1546 matches found
Building a Zero Trust business plan
These past six months have been a remarkable time of transformation for many IT organizations. With the forced shift to remote work, IT professionals have had to act quickly to ensure people continue working productively from home—in some cases bringing entire organizations online over a weekend...
EDR in block mode stops IcedID cold
We are happy to announce the general availability of endpoint detection and response EDR in block mode in Microsoft Defender for Endpoint. EDR in block mode turns EDR detections into real-time blocking of malicious behaviors, malware, and artifacts. It uses Microsoft Defender for Endpoint’s...
Digital Defense integrates with Microsoft to detect attacks missed by traditional endpoint security
This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. You can learn more about MISA here. Cybercriminals have ramped up their initial compromises through phishing and pharming attacks using a variety of tools and tactics that, while numerous, are simple...
Deliver productive and seamless user experiences with Azure Active Directory
Several months into the COVID-19 pandemic, many of us are still working remotely, and our organizations are still adjusting. Top of mind for every IT leader in this current landscape is meeting users’ needs for seamless access to resources while safeguarding the business from cyber threats. The...
Understanding influences shaping the cybersecurity landscape, enabling digital transformation, and helping to protect our planet
The accelerated rate of digital transformation we have seen this past year presents both challenges and endless opportunities for individuals, organizations, businesses, and governments around the world. Cybersecurity is the underpinning of helping protect these opportunities. By examining the...
Manage, govern, and get more value out of your data with Azure Purview
Data is the currency of today’s economy. Data is being created faster than ever in more locations than organizations can track. In fact, IDC has predicted that global data will grow to more than 175 zettabytes by 2025. To put that into context, that’s 175 trillion 1GB USB drives. At the same time...
Protect your SQL Server on-premises, in Azure, and in multicloud
Azure Defender for SQL is now generally available for use with SQL Server on premises, in multicloud deployments on Amazon Web Services AWS, and Google Cloud Platform GCP, and in virtual machines on Azure. Azure Defender for SQL constantly monitors your SQL Server for known vulnerabilities and...
Azure Sentinel achieves a Leader placement in Forrester Wave, with top ranking in Strategy
I’m thrilled to announce Forrester Research has named Microsoft Azure Sentinel as a “Leader” in The Forrester Wave: Security Analytics Platform Providers, Q4 2020. When we released Azure Sentinel almost a year ago—the industry’s first cloud-native SIEM on a major public cloud—our goal was to...
Threat actor leverages coin miner techniques to stay under the radar – here’s how to spot them
Cryptocurrency miners are typically associated with cybercriminal operations, not sophisticated nation state actor activity. They are not the most sophisticated type of threats, which also means that they are not among the most critical security issues that defenders address with urgency. Recent...
Zerologon is now detected by Microsoft Defender for Identity
There has been a huge focus on the recently patched CVE-2020-1472 Netlogon Elevation of Privilege vulnerability, widely known as ZeroLogon. While Microsoft strongly recommends that you deploy the latest security updates to your servers and devices, we also want to provide you with the best...
Go inside the new Azure Defender for IoT including CyberX
In 2020, the move toward digital transformation and Industry 4.0 took on new urgency with manufacturing and other critical infrastructure sectors under pressure to increase operational efficiency and reduce costs. But the cybersecurity model for operational technology OT was already shown to be...
Microsoft Azure Active Directory again a “Leader” in Gartner Magic Quadrant for Access Management
Howdy folks, I’m proud to announce that for the fourth year in a row, Microsoft Azure Active Directory Azure AD has been recognized as a “Leader” in Gartner Magic Quadrant for Access Management, Worldwide. Earlier this year, my boss, Joy Chik, CVP of Identity Engineering shared Microsoft’s guidin...
IoT security: how Microsoft protects Azure Datacenters
Azure Sphere first entered the IoT Security market in 2018 with a clear mission—to empower every organization on the planet to connect and create secure and trustworthy IoT devices. Security is the foundation for durable innovation and business resilience. Every industry investing in IoT must...
Modernize secure access for your on-premises resources with Zero Trust
Change came quickly in 2020. More likely than not, a big chunk of your workforce has been forced into remote access. And with remote work came an explosion of bring-your-own-device BYOD scenarios, requiring your organization to extend the bounds of your network to include the entire internet and...
Cyberattacks targeting health care must stop
In recent months, we’ve detected cyberattacks from three nation-state actors targeting seven prominent companies directly involved in researching vaccines and treatments for COVID-19. The targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Kore...
Gartner names Microsoft a Leader in the 2020 Magic Quadrant for Cloud Access Security Brokers
The past few months have changed the way we work in many ways, working from home, social distancing, and remote operations have all had impacts on our previously known ways of life. At Microsoft, we have been working hard to assist our customers adjust to this rapidly changing and evolving work...
Key layers for developing a Smarter SOC with CyberProof-managed Microsoft Azure security services
This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. Learn more about MISA here. Security teams are struggling to reduce the time to detect and respond to threats due to the complexity and volume of alerts being generated from multiple security...
