726 matches found
Building a Zero Trust business plan
These past six months have been a remarkable time of transformation for many IT organizations. With the forced shift to remote work, IT professionals have had to act quickly to ensure people continue working productively from home—in some cases bringing entire organizations online over a weekend...
EDR in block mode stops IcedID cold
We are happy to announce the general availability of endpoint detection and response EDR in block mode in Microsoft Defender for Endpoint. EDR in block mode turns EDR detections into real-time blocking of malicious behaviors, malware, and artifacts. It uses Microsoft Defender for Endpoint’s...
Digital Defense integrates with Microsoft to detect attacks missed by traditional endpoint security
This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. You can learn more about MISA here. Cybercriminals have ramped up their initial compromises through phishing and pharming attacks using a variety of tools and tactics that, while numerous, are simple...
Deliver productive and seamless user experiences with Azure Active Directory
Several months into the COVID-19 pandemic, many of us are still working remotely, and our organizations are still adjusting. Top of mind for every IT leader in this current landscape is meeting users’ needs for seamless access to resources while safeguarding the business from cyber threats. The...
Understanding influences shaping the cybersecurity landscape, enabling digital transformation, and helping to protect our planet
The accelerated rate of digital transformation we have seen this past year presents both challenges and endless opportunities for individuals, organizations, businesses, and governments around the world. Cybersecurity is the underpinning of helping protect these opportunities. By examining the...
Manage, govern, and get more value out of your data with Azure Purview
Data is the currency of today’s economy. Data is being created faster than ever in more locations than organizations can track. In fact, IDC has predicted that global data will grow to more than 175 zettabytes by 2025. To put that into context, that’s 175 trillion 1GB USB drives. At the same time...
Protect your SQL Server on-premises, in Azure, and in multicloud
Azure Defender for SQL is now generally available for use with SQL Server on premises, in multicloud deployments on Amazon Web Services AWS, and Google Cloud Platform GCP, and in virtual machines on Azure. Azure Defender for SQL constantly monitors your SQL Server for known vulnerabilities and...
Azure Sentinel achieves a Leader placement in Forrester Wave, with top ranking in Strategy
I’m thrilled to announce Forrester Research has named Microsoft Azure Sentinel as a “Leader” in The Forrester Wave: Security Analytics Platform Providers, Q4 2020. When we released Azure Sentinel almost a year ago—the industry’s first cloud-native SIEM on a major public cloud—our goal was to...
Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them
Cryptocurrency miners are typically associated with cybercriminal operations, not sophisticated nation state actor activity. They are not the most sophisticated type of threats, which also means that they are not among the most critical security issues that defenders address with urgency. Recent...
Zerologon is now detected by Microsoft Defender for Identity
There has been a huge focus on the recently patched CVE-2020-1472 Netlogon Elevation of Privilege vulnerability, widely known as ZeroLogon. While Microsoft strongly recommends that you deploy the latest security updates to your servers and devices, we also want to provide you with the best...
Go inside the new Azure Defender for IoT including CyberX
In 2020, the move toward digital transformation and Industry 4.0 took on new urgency with manufacturing and other critical infrastructure sectors under pressure to increase operational efficiency and reduce costs. But the cybersecurity model for operational technology OT was already shown to be...
Microsoft Azure Active Directory again a “Leader” in Gartner Magic Quadrant for Access Management
Howdy folks, I’m proud to announce that for the fourth year in a row, Microsoft Azure Active Directory Azure AD has been recognized as a “Leader” in Gartner Magic Quadrant for Access Management, Worldwide. Earlier this year, my boss, Joy Chik, CVP of Identity Engineering shared Microsoft’s guidin...
IoT security: how Microsoft protects Azure Datacenters
Azure Sphere first entered the IoT Security market in 2018 with a clear mission—to empower every organization on the planet to connect and create secure and trustworthy IoT devices. Security is the foundation for durable innovation and business resilience. Every industry investing in IoT must...
Modernize secure access for your on-premises resources with Zero Trust
Change came quickly in 2020. More likely than not, a big chunk of your workforce has been forced into remote access. And with remote work came an explosion of bring-your-own-device BYOD scenarios, requiring your organization to extend the bounds of your network to include the entire internet and...
Cyberattacks targeting health care must stop
In recent months, we’ve detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for COVID-19. The targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Kore...
Gartner names Microsoft a Leader in the 2020 Magic Quadrant for Cloud Access Security Brokers
The past few months have changed the way we work in many ways, working from home, social distancing, and remote operations have all had impacts on our previously known ways of life. At Microsoft, we have been working hard to assist our customers adjust to this rapidly changing and evolving work...
Key layers for developing a Smarter SOC with CyberProof-managed Microsoft Azure security services
This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. Learn more about MISA here. Security teams are struggling to reduce the time to detect and respond to threats due to the complexity and volume of alerts being generated from multiple security...
