141b:1c00:128a::356e
Public Scan
Submitted URL: https://www.riskiq.com/
Effective URL: https://www.microsoft.com/en-us/security/business/siem-and-xdr/microsoft-defender-threat-intelligence
Submission: On January 03 via api from US — Scanned from US
Effective URL: https://www.microsoft.com/en-us/security/business/siem-and-xdr/microsoft-defender-threat-intelligence
Submission: On January 03 via api from US — Scanned from US
Form analysis 1 forms found in the DOM
Name: searchForm — GET https://www.microsoft.com/en-us/security/site-search
<form class="c-search" autocomplete="off" id="searchForm" name="searchForm" role="search" action="https://www.microsoft.com/en-us/security/site-search" method="GET" data-seautosuggest=""
data-seautosuggestapi="https://www.microsoft.com/msstoreapiprod/api/autosuggest"
data-m="{"cN":"GlobalNav_Search_cont","cT":"Container","id":"c3c1c9c4c1m1r1a1","sN":3,"aN":"c1c9c4c1m1r1a1"}" aria-expanded="false">
<input id="cli_shellHeaderSearchInput" aria-label="Search Expanded" aria-autocomplete="list" aria-expanded="false" aria-controls="universal-header-search-auto-suggest-transparent" aria-owns="universal-header-search-auto-suggest-ul" type="search"
name="q" role="combobox" placeholder="Search Microsoft Security" data-m="{"cN":"SearchBox_nav","id":"n1c3c1c9c4c1m1r1a1","sN":1,"aN":"c3c1c9c4c1m1r1a1"}" data-toggle="tooltip"
data-placement="right" title="Search Microsoft Security">
<button id="search" aria-label="Search Microsoft Security" class="c-glyph" data-m="{"cN":"Search_nav","id":"n2c3c1c9c4c1m1r1a1","sN":2,"aN":"c3c1c9c4c1m1r1a1"}"
data-bi-mto="true" aria-expanded="false" disabled="disabled">
<span role="presentation">Search</span>
<span role="tooltip" class="c-uhf-tooltip c-uhf-search-tooltip">Search Microsoft Security</span>
</button>
<div class="m-auto-suggest" id="universal-header-search-auto-suggest-transparent" role="group">
<ul class="c-menu" id="universal-header-search-auto-suggest-ul" aria-label="Search Suggestions" aria-hidden="true" data-bi-dnt="true" data-bi-mto="true" data-js-auto-suggest-position="default" role="listbox" data-tel="jsll"
data-m="{"cN":"search suggestions_cont","cT":"Container","id":"c3c3c1c9c4c1m1r1a1","sN":3,"aN":"c3c1c9c4c1m1r1a1"}"></ul>
<ul class="c-menu f-auto-suggest-no-results" aria-hidden="true" data-js-auto-suggest-postion="default" data-js-auto-suggest-position="default" role="listbox">
<li class="c-menu-item"> <span tabindex="-1">No results</span></li>
</ul>
</div>
</form>Text Content
Trace Id is missing
Skip to main content
Microsoft
Microsoft Security
Microsoft Security
Microsoft Security
* Home
* Solutions
* Cloud security
* Cloud workload protection
* Data security
* Frontline workers
* Identity & network access
* Identity threat detection & response
* Industrial & critical infrastructure
* Information protection & governance
* IoT security
* Passwordless authentication
* Phishing
* Ransomware
* Risk management
* Secure remote work
* Small & medium business
* XDR
* XDR + SIEM
* Zero Trust
* Products
* Product families Product families
* Microsoft Defender
* Microsoft Entra
* Microsoft Intune
* Microsoft Priva
* Microsoft Purview
* Microsoft Sentinel
* Security AI Security AI
* Microsoft Security Copilot
* Identity & access Identity & access
* Microsoft Entra ID (Azure Active Directory)
* Microsoft Entra External ID
* Microsoft Entra ID Governance
* Microsoft Entra ID Protection
* Microsoft Entra Internet Access
* Microsoft Entra Private Access
* Microsoft Entra Permissions Management
* Microsoft Entra Verified ID
* Microsoft Entra Workload ID
* Microsoft Entra Domain Services
* Azure Key Vault
* SIEM & XDR SIEM & XDR
* Microsoft Sentinel
* Microsoft Defender for Cloud
* Microsoft Defender XDR
* Microsoft Defender for Endpoint
* Microsoft Defender for Office 365
* Microsoft Defender for Identity
* Microsoft Defender for Cloud Apps
* Microsoft Defender Vulnerability Management
* Microsoft Defender Threat Intelligence
* Cloud security Cloud security
* Microsoft Defender for Cloud
* Microsoft Defender Cloud Security Posture Mgmt
* Microsoft Defender External Attack Surface Management
* Azure Firewall
* Azure Web App Firewall
* Azure DDoS Protection
* GitHub Advanced Security
* Endpoint security & management Endpoint security & management
* Microsoft Defender for Endpoint
* Microsoft Defender XDR
* Microsoft Intune core capabilities
* Microsoft Intune Endpoint Privilege Management
* Microsoft Intune Remote Help
* Microsoft Defender for IoT
* Microsoft Defender for Business
* Microsoft Defender Vulnerability Management
* Risk management & privacy Risk management & privacy
* Microsoft Purview Insider Risk Management
* Microsoft Purview Communication Compliance
* Microsoft Purview eDiscovery
* Microsoft Purview Compliance Manager
* Microsoft Purview Audit
* Microsoft Priva Risk Management
* Microsoft Priva Subject Rights Requests
* Information protection Information protection
* Microsoft Purview Information Protection
* Microsoft Purview Data Lifecycle Management
* Microsoft Purview Data Loss Prevention
* Services
* Microsoft Security Experts
* Microsoft Defender Experts for XDR
* Microsoft Defender Experts for Hunting
* Microsoft Incident Response
* Microsoft Security Services for Modernization
* Partners
* Resources
* Get started Get started
* Cybersecurity awareness
* Customer stories
* Security 101
* Product trials
* How we protect Microsoft
* Reports and analysis Reports and analysis
* Industry recognition
* Microsoft Security Insider
* Microsoft Digital Defense Report
* Security Response Center
* Community Community
* Microsoft Security Blog
* Microsoft Security Events
* Microsoft Tech Community
* Documentation and training Documentation and training
* Documentation
* Technical Content Library
* Training & certifications
* Cyberattack support Cyberattack support
* Under attack?
* Additional sites Additional sites
* Compliance Program for Microsoft Cloud
* Microsoft Trust Center
* Security Engineering Portal
* Service Trust Portal
* Microsoft built in security
* Contact Sales
* More
* Start free trial
*
*
*
* All Microsoft
* GLOBAL
* Microsoft Security
* Azure
* Dynamics 365
* Microsoft 365
* Microsoft Teams
* Windows 365
* Tech & innovation Tech & innovation
* Microsoft Cloud
* AI
* Azure Space
* Mixed reality
* Microsoft HoloLens
* Microsoft Viva
* Quantum computing
* Sustainability
* Industries Industries
* Education
* Automotive
* Financial services
* Government
* Healthcare
* Manufacturing
* Retail
* All industries
* Partners Partners
* Find a partner
* Become a partner
* Partner Network
* Find an advertising partner
* Become an advertising partner
* Azure Marketplace
* AppSource
* Resources Resources
* Blog
* Microsoft Advertising
* Developer Center
* Documentation
* Events
* Licensing
* Microsoft Learn
* Microsoft Research
* View Sitemap
Search Search Microsoft Security
* No results
Cancel
Sign in
MICROSOFT DEFENDER THREAT INTELLIGENCE
Unmask and neutralize modern adversaries and cyberthreats such as ransomware.
Contact Sales
Contact Sales to start a free trial or explore licensing options.
ONE AI-POWERED PLATFORM. FASTER CYBERDEFENSE.
Take on cyberthreats in minutes. Protect every layer of your environment with a
unified security operations platform embedded with Microsoft Security Copilot.
Read the announcements
MICROSOFT DEFENDER THREAT INTELLIGENCE
* Contact Sales
Microsoft Defender Threat Intelligence
* Contact Sales
UNCOVER YOUR ADVERSARIES
Expose and eliminate modern cyberthreats and their infrastructure using dynamic
threat intelligence.
IDENTIFY CYBERATTACKERS AND THEIR TOOLS
Understand your adversaries and their online infrastructures to identify your
potential cyberthreat exposures using a complete map of the internet.
