Posts by: John Booth

Detecting script-based attacks on Linux

Wednesday, June 6, 2018

Last month, we announced the extension of Azure Security Center’s detection for Linux. This post aims to demonstrate how existing Windows detections often have Linux analogs.

Senior Software Engineer, Threat Intelligence & Security Analytics

Heuristic DNS detections in Azure Security Center

Tuesday, March 13, 2018

We have heard from many customers about their challenges with detecting highly evasive threats. Today, we are discussing some of our more complex, heuristic techniques to detect malicious use of this vital protocol and how these detect key components of common real-world attacks.

Senior Software Engineer, Threat Intelligence & Security Analytics