22 matches found
PQC-Enhanced QKD Networks: A Layered Approach
We present a layered and modular network architecture that combines Quantum Key Distribution QKD and Post-Quantum Cryptography PQC to provide scalable end-to-end security across long distance multi-hop, trusted-node quantum networks. To ensure interoperability and efficient practical deployment,...
Systems Security Foundations for Agentic Computing
This paper articulates short- and long-term research problems in AI agent security and privacy, using the lens of computer systems security. This approach examines end-to-end security properties of entire systems, rather than AI models in isolation. While we recognize that hardening a single mode...
Narrowing the Gap between TEEs Threat Model and Deployment Strategies
Confidential Virtual Machines CVMs provide isolation guarantees for data in use, but their threat model does not include physical level protection and side-channel attacks. Therefore, current deployments rely on trusted cloud providers to host the CVMs' underlying infrastructure. However, TEE...
End-to-End Secrets Security: Making a Plan to Secure Your Machine Identities
At the heart of every application are secrets. Credentials that allow human-to-machine and machine-to-machine communication. Machine identities outnumber human identities by a factor of 45-to-1 and represent the majority of secrets we need to worry about. According to CyberArk's recent research,...
Microsoft Inspire: Partner resources to prepare for the future of security with AI
Cybersecurity is one of the most pressing challenges of our time. With an ever-changing threat landscape and siloed data across multiple security point solutions, defenders have limited visibility. It’s difficult to stay current and find cybersecurity professionals amid the global talent shortage...
The Rising Threat of Secrets Sprawl and the Need for Action
The most precious asset in today's information age is the secret safeguarded under lock and key. Regrettably, maintaining secrets has become increasingly challenging, as highlighted by the 2023 State of Secrets Sprawl report, the largest analysis of public GitHub activity. The report shows a 67%...
Microsoft Security innovations from 2022 to help you create a safer world today
The start of a new year is always a great time for reflection—to be grateful for all we have and the progress security teams have made as well as look ahead to how we can reshape the security landscape. I use this time to think about goals for the future, and to reflect on the highlights,...
Microsoft Security innovations from 2022 to help you create a safer world today
The start of a new year is always a great time for reflection—to be grateful for all we have and the progress security teams have made as well as look ahead to how we can reshape the security landscape. I use this time to think about goals for the future, and to reflect on the highlights,...
Why strong security solutions are critical to privacy protection
The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Voice of the Community blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Ann Cavoukian,...
Tor’s (security) role in the future of the Internet, with Alec Muffett
Tor has a storied reputation in the world of online privacy. The open-source project lets people browse the Internet more anonymously by routing their traffic across different nodes before making a final connection between their device and a desired website. Its something weve discussed previousl...
Google Buys Cybersecurity Firm Mandiant for $5.4 Billion
Google is officially buying threat intelligence and incident response company Mandiant in an all-cash deal approximately valued at $5.4 billion, the two technology firms announced Tuesday. Mandiant is expected to be folded into Google Cloud upon the closure of the acquisition, which is slated to...
How to apply a Zero Trust approach to your IoT solutions
For many, 2020 was a year of survival as they rapidly transformed their businesses in response to a new normal. From enabling new remote and hybrid work models to implementing new technology to help optimize operations, the last year has seen a significant uptick in the proliferation and role of...
Modernize secure access for your on-premises resources with Zero Trust
Change came quickly in 2020. More likely than not, a big chunk of your workforce has been forced into remote access. And with remote work came an explosion of bring-your-own-device BYOD scenarios, requiring your organization to extend the bounds of your network to include the entire internet and...
Meet the Microsoft Pluton processor – The security chip designed for the future of Windows PCs
The role of the Windows PC and trust in technology are more important than ever as our devices keep us connected and productive across work and life. Windows 10 is the most secure version of Windows ever, built with end-to-end security for protection from the edge to the cloud all the way down to...
Meet the Microsoft Pluton processor – The security chip designed for the future of Windows PCs
The role of the Windows PC and trust in technology are more important than ever as our devices keep us connected and productive across work and life. Windows 10 is the most secure version of Windows ever, built with end-to-end security for protection from the edge to the cloud all the way down to...
Akamai Enhances its Cloud Secure Web Gateway with DLP, Application Control and DNS over TLS (DoT)
Last March, Akamai announced the launch of its secure web gateway delivered at the edge, to help enterprises further accelerate their transition to a new security architecture based on Zero Trust and secure access service edge SASE principles. As we now know, we were just on the cusp of a global...
Azure Sphere Security Research Challenge Now Open
The Azure Sphere Security Research Challenge is an expansion of Azure Security Lab, announced at Black Hat in August 2019. At that time, a select group of talented researchers was invited to come and do their worst, emulating criminal hackers in a customer-safe cloud environment. This new researc...
Google Upspin Secure File-Sharing Released to Open Source
Google has released to open source new file-sharing interfaces and protocols it calls Upspin that allow users to securely share files using a global namespace rather than uploading and downloading content or sharing it first with a web-based service. Upspin is largely a consumer tool, Google said...
Bugs in Signal Messaging App Corrupt Attachments, Crash App
Makers of the mobile encrypted chat app Signal say they have fixed vulnerabilities in the Android version of the messaging app that allowed attackers to corrupt encrypted attachments and remotely crash the application. The vulnerabilities were discovered by Jean-Philippe Aumasson and Markus Vervi...
FBI claims its iPhone Hacking Tool can't Unlock iPhone 5S, 6S and 6S Plus
Although everyone, including Apple, was worried about the iPhone hacking tool used by the Federal Bureau of Investigation FBI to access data on iPhone belonged to the San Bernardino shooter, the FBI director said the hack does not work on an iPhone 5S or later. FBI Director James Comey said...