ACCELERATE CYBERTHREAT DETECTION AND REMEDIATION
Discover the full scope of a cyberattack. Understand an online adversary’s
entire toolkit, prevent access by all their machines and known entities, and
continuously block IP addresses or domains.
ENHANCE YOUR SECURITY TOOLS AND WORKFLOWS
Extend the reach and visibility of your existing security investments. Gain more
context and understanding of cyberthreats by using powerful, raw threat
intelligence from your security tools.
MICROSOFT DEFENDER THREAT INTELLIGENCE
Learn how Defender Threat Intelligence enables security professionals to
directly access, ingest, and act upon our powerful repository of threat
intelligence built from 65 trillion signals and over 10,000 multidisciplinary
experts worldwide.
Watch the video
CAPABILITIES
Uncover and help eliminate cyberthreats with Defender Threat Intelligence.
Get continuous cyberthreat intelligence Expose adversaries and their methods
Enhance alert investigations Accelerate incident response Hunt cyberthreats as a
team Expand prevention and improve security posture
Previous Next
GET CONTINUOUS CYBERTHREAT INTELLIGENCE
Get a complete view of the internet and track day-to-day changes. Create threat
intelligence for your own business to understand and reduce exposure.
EXPOSE ADVERSARIES AND THEIR METHODS
Understand the group behind an online cyberattack, their methods, and how they
typically operate.
ENHANCE ALERT INVESTIGATIONS
Enrich Microsoft Sentinel and Microsoft Defender XDR incident data with finished
and raw threat intelligence to understand and uncover the full scale of a
cyberthreat or cyberattack.
ACCELERATE INCIDENT RESPONSE
Investigate and remove malicious infrastructure such as domains and IPs and all
the known tools and resources operated by a cyberattacker or cyberthreat family.
HUNT CYBERTHREATS AS A TEAM
Easily collaborate on investigations across teams using the Defender Threat
Intelligence workbench and share knowledge of cyberthreat actors, tooling, and
infrastructure with Intel Profiles.
EXPAND PREVENTION AND IMPROVE SECURITY POSTURE
Automatically uncover malicious entities and help stop outside cyberthreats by
blocking internal resources from accessing dangerous internet resources.
Back to tabs
DISCOVER NEW INTEGRATIONS WITH MICROSOFT SECURITY COPILOT
Use natural language queries to summarize investigations and explore built-in
threat intelligence with Microsoft Security Copilot, now in early access.
Read the announcement Learn more about Security Copilot
HOW MICROSOFT DEFENDER THREAT INTELLIGENCE WORKS
Microsoft tracks more than 65 trillion signals daily, helping security teams
identify vulnerabilities with greater efficacy and stay ahead of today's
cyberthreats.
Microsoft Defender Threat Intelligence is a complete cyberthreat intelligence
platform. It helps security professionals analyze and act upon signals collected
from the internet by a global collection network and processed by security
experts and machine learning. These data sets show the infrastructure
connections across the global cyberthreat landscape, uncovering an
organization’s vulnerabilities and enabling teams to investigate the tools and
systems used in cyberattacks. Defender Threat Intelligence provides external
context for internal security incidents via SIEM and XDR capabilities in
Microsoft Sentinel and Microsoft Defender XDR.
More about the diagram
UNIFIED SECURITY OPERATIONS PLATFORM
Secure your digital estate with the only security operations (SecOps) platform
that unifies the full capabilities of extended detection and response (XDR) and
security information and event management (SIEM).
Unified portal Microsoft Defender XDR Microsoft Sentinel
Previous Next
Animation of microsoft defender dashboard homepage
UNIFIED PORTAL
Detect and disrupt cyberthreats in near real time and streamline investigation
and response.
Learn more about Microsoft unified XDR and SIEM
MICROSOFT DEFENDER XDR
Achieve unified security and visibility across your clouds, platforms, and
endpoints.
Learn more about Microsoft Defender XDR
MICROSOFT SENTINEL
Aggregate security data and correlate alerts from virtually any source with
cloud-native SIEM.
Learn more about Microsoft Sentinel
Back to tabs
EXPLORE DEFENDER THREAT INTELLIGENCE LICENSES
DEFENDER THREAT INTELLIGENCE—FREE VERSION
Use the free version of Defender Threat Intelligence to address global
cyberthreats.
