Credit: Rawpixel / Jeff Hu / Getty Images Microsoft announced Monday that it’s getting into the managed security services business. The company’s Microsoft Security Experts program includes three new managed services.Microsoft Defender Experts for Hunting is for its customers who have robust security operations centers but would like Microsoft to hunt for threats in data from endpoints, Office 365, cloud applications, and identity sources. Microsoft’s experts will hand off any actionable alerts they discover to security operations center (SOC) personnel, along with remediation recommendations. Microsoft experts are also available on-demand to answer security questions about anything from incidents to action by nation-state actors to updates on the latest attack vectors. The projected launch window for the service is in the summer of 2022.Microsoft Defender Experts for XDR is for customers who need to extend the capacity of their SOC. It extends beyond endpoints to provide detection and response across Microsoft 365 Defender. It will investigate alerts and use automation and human expertise to respond to incidents alongside a local security team. Preview of the service is expected to roll out in the fall of 2022. Microsoft Security Services for the Enterprise combines proactive threat hunting and managed XDR. It leverages Microsoft’s complete security information and event management (SIEM) and XDR stack to protect all cloud environments and all platforms. The service uses Microsoft security experts to manage onboarding, daily interactions, practice modernization, and incident response for an organization. The service is sold through a custom statement of work and is available today. Incident response, modernization services rolled into Experts programMicrosoft will be rolling two existing offerings into the Experts program. Microsoft Security Services for Incident Response provides experts who can be consulted before, during, and after a data breach. The Microsoft pros can help an organization remove a bad actor from its environment, remediate its defenses after a breach, and build resilience against future attacks.Microsoft Security Services for Modernization is aimed at customers engaged in a security transformation of their organization. It provides consulting services to help customers at any stage of their security journey, including embracing a Zero Trust approach to security. “[T]echnology alone is not enough to defend against cybercrime,” Microsoft Corporate Vice President for Security, Compliance, Identity, and Management Vasu Jakkal wrote in a company blog. “Technology is critical, but it’s the combination of leading technologies, comprehensive threat intelligence, and highly skilled people that makes for a truly effective security posture.”Harder for organizations to build security teamsThe challenge in this critical moment when cybersecurity has reached an inflection point, Jakkal noted, is that organizations are facing a cybersecurity talent shortage, with nearly one in three—or 2.5 million—security jobs vacant in the United States. That’s pushing the time of detection for a breach to an alarming 287 days. Even when talent is available, access to highly skilled expertise remains a challenge. “It’s getting harder every day for organizations to build and maintain a full security team, let alone one with the ever-expanding skillset required to meet the range of today’s security demands,” he wrote. Related content news CISA, FBI urge developers to patch path traversal bugs before shipping The advisory highlights how developers can follow best practices to fix these vulnerabilities during production. By Shweta Sharma May 03, 2024 3 mins Vulnerabilities news Microsoft continues to add, shuffle security execs in the wake of security incidents The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network. By Elizabeth Montalbano May 03, 2024 4 mins CSO and CISO feature Malware explained: How to prevent, detect and recover from it What are the types of malware? How does malware spread? How do you know if you’re infected? We've got answers. By Josh Fruhlinger May 03, 2024 18 mins Ransomware Phishing Malware brandpost Sponsored by Cyber NewsWire LayerX Security Raises $26M for its Browser Security Platform, Enabling Employees to Work Securely from Any Browser, Anywhere Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience By Cyber NewsWire May 02, 2024 4 mins Cyberattacks Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe