Security Report Analysis: Microsoft Security Intelligence Report H2-2015

In this Security Report Analysis (SRA) series I look at various security reports and pull out the main points.

This doesn’t replace a complete and detailed read of these reports, but at least you’ll get exposed to some of the key takeaways that you might not otherwise have seen.

REPORT: The 2H-2015 Microsoft Security Intelligence Report

Key points

• A group code-named PLATINUM has been targeting victims in South and Southeast Asia since around 2009. The group uses unmatched vulnerabilities, spear-phishing, and has the ability to create 0-Day and the exploit tools to use them

• Vulnerability disclosures have trended up in recent years

• Exploit kits accounted for four of the 10 most common exploits of the second half of 2015

• Computers that were protected were 3 to 6 times less likely to be infected with malware

Analysis

• They talked about Microsoft’s solutions to identity security

• Then they talked about Microsoft’s solution to email spoofing

• Not a fan of sales pitches in these types of reports

• More advertising deeper in the report

Summary

• Don’t like that they don’t have key themes or key points the way the Verizon reports do

• Definitely need less advertising

• These reports should be gifts to the community, and the only advertising should be the branding

REPORT: The 2H-2015 Microsoft Security Intelligence Report

Notes

1. While this capture can be helpful, I suggest reading the whole report for full context. The writing was remarkably easy to move through.

Related posts:

1. The Difference Between Business Intelligence, Reporting, Metrics, and Analytics

2. Security Report Analysis: 2018 DBIR Report

3. Analysis of the 2020 Verizon Data Breach Report