Meet the Microsoft Pluton processor – The security chip designed for the future of Windows PCs
The role of the Windows PC and trust in technology are more important than ever as our devices keep us connected and productive across work and life. Windows 10 is the most secure version of Windows ever, built with end-to-end security for protection from the edge to the cloud all the way down to...
Forrester TEI study: Azure Sentinel delivers 201 percent ROI over 3 years and a payback of less than 6 months
2020 has been a transitional year, ushering in broad changes in how, and where, we work. Security operations SecOps teams face more significant challenges than ever as they protect the organization in this rapidly changing environment. These teams need a flexible, cost-effective, and efficient...
System Management Mode deep dive: How SMM isolation hardens the platform
Ensuring that the platform firmware is healthy and trustworthy is fundamental to guaranteeing that powerful platform security features like Hypervisor-protected code integrity HVCI and Windows Defender Credential Guard are functioning as expected. Windows 10 achieves this by leveraging a...
Empowering employees to securely work from anywhere with an internet-first model and Zero Trust
Like many this year, our Microsoft workforce had to quickly transition to a work from the home model in response to COVID-19. While nobody could have predicted the world’s current state, it has provided a very real-world test of the investments we have made implementing a Zero Trust security mode...
Extend data loss prevention to your devices with Microsoft Endpoint Data Loss Prevention, now generally available
Microsoft Endpoint Data Loss Prevention Endpoint Data Loss Prevention DLP | What it is and how to set it up in Microsoft 365. Watch today Managing and protecting data is critical to any organization. Data is growing exponentially, and remote work is making it even harder to manage risks around...
Microsoft recognized as a Leader in the 2020 Gartner Magic Quadrant for Enterprise Information Archiving
Organizations face an increasing volume of data generated daily and ever-evolving regulations around how that data is managed. To help navigate this complex information landscape, we are focused on delivering integrated, intelligent, and user-centric solutions. Over the past few years, we...
It’s Cybersecurity Awareness Month and there is still a lot to do
October is National Cyber Security Awareness Month NCSAM. And there is still a lot to do! For the last 17 years, the National Cybersecurity Awareness Month NCSAM campaign, driven by the Department of Homeland Security, has raised awareness about the importance of cyber security across the Nation...
Unilever CISO on balancing business risks with cybersecurity
Imagine showing up to work every day knowing that your job requires protecting 160,000 employees creating more than 450 products around the world—tea, ice cream, personal care, laundry and dish soaps—across a customer base of more than two and a half billion people every day. Unilever Chief...
Back to the future: What the Jericho Forum taught us about modern security
Some of the earliest formal work on what we now call Zero Trust started around in a security consortium known as the Jericho Forum which later merged into The Open Group Security Forum. This started as a group of like-minded CISOs wrestling with the limitations of the dominant and unquestioned...
Cyberattacks against machine learning systems are more common than you think
Machine learning ML is making incredible transformations in critical areas such as finance, healthcare, and defense, impacting nearly every aspect of our lives. Many businesses, eager to capitalize on advancements in ML, have not scrutinized the security of their ML systems. Today, along with...
Addressing cybersecurity risk in industrial IoT and OT
As the industrial Internet of Things IIoT and operational technology OT continue to evolve and grow, so too, do the responsibilities of the Chief Information Security Officer CISO. The CISO now needs to mitigate risks from cloud-connected machinery, warehouse systems, and smart devices scattered...
CISO Spotlight: How diversity of data (and people) defeats today’s cyber threats
This year, we have seen five significant security paradigm shifts in our industry. This includes the acknowledgment that the greater the diversity of our data sets, the better the AI and machine learning outcomes. This diversity gives us an advantage over our cyber adversaries and improves our...
Announcing the Zero Trust Deployment Center
Organizations have been digitally transforming at warp speed in response to the way businesses operate and how people work. As a result, digital security teams have been under immense pressure to ensure their environments are resilient and secure. Many have turned to a Zero Trust security model t...
CISO Stressbusters: 7 tips for weathering the cybersecurity storms
An essential requirement of being a Chief Information Security Officer CISO is stakeholder management. In many organizations, security is still seen as a support function; meaning, any share of the budget you receive may be viewed jealously by other departments. Bringing change to an organization...
Security Unlocked—A new podcast exploring the people and AI that power Microsoft Security solutions
It’s hard to keep pace with all the changes happening in the world of cybersecurity. Security experts and leaders must continue learning and unlearning to stay ahead of the ever-evolving threat landscape. In fact, many of us are in this field because of our desire to continuously challenge...
Becoming resilient by understanding cybersecurity risks: Part 1
All risks have to be viewed through the lens of the business or organization. While information on cybersecurity risks is plentiful, you can’t prioritize or manage any risk until the impact and likelihood to your organization is understood and quantified. This rule of thumb on who should be...
