Microsoft to acquire RiskIQ to strengthen cybersecurity of digital transformation and hybrid work

Organizations are increasingly using the cloud to reimagine every facet of their business. Hybrid work has accelerated this digital transformation, and customers are challenged with the increasing sophistication and frequency of cyberattacks. Today, Microsoft is announcing that we have entered in...

Microsoft named a Visionary in the 2021 Gartner Magic Quadrant for SIEM for Azure Sentinel

We’re pleased to announce that in its first year of inclusion in the Gartner Magic Quadrant report, Microsoft Azure Sentinel has been named a Visionary, where we were recognized for our completeness of vision for SIEM.1 Gartner has said that “cloud SIEM will be the future of how many organization...

How to build a privacy program the right way

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with attorney Whitney Merrill, an expert on...

Accessibility and usability for all in Azure Sentinel

As a father of a child on the Autism spectrum who relies completely on digital media for his learning, I fully appreciate the impact that digital accessibility can have on people with disabilities. Designing with accessibility in mind greatly expands the impact of Microsoft solutions. What many...

Preparing for your migration from on-premises SIEM to Azure Sentinel

The pandemic of 2020 has reshaped how we engage in work, education, healthcare, and more, accelerating the widespread adoption of cloud and remote-access solutions. In today’s workplace, the security perimeter extends to the home, airports, the gym—wherever you are. To keep pace, organizations...

Microsoft finds new NETGEAR firmware vulnerabilities that could lead to identity theft and full system compromise

The continuous improvement of security solutions has forced attackers to explore alternative ways to compromise systems. The rising number of firmware attacks and ransomware attacks via VPN devices and other internet-facing systems are examples of attacks initiated outside and below the operating...

The critical role of Zero Trust in securing our world

We are operating in the most complex cybersecurity landscape that we’ve ever seen. While our current ability to detect and respond to attacks has matured incredibly quickly in recent years, bad actors haven’t been standing still. Large-scale attacks like those pursued by Nobelium1 and Hafnium,...

MITRE ATT&CK® mappings released for built-in Azure security controls

The Security Stack Mappings for Azure research project was published today, introducing a library of mappings that link built-in Azure security controls to the MITRE ATT&CK® techniques they mitigate against. Microsoft once again worked with the Center for Threat-Informed Defense and other Center...

Encouraging women to embrace their cybersecurity superpowers

The cybersecurity challenges of today require a diversity of skills, perspectives, and experiences, yet women remain underrepresented in this field. On International Women’s Day, some Microsoft Security women leaders penned a powerful blog highlighting the underrepresentation of women in...

Encouraging women to embrace their cybersecurity superpowers

The cybersecurity challenges of today require a diversity of skills, perspectives, and experiences, yet women remain underrepresented in this field. On International Women’s Day, some Microsoft Security women leaders penned a powerful blog highlighting the underrepresentation of women in...

Windows 11 enables security by design from the chip to the cloud

Over the last year, PCs have kept us connected to family, friends, and enabled businesses to continue to run. This new hybrid work paradigm has got us thinking about how we will continue to deliver the best possible quality, experience, and security for the more than 1 billion people who use...

Windows 11 enables security by design from the chip to the cloud

Over the last year, PCs have kept us connected to family, friends, and enabled businesses to continue to run. This new hybrid work paradigm has got us thinking about how we will continue to deliver the best possible quality, experience, and security for the more than 1 billion people who use...

Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

Microsoft announces recipients of academic grants for AI research on combating phishing

Every day in the ever-changing technology landscape, we see boundaries shift as new ideas challenge the old status quo. This constant shift is observed in the increasingly sophisticated and connected tools, products, and services people and organizations use on a daily basis, but also in the...

Microsoft announces recipients of academic grants for AI research on combating phishing

Every day in the ever-changing technology landscape, we see boundaries shift as new ideas challenge the old status quo. This constant shift is observed in the increasingly sophisticated and connected tools, products, and services people and organizations use on a daily basis, but also in the...

Improve your threat detection and response with Microsoft and Wortell

This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. Learn more about MISA. The way of working is changing rapidly. Many workloads are moving to the cloud and the pandemic accelerated organizations to provide infrastructure to aid employees working from...

