1512 matches found
How Office 365 learned to reel in phish
Today's post was coauthored by Debraj Ghosh, Senior Product Marketing Manager, and Jason Rogers, Principal Group Program Manager at Microsoft. We recently reported how we measure catch rates of malicious emails for Office 365 Exchange Online Protection EOP available with any Office 365 subscripti...
Secure file storage
This is a blog series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series, youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out Collaborate Securely, the fifth...
Making it real—harnessing data gravity to build the next gen SOC
This post was coauthored by Diana Kelley, Cybersecurity Field CTO, andSin John,EMEA Chief Security Advisor, Cybersecurity Solutions Group. In our first blog, Diana and I talked about the concept of data gravity and how it could, conceptually, help organizations take a more cloud-ready approach to...
Microsoft partners with DigiCert to begin deprecating Symantec TLS certificates
Starting in September 2018, Microsoft began deprecating the SSL/TLS capability of Symantec root certificates due to compliance issues. Google, Mozilla, and Apple have also announced deprecation plans related to Symantec SSL/TLS certificates. Symantec cryptographic certificates are used in critica...
Ignite 2018 highlights: password-less sign-in, confidential computing, new threat protection, and more
What a week it was in Orlando! Ignite is always a biggie, and this one was no exception. For all of us here at Microsoft who get to work on security, spending time with customers to learn how you are using our security products today and to share new innovations to come is a highlight. At this...
Collaborate securely
This is a blog series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out Protecting user identities, the...
Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV
Consider this scenario: Two never-before-seen, heavily obfuscated scripts manage to slip past file-based detection and dynamically load an info-stealing payload into memory. The scripts are part of a social engineering campaign that tricks potential victims into running the scripts, which use the...
Delivering security innovation that puts Microsoft’s experience to work for you
Cybersecurity is the central challenge of our digital age. Without it, everything from our personal email accounts and privacy to the way we do business, and all types of critical infrastructure, are under threat. As attackers evolve, staying ahead of these threats is getting harder. Microsoft ca...
Get deeper into security at Microsoft Ignite 2018
This year at Microsoft Ignite, we will be making some exciting announcementsfrom new capabilities for identity management and information protection to powerful artificial intelligence AI innovations that can help you stay ahead of an often overwhelming surge in threats and security alerts. Join ...
Office VBA + AMSI: Parting the veil on malicious macros
As part of our continued efforts to tackle entire classes of threats, Office 365 client applications now integrate with Antimalware Scan Interface AMSI, enabling antivirus and other security solutions to scan macros and other scripts at runtime to check for malicious behavior. Macro-based threats...
Small businesses targeted by highly localized Ursnif campaign
Cyber thieves are continuously looking for new ways to get people to click on a bad link, open a malicious file, or install a poisoned update in order to steal valuable data. In the past, they cast as wide a net as possible to increase the pool of potential victims. But attacks that create a lot ...
Practical application of artificial intelligence that can transform cybersecurity
As I write this blog post, Im sitting by the beach on my computer in a sunny destination while my family plays in the water. Were on vacation, but we all have our own definition of fun. For me its writing blogs on the beachreally! The headspace is outstanding for uninterrupted thinking time and...
Protecting user identities
This is a blog series that responds to common questions we receive from customers about the deployment of Microsoft 365 security solutions. In this series, youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out Cybersecurity threats: How ...
Building the security operations center of tomorrow—harnessing the law of data gravity
This post was coauthored by Diana Kelley, Cybersecurity Field CTO, and Sin John, EMEA Chief Security Advisor, Cybersecurity Solutions Group. Youve got a big dinner planned and your dishwasher goes on the fritz. You call the repair company and are lucky enough to get an appointment for that...
Partnering with the industry to minimize false positives
Every day, antivirus capabilities in Windows Defender Advanced Threat Protection Windows Defender ATP protect millions of customers from threats. To effectively scale protection, Windows Defender ATP uses intelligent systems that combine multiple layers of machine learning models, behavior-based...
Finding the signal of community in all the noise at Black Hat
I dont know about you, but I find large conferences overwhelming. Dont get me wrong, nothing beats the innovative potential of bringing a diverse group of brilliant people together to hash through thorny issues and share insights. But there are so many speakers, booths, and people, it can be a...