Advanced protection for web applications in Azure with Radware’s Microsoft Security integration
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA here. The state of application security Companies face a wide range of security challenges, such as Open Source Foundation for Application Security Project OWASP vulnerabilities,...
Trickbot disrupted
As announced today, Microsoft took action against the Trickbot botnet, disrupting one of the world’s most persistent malware operations. Microsoft worked with telecommunications providers around the world to disrupt key Trickbot infrastructure. As a result, operators will no longer be able to use...
Sophisticated new Android malware marks the latest evolution of mobile ransomware
Attackers are persistent and motivated to continuously evolve – and no platform is immune. That is why Microsoft has been working to extend its industry-leading endpoint protection capabilities beyond Windows. The addition of mobile threat defense into these capabilities means that Microsoft...
Best practices for defending Azure Virtual Machines
One of the things that our Detection and Response Team DART and Customer Service and Support CSS security teams see frequently during investigation of customer incidents are attacks on virtual machines from the internet. This is one area in the cloud security shared responsibility model where...
Why we invite security researchers to hack Azure Sphere
Fighting the security battle so our customers don’t have to IoT devices are becoming more prevalent in almost every aspect of our lives—we will rely on them in our homes, our businesses, as well as our infrastructure. In February, Microsoft announced the general availability of Azure Sphere, an...
3 ways Microsoft helps build cyber safety awareness for all
This tumultuous year has brought paradigm shifts across every facet of daily life. A global pandemic has pushed much of our lives online—work, school, entertainment, shopping, and socializing. But one thing remains unchanged: people everywhere share a common need for safety. Today, our need for...
Why integrated phishing-attack training is reshaping cybersecurity—Microsoft Security
Phishing is still one of the most significant risk vectors facing enterprises today. Innovative email security technology like Microsoft Defender for Office 365 stops a majority of phishing attacks before they hit user inboxes, but no technology in the world can prevent 100 percent of phishing...
Microsoft Advanced Compliance Solutions in Zero Trust Architecture
Zero Trust revolves around three key principles: verify explicitly, use least privileged access, and assume breach. Microsoft’s Advanced Compliance Solutions are an important part of Zero Trust. This post applies a Zero Trust lens to protecting an organization’s sensitive data and maintaining...
Microsoft Digital Defense Report 2020: Cyber Threat Sophistication on the Rise
Today, Microsoft is releasing a new annual report, called the Digital Defense Report, covering cybersecurity trends from the past year. This report makes it clear that threat actors have rapidly increased in sophistication over the past year, using techniques that make them harder to spot and tha...
Microsoft Security—detecting empires in the cloud
Microsoft consistently tracks the most advanced threat actors and evolving attack techniques. We use these findings to harden our products and platform and share them with the security community to help defenders everywhere better protect the planet. Recently, the Microsoft Threat Intelligence...
Microsoft Security: 6 tips for enabling people-centric cybersecurity with security training
Everyone knows about phishing scams, and most of us think we’re too smart to take the bait. Our confidence often reaches superhero levels when we’re logged onto a company network. As Chief Security Advisor for Microsoft, and previously at telco Swisscom, it’s my business to understand how well...
Microsoft delivers unified SIEM and XDR to modernize security operations
The threat landscape continues to increase in both complexity and the level of sophistication of the attacks we observe. Attackers target the most vulnerable resources in an organization and then traverse laterally to target high-value assets. No longer can you expect to stay safe by protecting...
Microsoft announces cloud innovation to simplify security, compliance, and identity
2020 will be remembered as a year of historic transformation. The pandemic has changed the way businesses operate and people work. One thing that has not changed is our basic human nature and the need to feel safe. Being safe and feeling safe is what allows us to do more, create more, and have...
Identity at Microsoft Ignite: Rising to the challenges of secure remote access and employee productivity
These past months have changed the way we work in so many ways. When businesses and schools went remote overnight, many of you had to adapt quickly to ensure your users could stay productive while working from home. Bad actors are trying to exploit these seismic shifts, making it more important...
Enable secure remote work, address regulations and uncover new risks with Microsoft Compliance
As we talk with a broad range of customers in the current environment, we hear some consistent challenges businesses are facing. With so many remote workers, people are creating, sharing, and storing data in new ways, which fosters productivity, but can also introduce new risks. A recent Microsof...
Vectra and Microsoft join forces to step up detection and response
This blog post is part of the Microsoft Intelligent Security Association MISA guest blog series. Click here to learn more about MISA. Traditional security operations center SOC processes typically involve a wide variety of disparate event notification tools that force overworked analysts to battl...
Industry-wide partnership on threat-informed defense improves security for all
MITRE Engenuity’s Center for Threat-Informed Defense has published a library of detailed plans for emulating the threat actor FIN6 which Microsoft tracks as TAAL, a collection of threat intelligence, MITRE ATT&CK data, supporting scripts, and utilities designed to enable red teams to emulate the...