Improve your threat detection and response with Microsoft and Wortell

This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. Learn more about MISA. The way of working is changing rapidly. Many workloads are moving to the cloud and the pandemic accelerated organizations to provide infrastructure to aid employees working from...

Afternoon Cyber Tea: Microsoft’s cybersecurity response to COVID-19

On February 25, 2020, Microsoft Chief Information Security Officer CISO Bret Arsenault was attending the RSA Conference in San Francisco when the city declared a state of emergency because of COVID-19. Shortly after flying back to Seattle, Bret learned of the first death from the coronavirus in...

Afternoon Cyber Tea: Microsoft’s cybersecurity response to COVID-19

On February 25, 2020, Microsoft Chief Information Security Officer CISO Bret Arsenault was attending the RSA Conference in San Francisco when the city declared a state of emergency because of COVID-19. Shortly after flying back to Seattle, Bret learned of the first death from the coronavirus in...

Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise BEC infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to...

Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise BEC infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to...

How purple teams can embrace hacker culture to improve security

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Matthew Hickey, co-founder, CEO, and writ...

How purple teams can embrace hacker culture to improve security

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Matthew Hickey, co-founder, CEO, and writ...

CRSP: The emergency team fighting cyber attacks beside customers

What is CRSP? Microsoft Global Compromise Recovery Security Practice. Who is CRSP? We are a worldwide team of cybersecurity experts operating in most countries, across all organizations public and private, with deep expertise to secure an environment post-security breach and to help you prevent a...

CRSP: The emergency team fighting cyber attacks beside customers

What is CRSP? Microsoft Global Compromise Recovery Security Practice. Who is CRSP? We are a worldwide team of cybersecurity experts operating in most countries, across all organizations public and private, with deep expertise to secure an environment post-security breach and to help you prevent a...

Optimize security with Azure Firewall solution for Azure Sentinel

Security is a constant balance between proactive and reactive defenses. They are both equally important, and neither can be neglected. Effectively protecting your organization means constantly optimizing both prevention and detection. That’s why we’re excited to announce a seamless integration...

Optimize security with Azure Firewall solution for Azure Sentinel

Security is a constant balance between proactive and reactive defenses. They are both equally important, and neither can be neglected. Effectively protecting your organization means constantly optimizing both prevention and detection. That’s why we’re excited to announce a seamless integration...

Hart and Microsoft announce partnership to incorporate ElectionGuard

On Thursday, June 3, 2021, via a joint press release on Microsoft Stories, Hart InterCivic and Microsoft have announced a partnership to incorporate ElectionGuard software developed by Microsoft into Hart’s Verity voting systems. The partnership makes Hart the first major voting machine...

Afternoon Cyber Tea: Cybersecurity challenged to meet diversity goals

Organizations often know they need to identify and address their cybersecurity blind spots. They also know the technology exists to help them do that. However, they don’t often understand how to communicate this need within their organization to justify the expense, nor do they know how to share...

odix and Microsoft: Protecting users against malware attacks with free FileWall license

This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. Learn more about MISA. The fight against malware has become the epic battle of our generation, placing businesses of all sizes against a never-ending stream of hackers and zero-day attacks bent on...

Privacy compliance for smart meter infrastructure with Microsoft Information Protection and Azure Purview

Smart meters and smart grid infrastructure have been deployed in many of the world’s electric distribution grids. They promise energy conservation, better grid management for utilities, electricity theft reduction, and a host of value-added services for consumers. To deliver on this promise, they...

Microsoft acquires ReFirm Labs to enhance IoT security

Modern computing devices can be thought of as a collection of discrete microprocessors each with a dedicated function like high-speed networking, graphics, Disk I/O, AI, and everything in between. The emergence of the intelligent edge has accelerated the number of these cloud-connected devices th...

Understanding the threat landscape and risks of OT environments

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Chris Sistrunk, Technical Manager in...

Breaking down NOBELIUM’s latest early-stage toolset

As we reported in earlier blog posts, the threat actor NOBELIUM recently intensified an email-based attack that it has been operating and evolving since early 2021. We continue to monitor this active attack and intend to post additional details as they become available. In this blog, we highlight...

