KAPE Quarterly Update - Q4 2023
by Andrew Rathbun, Eric Zimmerman
The move from on-premise email to the cloud-based Office 365 suite has expanded the attack surface to all its related applications and third-party plugins, resulting in a surge of targeted cyber attacks targeting businesses across all industries.
Responder for Office 365 accelerates detection and response to threats targeting your email and identities such as business email compromises, phishing attacks, misuse of privileged accounts or unauthorized access and sensitive files stored online.
Unlock the full power of your Microsoft technology investments, layering the expertise of the Kroll Responder team to quickly identify threats.
Redscan ingests all alerts from Microsoft Defender for Office 365 as well as relevant telemetry from Office 365 Management Activity, Azure AD logs and Graph API logs.
Redscan provides contextual information about validated alerts once they’ve been triaged and investigated by our analysts along with threat intelligence IOCs enrichment, actions taken by our global SOC team and actionable remediation guidance.
Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.
Kroll Responder managed detection and response for Microsoft delivers enriched telemetry, frontline threat intelligence and Complete Response capabilities to maximize the value of your native endpoint and cloud technology.
Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.
Validate your cyber defenses against real-world threats. Kroll’s world-class penetration testing services bring together front-line threat intelligence, thousands of hours of cyber security assessments completed each year and a team of certified cyber experts — the foundation for our sophisticated and scalable approach.
Kroll's computer forensics experts ensure that no digital evidence is overlooked and assist at any stage of an investigation or litigation, regardless of the number or location of data sources.
Kroll delivers more than a typical incident response retainer—secure a true cyber risk retainer with elite digital forensics and incident response capabilities and maximum flexibility for proactive and notification services.
In a business email compromise (BEC) attack, fast and decisive response can make a tremendous difference in limiting financial, reputational and litigation risk. With decades of experience investigating BEC scams across a variety of platforms and proprietary forensic tools, Kroll is your ultimate BEC response partner.
Our expertise allows us to identify and analyze the scope and intent of advanced persistent threats to launch a targeted and effective response.
Kroll’s ransomware preparedness assessment helps your organization avoid ransomware attacks by examining 14 crucial security areas and attack vectors.
by Andrew Rathbun, Eric Zimmerman
by David White
by George Glass
by Dave Truman