How Microsoft builds privacy and security to work hand-in-hand

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

Celebrating 200 WINtegrations—and the Partners Who Make It Possible

200 integrations strong: How our open ecosystem is redefining cloud security collaboration...

CISA: AI Cybersecurity Collaboration Playbook Fact Sheet

This is the fact sheet for CISA's AI Security Collaboration Playbook...

CISA: Building Relationships with First Responders: Tools and Resources

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

vulnerability-disclosures

Vulnerability Disclosures This is a repository for reporting...

Reduce Business Email Compromise with Collaboration

Here's the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space...

Protecting Against HTTP/2 Rapid Reset: CVE-2023-44487

Today, Google disclosed a zero-day vulnerability in the HTTP/2 protocol. Imperva collaborated proactively with Google to gain advanced insights into this vulnerability. After a comprehensive inspection of this vulnerability by Imperva’s Product Development and Threat Research teams, we can confir...

Feeding Gophers to Ghidra

Feeding Gophers to Ghidra By Trellix · June 6, 2023 This blog was written by Max Kersten The scripts discussed in the article are based on the magnificent work ofDorka Palotay from CUJOai. Golang malware is becoming increasingly prevalent, requiring analysts to know how to effectively analyze the...

Securing a successful merger: Insights from MGM Studios

Hear from John Visneski, CISO of MGM Studios about how the organization fosters collaboration and transparency across business units using Wiz...

How IT and security teams can work together to improve endpoint security

For executives in the IT and security spaces, the current climate offers reasons to worry. As workers become accustomed to new flexibility in the workplace, hybrid and remote work options present more challenges. Users want to access corporate resources from their own devices without the...

Forrester names Microsoft a Leader in 2022 Enterprise Detection and Response Wave™ report

We are excited to share that Microsoft has been named a leader in The Forrester Wave: Enterprise Detection and Response, Q1 2022. Microsoft received one of the highest scores in the strategy category and strength of current offering category. In the Forrester Wave assessment, Microsoft Defender f...

It’s a Wrap! QSC 2021 Las Vegas Laid Out Problems, Solutions and Innovation

Although organizations have made moves toward it for years, digital transformation, in a way, has only just begun. The pandemic may have accelerated migration to the cloud but going forward business will drive continued transformation—and innovation. But to get the most out of the investments in...

5 questions to answer before spending big on cloud security

Do your tool diligence Convincing people to sign off on big cloud security spends is, most assuredly, a never-ending process. Because every so often be it in 6 months, 1 year, 2 years, your security organization will have to pitch to the check-writers all over again. Of course, we all know it’s...

4 DevOps Challenges to Cloud Security and Compliance—and How IaC Can Help

To react or to prevent? The term “cure” is generally a positive one. However, in cloud security, it assumes a reactive position to some vulnerability or breach that’s already taken place. When it comes down to it, DevOps and Security teams—we all hope—are working together toward a culture of...

How to organize your security team: The evolution of cybersecurity roles and responsibilities

Digital transformation, cloud computing, and a sophisticated threat landscape are forcing everyone to rethink the functions of each role on their security teams, from Chief Information Security Officers CISOs to practitioners. With billions of people around the globe working from home, changes to...

Voting Machine Makers Are Finally Playing Nice With Hackers

After years of secrecy, one major election tech company is giving more hackers a look under the hood...

Applied ThreadFix: Effective security team collaboration

Modern enterprises are distributed. Most ThreadFix deployments have stakeholders spanning development and security teams and those team members are spread around the globe. To support these distributed organizations, ThreadFix has a number of collaboration features that make teams more efficient...

What’s Coming in 2020: An RSA Recap

VMWare Carbon Black recently published our Outlook 2020 Threat Report largely fueled by the work of our amazing Threat Analysis Unit. Greg Foss @Heinzarelli and Andrew Costis @0x4143 did some in-depth research on Malware samples seen in 2019. As part of RSA, Greg and I had the chance to present o...

Facebook Now Pays Hackers for Reporting Security Bugs in 3rd-Party Apps

Following a series of security mishaps and data abuse through its social media platform, Facebook today expanding its bug bounty program in a very unique way to beef up the security of third-party apps and websites that integrate with its platform. Last year, Facebook launched "Data Abuse Bounty"...

Microsoft Announces Top Three Contributing Partners in the Microsoft Active Protections Program (MAPP)

Today Microsoft announced the MAPP program Top Vulnerability Contributors, Top Threat Indicator Submitters, and Top Zero-Day Reporting for the period of July 1, 2018 – June 30, 2019. The Microsoft Active Protections Program provides security and protection to customers through cooperation and...