At Microsoft the data from attacks that we see against our cloud services informs our security research and investments. Microsoft uses this data, and other sources, to track emerging threats as well as to improve the detection coverage of our security offerings. The results of this benefits customers through products such as Azure Defender and Azure Sentinel.
Microsoft works with a range of partners including academia to develop new ways of analyzing and exploring big data sets. We’ve evenreleased large dumps of this kind of datain the past to help other security researchers not affiliated with Microsoft. This year Microsoft has worked with MSc student Philip Thiede, supervised by Francesco Sanna Passino and Nick Heard at Imperial College. Where they have been developing innovative clustering approaches to explore this data for Philip's MSc thesis.