Learn more
Included in Microsoft Defender XDR
* Free version includes:
* Public indicators of compromise (IOCs)
* Open-source intelligence (OSINT)
* Common vulnerabilities and exposures (CVEs) database
* Articles and analysis from Microsoft Threat Intelligence (limited1)
* Defender Threat Intelligence datasets (limited2)
* Intelligence Profiles (limited3)
DEFENDER THREAT INTELLIGENCE—PREMIUM VERSION
Get full access to the operational, strategic, and tactical intelligence in the
Defender Threat Intelligence content library and investigative workbench.
Contact Sales
* Premium version includes:
* Public indicators of compromise (IOCs)
* Open-source intelligence (OSINT)
* Common vulnerabilities and exposures (CVEs) database
* Articles and analysis from Microsoft Threat Intelligence
* Defender Threat Intelligence datasets
* Intelligence Profiles
* Microsoft IOCs
* Microsoft-enriched OSINT
* URL and file intelligence
RELATED PRODUCTS
Use best-in-class Microsoft security products to help prevent and detect
cyberattacks across your organization.
Learn more
MICROSOFT SENTINEL
See and stop cyberthreats across your entire enterprise with intelligent
security analytics.
Learn more
MICROSOFT DEFENDER FOR CLOUD
Increase protection in your multicloud and hybrid environments.
Learn more
MICROSOFT DEFENDER EXTERNAL ATTACK SURFACE MANAGEMENT
Understand your security posture beyond the firewall.
Learn more
ADDITIONAL RESOURCES
Announcement
READ THE CYBERTHREAT INTELLIGENCE BLOG
Learn about the new cyberthreat intelligence offerings from Microsoft.
Learn more
Infographic
HELP PROTECT YOUR BUSINESS WITH CYBERTHREAT INTELLIGENCE
Learn how to use internet threat intelligence to protect your organization
against cyberattacks.
Learn more
Documentation
BEST PRACTICES AND IMPLEMENTATION
Get started with cyberthreat intelligence solutions for your organization today.
Learn more
Blog
VISIT THE MICROSOFT DEFENDER THREAT INTELLIGENCE BLOG
Learn from Defender Threat Intelligence experts, see what's new, and let us hear
from you.
Learn more
PROTECT EVERYTHING
Make your future more secure. Explore your security options today.
Contact Sales
* [1] Get OSINT and access select featured articles.
* [2] Get the most recent two weeks of select datasets.
* [3] Preview select Intel Profiles.
FOLLOW MICROSOFT 365
*
*
*
What's new
* Surface Laptop Studio 2
* Surface Laptop Go 3
* Surface Pro 9
* Surface Laptop 5
* Surface Studio 2+
* Copilot in Windows
* Microsoft 365
* Windows 11 apps
Microsoft Store
* Account profile
* Download Center
* Microsoft Store support
* Returns
* Order tracking
* Certified Refurbished
* Microsoft Store Promise
* Flexible Payments
Education
* Microsoft in education
* Devices for education
* Microsoft Teams for Education
* Microsoft 365 Education
* How to buy for your school
* Educator training and development
* Deals for students and parents
* Azure for students
Business
* Microsoft Cloud
* Microsoft Security
* Dynamics 365
* Microsoft 365
* Microsoft Power Platform
* Microsoft Teams
* Microsoft Industry
* Small Business
Developer & IT
* Azure
* Developer Center
* Documentation
* Microsoft Learn
* Microsoft Tech Community
* Azure Marketplace
* AppSource
* Visual Studio
Company
* Careers
* About Microsoft
* Company news
* Privacy at Microsoft
* Investors
* Diversity and inclusion
* Accessibility
* Sustainability
English (United States) California Consumer Privacy Act (CCPA) Opt-Out Icon Your
Privacy Choices California Consumer Privacy Act (CCPA) Opt-Out Icon Your Privacy
Choices
* Sitemap
* Contact Microsoft
* Privacy
* Manage cookies
* Terms of use
* Trademarks
* Safety & eco
* Recycling
* About our ads
* © Microsoft 2024
* Chat with sales
* Contact us
* 1 800-642-7676
Available Mon to Fri from 6:00 AM to 6:00 PM Pacific Time.
* Support
Close