Microsoft announces new Project OneFuzz framework, an open source developer tool to find and fix bugs at scale

Microsoft is dedicated to working with the community and our customers to continuously improve and tune our platform and products to help defend against the dynamic and sophisticated threat landscape. Earlier this year, we announced that we would replace the existing software testing experience...

Microsoft Security: Use baseline default tools to accelerate your security career

I wrote a series of blogs last year on how gamified learning through cyber ranges can create more realistic and impactful cybersecurity learning experiences and help attract tomorrow’s security workforce. With the global talent shortage in this field, we need to work harder to bring people into t...

STRONTIUM: Detecting new patterns in credential harvesting

Microsoft has tied STRONTIUM to a newly uncovered pattern of Office365 credential harvesting activity aimed at US and UK organizations directly involved in political elections. Analysts from Microsoft Threat Intelligence Center MSTIC and Microsoft Identity Security have been tracking this new...

Accelerate your adoption of SIEM using Azure Sentinel and a new offer from Microsoft

Take advantage of the efficiency benefits of Cloud-native SIEM using Azure Sentinel Today, security needs are evolving faster than ever—and the importance of being agile and cost-effective has never been clearer. Security teams need to get more done, faster, with less budget. On-premises security...

3 ways Microsoft 365 can help you reduce helpdesk costs

With more people than ever working remotely, organizations must maximize employee productivity while protecting an ever-growing digital footprint. Many have stitched together specialized security solutions from different vendors to improve their cybersecurity posture, but this approach is expensi...

Force firmware code to be measured and attested by Secure Launch on Windows 10

You cannot build something great on a weak foundation – and security is no exception. Windows is filled with important security features like Hypervisor-protected code integrity HVCI and Windows Defender Credential Guard that protect users from advanced hardware and firmware attacks. For these...

Microsoft Security: How to cultivate a diverse cybersecurity team

Boost creative problem solving with a diverse cybersecurity team In cybersecurity, whether we are talking about cryptocurrency mining, supply chain attacks, attacks against IoT, or COVID-19-related phishing lures, we know that gaining the advantage over our adversaries requires greater diversity ...

Microsoft Security: What cybersecurity skills do I need to become a CISO?

Build the business skills you need to advance to Chief Information Security Officer For many cybersecurity professionals, the ultimate career goal is to land a chief information security officer CISO job. A CISO is an executive-level position responsible for cyber risk management and operations...

Microsoft Zero Trust deployment guide for your applications

Introduction More likely than not, your organization is in the middle of a digital transformation characterized by increased adoption of cloud apps and increased demand for mobility. In the age of remote work, users expect to be able to connect to any resource, on any device, from anywhere in the...

Stopping Active Directory attacks and other post-exploitation behavior with AMSI and machine learning

When attackers successfully breach a target network, their typical next step is to perform reconnaissance of the network, elevate their privileges, and move laterally to reach specific machines or spread as widely as possible. For these activities, attackers often probe the affected network’s...

Rethinking IoT/OT Security to Mitigate Cyberthreats

We live in an exciting time. We’re in the midst of the fourth industrial revolution—first steam, followed by electricity, then computers, and, now, the Internet of Things. A few years ago, IoT seemed like a futuristic concept that was on the distant horizon. The idea that your fridge would be...

How can Microsoft Threat Protection help reduce the risk from phishing?

Microsoft Threat Protection can help you reduce the cost of phishing The true cost of a successful phishing campaign may be higher than you think. Although phishing defenses and user education have become common in many organizations, employees still fall prey to these attacks. This is a problem...

How to detect and mitigate phishing risks with Microsoft and Terranova Security

Detect, assess, and remediate phishing risks across your organization A successful phishing attack requires just one person to take the bait. That’s why so many organizations fall victim to these cyber threats. To reduce this human risk, you need a combination of smart technology and people-centr...

How do I implement a Zero Trust security model for my Microsoft remote workforce?

Digital empathy should guide your Zero Trust implementation Zero Trust has always been key to maintaining business continuity. And now, it’s become even more important during the COVID-19 pandemic to helping enable the largest remote workforce in history. While organizations are empowering people...

Microsoft and Corrata integrate to extend cloud app security to mobile endpoints

This blog post is part of the Microsoft Intelligence Security Association guest blog series. To learn more about MISA, go here. The growth of mobile and remote work and the emergence of the “post perimeter” world has made keeping track of shadow IT a huge challenge for enterprise IT teams. What...

Taking Transport Layer Security (TLS) to the next level with TLS 1.3

Transport Layer Security TLS 1.3 is now enabled by default on Windows 10 Insider Preview builds, starting with Build 20170, the first step in a broader rollout to Windows 10 systems. TLS 1.3 is the latest version of the internet’s most deployed security protocol, which encrypts data to provide a...

Gartner announces the 2020 Magic Quadrant for Unified Endpoint Management

I’m excited to announce that, last week, Gartner listed Microsoft as a Leader in its 2020 Magic Quadrant for Unified Endpoint Management. You can read the entire report here, and you can see a snapshot of the Magic Quadrant below. You will note that we improved on both the “Ability to Execute” an...