How Microsoft 365 Security integrates with your broader IT ecosystem—part 3
Todays post was coauthored by Debraj Ghosh, Senior Product Marketing Manager, and Diana Kelley, Cybersecurity Field CTO. Customer satisfaction is one of the most important goals for Microsoft 365 Security. In part 1 of this series, we discussed Microsofts overall security strategy for connecting...
Cybersecurity threats: How to discover, remediate, and mitigate
This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog, Protect...
Protecting the protector: Hardening machine learning defenses against adversarial attacks
Harnessing the power of machine learning and artificial intelligence has enabled Windows Defender Advanced Threat Protection Windows Defender ATP next-generation protection to stop new malware attacks before they can get started often within milliseconds. These predictive technologies are central...
Building on experience: a framework for cybersecurity policy
Each year, more and more governments are developing policies to address security challenges presented by an increasingly digitized world. And to support those efforts, Im excited today to announce the release of Microsofts new Cybersecurity Policy Framework, a resource for policymakers that...
Protecting the modern workplace from a wide range of undesirable software
Security is a fundamental component of the trusted and productive Windows experience that we deliver to customers through modern platforms like Windows 10 and Windows 10 in S mode. As we build intelligent security technologies that protect the modern workplace, we aim to always ensure that...
Attending Black Hat USA 2018? Here’s what to expect from Microsoft.
Black Hat USA 2018 brings together professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. This is an exciting time as our Microsoft researchers, partners, and security experts will showcase t...
Protect your data in files, apps, and devices
This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog, Enable yo...
How Microsoft 365 Security integrates with your broader IT ecosystem—part 2
Todays post was coauthored by Debraj Ghosh, Senior Product Marketing Manager, and Diana Kelley, Cybersecurity Field CTO. In part 1 of our blog series, we shared the Microsoft 365 Security strategy for integrating with the broader security community. Today, we cover the services Microsoft 365...
Attack inception: Compromised supply chain within a supply chain poses new risks
A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection Windows Defender ATP emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one of its software vendor...
Be like a Moomin: How to establish trust between competitors so we can fight cybercrime
Do you know the Moomins? They're a tight-knit, happy, collaborative cartoon family. I'd never heard of them until I was lucky enough to spend a few days at the Microsoft offices in Helsinki, Finland. The Moomin keychain in the photo was a gift from the Finnish CISO. As I did a little research int...
March-April 2018 test results: More insights into industry AV tests
In a previous post, in the spirit of our commitment to delivering industry-leading protection, customer choice, and transparency on the quality of our solutions, we shared insights and context into the results of AV-TESTs January-February 2018 test cycle. We released a transparency report to help...
Jumpstart your Microsoft Graph Security API integration with the new JavaScript sample app
The Microsoft Graph Security API, which launched this spring, is a unified REST API for integrating data and intelligence from Microsoft products, services, and partners. Using Microsoft Graph, developers can easily build applications that consolidate and correlate security alerts from multiple...
Enable your users to work securely from anywhere, anytime, across all of their devices
This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 Security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog, Assessing...
Microsoft Intelligent Security Association expands with new members and products
Last April, we introduced theMicrosoft Intelligent Security Associationa group of 19 security technology providers who have integrated their solutions with a select set of Microsoft products to provide customers better protection, detection, and response. Today, we are pleased to announce five ne...
How Microsoft 365 Security integrates with the broader security ecosystem—part 1
Today's post was coauthored by Debraj Ghosh, Senior Product Marketing Manager, and Diana Kelley, Cybersecurity Field CTO. This week is the annual Microsoft Inspire conference, where Microsoft directly engages with industry partners. Last year at Inspire, we announced Microsoft 365, providing a...
Hawkeye Keylogger – Reborn v8: An in-depth campaign analysis
Much of cybercrime today is fueled by underground markets where malware and cybercriminal services are available for purchase. These markets in the deep web commoditize malware operations. Even novice cybercriminals can buy malware toolkits and other services they might need for malware campaigns...
P = NP: Cloud data protection in vulnerable non-production environments
Data is the holy grail of your cloud workloads for attackers. Data breaches are the kind of breaches that make the news. With the recent European Union General Data Protection Regulations GDPR, they will make even bigger headlines. From an enterprise point of view, the most challenging aspect of...