Meet the Microsoft Pluton processor – The security chip designed for the future of Windows PCs
The role of the Windows PC and trust in technology are more important than ever as our devices keep us connected and productive across work and life. Windows 10 is the most secure version of Windows ever, built with end-to-end security for protection from the edge to the cloud all the way down to...
Forrester TEI study: Azure Sentinel delivers 201 percent ROI over 3 years and a payback of less than 6 months
2020 has been a transitional year, ushering in broad changes in how, and where, we work. Security operations SecOps teams face more significant challenges than ever as they protect the organization in this rapidly changing environment. These teams need a flexible, cost-effective, and efficient...
System Management Mode deep dive: How SMM isolation hardens the platform
Ensuring that the platform firmware is healthy and trustworthy is fundamental to guaranteeing that powerful platform security features like Hypervisor-protected code integrity HVCI and Windows Defender Credential Guard are functioning as expected. Windows 10 achieves this by leveraging a...
Empowering employees to securely work from anywhere with an internet-first model and Zero Trust
Like many this year, our Microsoft workforce had to quickly transition to a work from the home model in response to COVID-19. While nobody could have predicted the world’s current state, it has provided a very real-world test of the investments we have made implementing a Zero Trust security mode...
Extend data loss prevention to your devices with Microsoft Endpoint Data Loss Prevention, now generally available
Microsoft Endpoint Data Loss Prevention Endpoint Data Loss Prevention DLP | What it is and how to set it up in Microsoft 365. Watch today Managing and protecting data is critical to any organization. Data is growing exponentially, and remote work is making it even harder to manage risks around...
Microsoft recognized as a Leader in the 2020 Gartner Magic Quadrant for Enterprise Information Archiving
Organizations face an increasing volume of data generated daily and ever-evolving regulations around how that data is managed. To help navigate this complex information landscape, we are focused on delivering integrated, intelligent, and user-centric solutions. Over the past few years, we...
It’s Cybersecurity Awareness Month and there is still a lot to do
October is National Cyber Security Awareness Month NCSAM. And there is still a lot to do! For the last 17 years, the National Cybersecurity Awareness Month NCSAM campaign, driven by the Department of Homeland Security, has raised awareness about the importance of cyber security across the Nation...
Unilever CISO on balancing business risks with cybersecurity
Imagine showing up to work every day knowing that your job requires protecting 160,000 employees creating more than 450 products around the world—tea, ice cream, personal care, laundry and dish soaps—across a customer base of more than two and a half billion people every day. Unilever Chief...
Back to the future: What the Jericho Forum taught us about modern security
Some of the earliest formal work on what we now call Zero Trust started around in a security consortium known as the Jericho Forum which later merged into The Open Group Security Forum. This started as a group of like-minded CISOs wrestling with the limitations of the dominant and unquestioned...
Cyberattacks against machine learning systems are more common than you think
Machine learning ML is making incredible transformations in critical areas such as finance, healthcare, and defense, impacting nearly every aspect of our lives. Many businesses, eager to capitalize on advancements in ML, have not scrutinized the security of their ML systems. Today, along with...
Addressing cybersecurity risk in industrial IoT and OT
As the industrial Internet of Things IIoT and operational technology OT continue to evolve and grow, so too, do the responsibilities of the Chief Information Security Officer CISO. The CISO now needs to mitigate risks from cloud-connected machinery, warehouse systems, and smart devices scattered...
CISO Spotlight: How diversity of data (and people) defeats today’s cyber threats
This year, we have seen five significant security paradigm shifts in our industry. This includes the acknowledgment that the greater the diversity of our data sets, the better the AI and machine learning outcomes. This diversity gives us an advantage over our cyber adversaries and improves our...
Announcing the Zero Trust Deployment Center
Organizations have been digitally transforming at warp speed in response to the way businesses operate and how people work. As a result, digital security teams have been under immense pressure to ensure their environments are resilient and secure. Many have turned to a Zero Trust security model t...
CISO Stressbusters: 7 tips for weathering the cybersecurity storms
An essential requirement of being a Chief Information Security Officer CISO is stakeholder management. In many organizations, security is still seen as a support function; meaning, any share of the budget you receive may be viewed jealously by other departments. Bringing change to an organization...
Security Unlocked—A new podcast exploring the people and AI that power Microsoft Security solutions
It’s hard to keep pace with all the changes happening in the world of cybersecurity. Security experts and leaders must continue learning and unlearning to stay ahead of the ever-evolving threat landscape. In fact, many of us are in this field because of our desire to continuously challenge...
How to mitigate rapid cyberattacks such as Petya and WannaCrypt
In the first blog post of this 3-part series, we introduced what rapid cyberattacks are and illustrated how rapid cyberattacks are different in terms of execution and outcome. In the second blog post, we provided some details on Petya and how it worked. In this final blog post, we will share:...