New data from Microsoft shows how the pandemic is accelerating the digital transformation of cyber-security

The importance of cybersecurity in facilitating productive remote work was a significant catalyst for the two years-worth of digital transformation we observed in the first two months of the COVID-19 pandemic. In this era of ubiquitous computing, security solutions don’t just sniff out threats,...

New Forrester study shows customers who deploy Microsoft Azure AD benefit from 123% ROI.

Over the past six months, organizations around the world have accelerated digital transformation efforts to rapidly enable a remote workforce. As more employees than ever access apps via their home networks, the corporate network perimeter has truly disappeared, making identity the control plane...

Microsoft Office 365—Do you have a false sense of cloud security?

Through difficult times, some adversaries will find opportunities and COVID-19 has proven to be a ripe opportunity for them to target a new, expanding, remote workforce. While these threats morph and evolve, Microsoft’s Detection and Response Team DART finds ways to endure and help organizations...

How to organize your security team: The evolution of cybersecurity roles and responsibilities

Digital transformation, cloud computing, and a sophisticated threat landscape are forcing everyone to rethink the functions of each role on their security teams, from Chief Information Security Officers CISOs to practitioners. With billions of people around the globe working from home, changes to...

Zero Trust: From security option to business imperative overnight

Not long ago when I spoke with customers about Zero Trust, our conversations focused on discussing the principles, defining scope, or sharing our own IT organization’s journey. Zero Trust was something interesting to learn about, and most organizations were very much in the exploratory phase. As...

Afternoon Cyber Tea: Revisiting social engineering: The human threat to cybersecurity

Most of us know ‘Improv’ through film, theatre, music or even live comedy. It may surprise you to learn that the skills required for improvisational performance art, can also make you a good hacker? In cybersecurity, while quite a bit of focus is on the technology that our adversaries use, we mus...

Associate Microsoft and Pradeo to manage and secure Android Enterprise mobile devices

This blog post is part of the Microsoft Intelligence Security Association guest blog series. To learn more about MISA, go here. Want to learn more on how Android Enterprise works with existing mobility management and security solutions? This article will explain how Android Enterprise fits in a...

CISO Stressbusters: Post #4: 4 tips for running a highly effective security operation

Rebecca Wynn, Global CISO & Chief Privacy Officer CISO of 247.ai , shares her advice for relieving stress in today’s CISO Stressbuster post. In many organizations, CISO is held accountable for security breaches, yet they don’t have control over all the decisions and systems that impact cyber risk...

Microsoft Joins Open Source Security Foundation

Microsoft has invested in the security of open-source software for many years and today I’m excited to share that Microsoft is joining industry partners to create the Open Source Security Foundation OpenSSF, a new cross-industry collaboration hosted at the Linux Foundation. The OpenSSF brings...

Inside Microsoft Threat Protection: Solving cross-domain security incidents through the power of correlation analytics

In theory, a cyberattack can be disrupted at every phase of the attack chain. In reality, however, defense stack boundaries should overlap in order to be effective. When a threat comes via email, for example, even with good security solutions in place, organizations must assume that the threat ma...

Empower your analysts to reduce burnout in your security operations center

Effective cybersecurity starts with a skilled and empowered team. In a world with more remote workers and an evolving threat landscape, you need creative problem solvers defending your organization. Unfortunately, many traditional security organizations operate in a way that discourages growth,...

Guiding principles of our identity strategy: staying ahead of evolving customer needs

Last June, when I shared the 5 principles driving a customer-obsessed identity strategy at Microsoft, many of you had embraced the idea of a boundaryless environment, but relatively few had implemented it in practice. A global pandemic made remote access essential and forced many of you to...

Afternoon Cyber Tea: Peak, Plateau, or Plummet? Cyber security trends that are here to stay and how to detect and recover from ransomware attacks

The rapidity of change in the cyberthreat landscape can be daunting for today’s cyber defense teams. Just as they perfect the ability to block one attack method, adversaries change their approach. Tools like artificial intelligence and machine learning allow us to pivot quickly, however, knowing...

Seeing the big picture: Deep learning-based fusion of behavior signals for threat detection

The application of deep learning and other machine learning methods to threat detection on endpoints, email and docs, apps, and identities drives a significant piece of the coordinated defense delivered by Microsoft Threat Protection. Within each domain as well as across domains, machine learning...

Preventing data loss and mitigating risk in today’s remote work environment

The shift to remote work over the past few months has increased the need for organizations to re-evaluate their security and risk management practices. With employees accessing corporate data at times on home computers or sharing and collaborating in new ways, organizations could be at greater ri...

Hello open source security! Managing risk with software composition analysis

When first learning to code many people start with a rudimentary “Hello World” program. Building the program teaches developers the basics of a language as they write the code required to display “Hello World” on a screen. As developers get more skilled, the complexity of the programs they build...

