Microsoft's Cyber Defense Ops Center Shares Best Practices Microsoft Cyber Defense Operations Center (Image courtesy of Microsoft)

Microsoft's Cyber Defense Ops Center Shares Best Practices

According to Microsoft, they have a view of the ever evolving cyberthreat landscape because of the fact they oversee more than 200 cloud based services, more than 100 datacenters, millions of devices, and over a billion customers around the globe.

All of this data and experience comes together in one place for Microsoft at the companies Cyber Defense Operations Center, CDOC for short, where they perform 24/7 monitoring to detect these cyber attacks in real time. This facility was opened in November 2015 and their automated platform can respond to a detected DDoS attack within 90 seconds while the team members work to mitigate the attack vector and sources.

"In the year since opening, we have advanced the policies and practices that accelerate the detection, identification and resolution of cybersecurity threats, and have shared our key learnings with the thousands of enterprise customers who have visited the CDOC. Today, we are sharing a Cyber Defense Operations Center strategy brief that details some of our best practices for how we Protect, Detect and Respond to cyberthreats in real time."

The company breaks down those three key areas of response for these cyberthreats like this:


  • Extensive monitoring and controls.
  • Software-defined networks.
  • Multifactor authentication.
  • Non-persistent administration using.
  • Proper hygiene.
  • Microsoft Malware Protection Center’s.
  • Threat modeling and attack surface analysis.
  • Classifying data.
  • Awareness training.


  • Monitoring network and physical environments.
  • Identity and behavioral analytics.
  • Machine learning.
  • Advanced analytical tools and processes.
  • Automated software-based processes.
  • Data scientists and security experts.


  • Automated response systems.
  • Well-defined, documented and scalable incident response processes.
  • Subject matter expertise.
  • Wide enterprise searching.
  • Deep forensic analysis.
  • Microsoft’s security software tools, automation and hyper-scale cloud infrastructure.

I am sure many of your organizations are looking to improve your own plans for dealing with any cyberthreats or other attacks against your own infrastructure so be sure to check out the full Cyber Defense Operations Center strategy brief (PDF, 1.88MB, and nine pages).

This document contains even more background and details about Microsoft's own experience and responses to attacks and other online threats.


Looking for an awesome, no-nonsense technical conference for IT Pros, Devs, and Devops? Check out IT/Dev Connections!

IT/Dev Connections

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.