Assessing Microsoft 365 security solutions using the NIST Cybersecurity Framework
This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series, youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blogNew...
Perspectives of a former CISO: Disrupted security in digitalization
My passion is the connection of security to the business objectives, and it has been a part of my work with many CISOs across industries as well as my experience as a CISO. This blog series a compilation of my learnings as a CISO, as well as learnings from peers and customers who are actively...
Taking apart a double zero-day sample discovered in joint hunt with ESET
In late March 2018, I analyzed an interesting PDF sample found by ESET senior malware researcherAnton Cherepanov. The sample was initially reported to Microsoft as a potential exploit for an unknown Windows kernel vulnerability. During my investigation in parallel with ESET researchers, I was...
The need and opportunity for adaptive prevention in the cloud
This post is authored by Michael Bargury, Data Scientist, C+E Security. The need The cloud introduces new security challenges, which differ from classic ones by diversity and scale. Once a Virtual Machine VM is up and running with an open internet port, it is almost instantaneously subject to...
Driving data security is a shared responsibility, here’s how you can protect yourself
You're driving a long, dark road on a rainy night. If you're driving 20 miles over the speed limit and you don't step on the brakes when the car in front of you comes to a sudden stop, is it your fault or your car manufacturers fault if you rear-end the car that is in front of you? When we drive,...
New FastTrack benefit: Deployment support for Co-management on Windows 10 devices
This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog Getting th...
Building Zero Trust networks with Microsoft 365
The traditional perimeter-based network defense is obsolete. Perimeter-based networks operate on the assumption that all systems within a network can be trusted. However, todays increasingly mobile workforce, the migration towards public cloud services, and the adoption of Bring Your Own Device...
Updating your cybersecurity strategy to enable and accelerate digital transformation
This post is authored by Cyril Voisin, Chief Security Advisor, Enterprise Cybersecurity Group. Nowadays every company is becoming a digital company to some extent. Digital transformation changes the way business is done. For example, it puts more control into the hands of employees, who now deman...
Machine learning vs. social engineering
Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Just in the last few months, machine learning h...
Cybersecurity Reference Architecture: Security for a Hybrid Enterprise
The Microsoft Cybersecurity Reference Architecture describes Microsofts cybersecurity capabilities and how they integrate with existing security architectures and capabilities. We recently updated this diagram and wanted to share a little bit about the changes and the document itself to help you...
Virtualization-based security (VBS) memory enclaves: Data protection through isolation
The escalating sophistication of cyberattacks is marked by the increased use of kernel-level exploits that attempt to run malware with the highest privileges and evade security solutions and software sandboxes. Kernel exploits famously gave the WannaCry and Petya ransomware remote code execution...
Getting the most value out of your security deployment
This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog Now that y...
From the ground up to the cloud: Microsoft’s Intelligent Security supporting CISOs’ cloud transformation
Its no secret that Microsoft has embraced the cloud in a big wayfrom enterprise solutions like Microsoft Azure to Office 365 and Windows. But a recent research report by Forrester focuses on an equally important shift in our approach to securityintegrating workforce and cloud security in ways tha...
Adding transparency and context into industry AV test results
Corporate Vice President Brad Anderson recently shared his insights on how Windows Defender Advanced Threat Protection Windows Defender ATP evolved to achieve important quality milestones. Our Windows Defender ATP team is committed to delivering industry-leading protection, customer choice, and...
Want better apps? You need a (agile security) hero!
If weve learned anything from the rise of Marvel Cinematic Universe, its that good things tend to happen when heroes intervene. For securing new applications, this metaphor is a useful one because security isnt always top-of-mind for scrum teams, nor is it always conducive to meeting aggressive...
Data classification and protection now available for structured data in SQL
This post is authored by Gilad Mittelman, Senior Program Manager, SQL Data Security. Data privacy and data security have become one of the most prominent topics in organizations in almost every industry across the globe. New regulations that formalize requirements are emerging around these topics...
Partnerships power the future of better security
This post is authored by Jeremy Dallman, Principal Program Manager. Our goal in building the Microsoft Graph Security API is to enable customers to share insights and take action across security solutions to improve protection and speed response. By creating a connected security ecosystem,...