5 cybersecurity paradigm shifts that will lead to more inclusive digital experiences

Whether responding to a natural disaster, defending against a cyberattack, or meeting the unprecedented demands to enable the largest workforce in history to work remotely, we amplify our human capacity through technology. At Microsoft, cybersecurity is the underpinning to helping organizations...

Prevent and detect more identity-based attacks with Azure Active Directory

Security incidents often start with just one compromised account. Once an attacker gets their foot in the door, they can escalate privileges or gather intelligence that helps them reach their goals. This is why we say that identity is the new security perimeter. To reduce the risk of a data breac...

CISO Stressbusters Post #3: 3 ways to share accountability for security risk management

Jim Eckart, former Chief Information Security Officer CISO of The Coca-Cola Company and current Chief Security Advisor at Microsoft shares his advice for relieving stress in today’s CISO Stressbuster post. If you are a CISO, it can feel like the responsibility for keeping the company secure rests...

Microsoft Intelligent Security Association expands to include managed security service providers

We’d planned a splashy party at Microsoft Inspire to announce our newest Microsoft Intelligent Security Association MISA members and introduce them to association members, but given our world today, I am instead picturing you reading this announcement curled up in a chair with a cup of coffee...

Making Azure Sentinel work for you

Microsoft Azure Sentinel is the first Security Incident and Event Management SIEM solution built into a major public cloud platform that delivers intelligent security analytics across enterprise environments and offers automatic scalability to meet changing needs. This new white paper outlines be...

Inside Microsoft Threat Protection: Correlating and consolidating attacks into incidents

Cybersecurity incidents are never contained to just one of your organization’s assets. Most attacks involve multiple elements across domains, including email, endpoints, identities, and applications. To rapidly understand and address incidents, your Security Operations Center SOC analysts need to...

Introducing Kernel Data Protection, a new platform security technology for preventing data corruption

Attackers, confronted by security technologies that prevent memory corruption, like Code Integrity CI and Control Flow Guard CFG, are expectedly shifting their techniques towards data corruption. Attackers use data corruption techniques to target system security policy, escalate privileges, tampe...

Protecting your remote workforce from application-based attacks like consent phishing

The global pandemic has dramatically shifted how people work. As a result, organizations around the world have scaled up cloud services to support collaboration and productivity from home. We’re also seeing more apps leverage Microsoft’s identity platform to ensure seamless access and integrated...

New study shows customers save time, resources and improve security with Microsoft Cloud App Security

The global pandemic has forever changed our workplaces and reshaped our cybersecurity priorities. While in recent months cloud apps have helped people around the globe stay productive and connected. They also pose an increased cybersecurity risk to businesses large and small, especially when you...

The world is your authentication and identity oyster

This blog post is part of the Microsoft Intelligence Security Association guest blog series. To learn more about MISA, go here. The world is your authentication/identity oyster If you’re older than 10 years of age you’ve undoubtedly heard the phrase “The world is your oyster.” This basically mean...

Afternoon Cyber Tea: Cybersecurity & IoT: New risks and how to minimize them

Recently, Microsoft announced our acquisition of CyberX, a comprehensive network-based security platform with continuous threat monitoring and analytics. This solution builds upon our commitment to provide a unified IoT security solution that addresses connected devices spread across both...

The psychology of social engineering—the “soft” side of cybercrime

Forty-eight percent of people will exchange their password for a piece of chocolate,1 91 percent of cyberattacks begin with a simple phish,2 and two out of three people have experienced a tech support scam in the past 12 months.3 What do all of these have in common? They make use of social...

Best security, compliance, and privacy practices for the rapid deployment of publicly facing Microsoft Power Apps intake forms

With the dawn of the COVID-19 pandemic, state and federal agencies around the globe were looking at ways to modernize data intake for social services recipients. The government of a country of about 40 million citizens reached out to Microsoft and asked us to assist in this endeavor. Going...

Lessons learned from the Microsoft SOC—Part 3d: Zen and the art of threat hunting

Threat hunting is a powerful way for the SOC to reduce organizational risk, but it’s commonly portrayed and seen as a complex and mysterious art form for deep experts only, which can be counterproductive. In this and the next blog we will shed light on this important function and recommend simple...

Feeling fatigued? Cloud-based SIEM relieves security team burnout

Most CISOs and CSOs are worried that a growing volume of alerts is causing burnout among their teams, according to new research from IDG. You can learn about additional challenges to security operations teams by reading the IDG report SIEM Shift: How the Cloud is Transforming Security Operations...

Defending Exchange servers under attack

Securing Exchange servers is one of the most important things defenders can do to limit organizational exposure to attacks. Any threat or vulnerability impacting Exchange servers should be treated with the highest priority because these servers contain critical business data, as well as highly...

CISO Stressbusters: Post #2: 4 tips for getting the first 6 months right as a new CISO

In your first six months in a new Chief Information Security Officer CISO role, you will often be tasked with building a security program. For some of us this is the most exciting part of the job, but it can also be stressful. You’re probably working under a deadline. Plus, it can be difficult to...