New sophisticated email-based attack from NOBELIUM

Microsoft Threat Intelligence Center MSTIC has uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind the attacks against SolarWinds, the SUNBURST backdoor, TEARDROP malware, GoldMax malware, and other related components. The campaign, initially observed and...

How user experience is shaping verifiable credentials and identity

Since 2017, Microsoft has been working with the identity community on two groundbreaking technologies designed from the ground up to make digital privacy convenient and practical: decentralized identifiers and verifiable credentials. We believe verifiable credentials will revolutionize the way we...

Becoming resilient by understanding cybersecurity risks: Part 4—navigating current threats

In part three of this blog series on aligning security with business objectives and risk, we explored what it takes for security leaders to shift from looking at their mission as purely defending against technical attacks, to one that focuses on protecting valuable business assets, data, and...

Microsoft is a Leader in the 2021 Forrester Endpoint Security Software as a Service Wave

We are excited to share that Microsoft has been named a Leader in The Forrester Wave: Endpoint Security Software as a Service, Q2 20211, receiving one of the highest scores in the strategy category and among the top three scores in the current offering category. Forrester notes that “the focus on...

Resources for accelerating your Zero Trust journey

For many organizations, 2020 was the year that finally saw remote work become a reality on a global scale. As many people begin transitioning back to the office, many organizations are thinking about how they can transition from a remote workforce to a more permanent hybrid workplace. We recently...

Microsoft recognized as a Leader in The Forrester Wave™: Unstructured Data Security Platforms, Q2 2021

In this new world of hybrid work, organizations face an increasing volume of data, ever-evolving regulations around how that data is protected, and an evolving complexity and frequency of data security breaches. To help our customers navigate this complex data landscape, we are focused on...

Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment

Phorpiex, an enduring botnet known for extortion campaigns and for using old-fashioned worms that spread via removable USB drives and instant messaging apps, began diversifying its infrastructure in recent years to become more resilient and to deliver more dangerous payloads. Today, the Phorphiex...

SimuLand: Understand adversary tradecraft and improve detection strategies

At Microsoft, we continuously collaborate with customers and the InfoSec community to learn more about the latest adversary tradecraft so that we can improve our detection strategies across all our security services. Even though those detections are already built into our products, and protecting...

Protecting SAP applications with the new Azure Sentinel SAP threat monitoring solution

As one of the leading solution providers for applications that manage business processes, SAP is the custodian for massive amounts of sensitive data in many of the biggest organizations in the world. Since these applications are business-critical, an SAP security breach can be catastrophic. Yet,...

Forrester names Microsoft a Leader in The Forrester Wave™: Cloud Security Gateways, Q2 2021

I am thrilled to share that Forrester Research has named Microsoft Cloud App Security as a Leader in The Forrester Wave: Cloud Security Gateways, Q2 2021. Additionally, Microsoft received the highest score in the strategy category. People have increasingly used cloud apps to stay productive and...

Mitigate OT security threats with these best practices

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Chris Sistrunk, Technical Manager in...

How a positive hybrid work culture can help you to mitigate insider risk

As Vasu Jakkal recently shared, we are operating in the most sophisticated threat landscape ever seen, and coupled with the next great disruption—hybrid work—security is more challenging than ever. Protecting from external threats is only one part of the challenge, though. You also must protect...

Securing a new world of hybrid work: What to know and what to do

The cybersecurity landscape has fundamentally changed, as evidenced by large-scale, complex attacks like Nobelium, Hafnium, and more recently last week’s Colonial Pipeline attack, which signals that human-operated ransomware is on the rise. Hackers launch an average of 50 million password attacks...

How to secure your hybrid work world with a Zero Trust approach

We are operating in the most complex cybersecurity landscape we’ve ever seen. Sophisticated and determined attackers are the norm. And we all are preparing for the next great disruption—hybrid work. Security has never been more important, and as I shared in another Security blog today, it’s clear...

Threat and Vulnerability Management now supports all major platforms

We are swiftly adapting to the lasting reality of a hybrid workforce, with the number of remote workers in the US expected to nearly double over the next five years, compared to pre-pandemic times. As a result, security teams are being challenged to rethink how to secure a growing and increasingl...