Microsoft has rolled out a range of automated incident response tools for security teams in its Office 365 Advanced Threat Protection (APT) product – a feature it first teased in preview in April this year.
With an upgraded API the new tools – which use machine learning to react to a range of triggers – in the email protection service can be integrated into existing security workflow solutions, like SIEMs, Microsoft said.
Automated Incident Response
The tools include automated, playbook-based investigations that are initiated when alerts such as user-reported phishing emails are reported.
These include automatic investigation when