How a national cybersecurity agency can help avoid a national cybersecurity quagmire
This last October we saw more countries than ever participate in initiatives to raise cybersecurity awareness. What was once largely a US approach has evolved into events and initiatives around the world by governments, civil society groups, and private sector partners. This increased breadth and...
How artificial intelligence stopped an Emotet outbreak
At 12:46 a.m. local time on February 3, a Windows 7 Pro customer in North Carolina became the first would-be victim of a new malware attack campaign for Trojan:Win32/Emotet. In the next 30 minutes, the campaign tried to attack over a thousand potential victims, all of whom were instantly and...
Cyber resilience for the modern enterprise
Many organizations are undergoing a digital transformation that leverages a mix of cloud and on-premises assets to increase business efficiency and growth. While increased dependence on technology is necessary for this transformation, and to position the business for success, it does pose risks...
Developing an effective cyber strategy
The word strategy has its origins in the Roman Empire and was used to describe the leading of troops in battle. From a military perspective, strategy is a top-level plan designed to achieve one or more high-order goals. A clear strategy is especially important in times of uncertainty as it provid...
Overview of Petya, a rapid cyberattack
In the first blog post of this 3-part series, we introduced what rapid cyberattacks are and illustrated how they are different in terms of execution and outcome. Next, we will go into some more details on the Petya aka NotPetya attack. How Petya worked The Petya attack chain is well understood,...
Protecting customers from being intimidated into making an unnecessary purchase
There has been an increase in free versions of programs that purport to scan computers for various errors, and then use alarming, coercive messages to scare customers into buying a premium version of the same program. The paid version of these programs, usually called cleaner or optimizer...
IGF proves the value of bottom-up, multi-stakeholder model in cyberspace policy-making
In December, the Internet Governance Forum IGF brought the world together to talk about the internet. I tend to take a definite interest in cybersecurity, but there were many more important topics discussed. They ranged from diversity in the technology sector through to philosophy in the digital...
Now you see me: Exposing fileless malware
Attackers are determined to circumvent security defenses using increasingly sophisticated techniques. Fileless malware boosts the stealth and effectiveness of an attack, and two of last years major ransomware outbreaks Petya and WannaCry used fileless techniques as part of their kill chains. The...
Overview of rapid cyberattacks
Rapid cyberattacks like Petya and WannaCrypt have reset our expectations on the speed and scope of damage that a cyberattack can inflict. The Microsoft Enterprise Cybersecurity Group Detection and Response team worked extensively to help customers respond to and recover from these kinds of attack...
Microsoft offers several mechanisms to protect against ransomware
The start of a new year is the perfect time to reassess your security strategy and tactics especially when looking back at the new levels of ransomwares reach and damage in 2017. Its no secret that ransomware attacks are increasing. In fact, a business is hit with ransomware every 40 seconds. If...
How to disrupt attacks caused by social engineering
This post is authored by Milad Aslaner, Senior Program Manager, Windows & Devices Group. A decade ago, most cyber-attacks started with a piece of malware or a complex method to directly attack the infrastructure of a company. But this picture has changed and today all it takes is a sophisticated...
A worthy upgrade: Next-gen security on Windows 10 proves resilient against ransomware outbreaks in 2017
Adopting reliable attack methods and techniques borrowed from more evolved threat types, ransomware attained new levels of reach and damage in 2017. The following trends characterize the ransomware narrative in the past year: Three global outbreaks showed the force of ransomware in making...
Understanding the performance impact of Spectre and Meltdown mitigations on Windows Systems
Last week the technology industry and many of our customers learned of new vulnerabilities in the hardware chips that power phones, PCs and servers. We and others in the industry had learned of this vulnerability under nondisclosure agreement several months ago and immediately began developing...
Application fuzzing in the era of Machine Learning and AI
Proactively testing software for bugs is not new. The earliest examples date back to the 1950s with the term fuzzing. Fuzzing as we now refer to it is the injection of random inputs and commands into applications. It made its debut quite literally on a dark and stormy night in 1988. Since then,...
We’re moving to Microsoft Secure
We’re packing up and moving! Starting January 2018, we’ll move our blogs to Microsoft Secure. At Microsoft Secure, you will find technical information for Office 365, Microsoft Azure, and Windows, alongside product updates, cybersecurity guidance, industry trends, and more. You can expect the sam...
How Microsoft tools and partners support GDPR compliance
This post is authored by Daniel Grabski,Executive Security Advisor, Microsoft Enterprise Cybersecurity Group. As an Executive Security Advisor for enterprises in Europe and the Middle East, I regularly engage with Chief Information Security Officers CISOs, Chief Information Officers CIOs and Data...
How public-private partnerships can combat cyber adversaries
For several years now, policymakers and practitioners from governments, CERTs, and the security industry have been speaking about the importance of public-private partnerships as an essential part of combating cyber threats. It is impossible to attend a security conference without a keynote...