How Microsoft 365 Security integrates with your broader IT ecosystem—part 3

Todays post was coauthored by Debraj Ghosh, Senior Product Marketing Manager, and Diana Kelley, Cybersecurity Field CTO. Customer satisfaction is one of the most important goals for Microsoft 365 Security. In part 1 of this series, we discussed Microsofts overall security strategy for connecting...

Cybersecurity threats: How to discover, remediate, and mitigate

This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog, Protect...

Protecting the protector: Hardening machine learning defenses against adversarial attacks

Harnessing the power of machine learning and artificial intelligence has enabled Windows Defender Advanced Threat Protection Windows Defender ATP next-generation protection to stop new malware attacks before they can get started often within milliseconds. These predictive technologies are central...

Building on experience: a framework for cybersecurity policy

Each year, more and more governments are developing policies to address security challenges presented by an increasingly digitized world. And to support those efforts, Im excited today to announce the release of Microsofts new Cybersecurity Policy Framework, a resource for policymakers that...

Protecting the modern workplace from a wide range of undesirable software

Security is a fundamental component of the trusted and productive Windows experience that we deliver to customers through modern platforms like Windows 10 and Windows 10 in S mode. As we build intelligent security technologies that protect the modern workplace, we aim to always ensure that...

Attending Black Hat USA 2018? Here’s what to expect from Microsoft.

Black Hat USA 2018 brings together professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. This is an exciting time as our Microsoft researchers, partners, and security experts will showcase t...

Protect your data in files, apps, and devices

This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog, Enable yo...

How Microsoft 365 Security integrates with your broader IT ecosystem—part 2

Todays post was coauthored by Debraj Ghosh, Senior Product Marketing Manager, and Diana Kelley, Cybersecurity Field CTO. In part 1 of our blog series, we shared the Microsoft 365 Security strategy for integrating with the broader security community. Today, we cover the services Microsoft 365...

Attack inception: Compromised supply chain within a supply chain poses new risks

A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection Windows Defender ATP emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one of its software vendor...

Be like a Moomin: How to establish trust between competitors so we can fight cybercrime

Do you know the Moomins? They're a tight-knit, happy, collaborative cartoon family. I'd never heard of them until I was lucky enough to spend a few days at the Microsoft offices in Helsinki, Finland. The Moomin keychain in the photo was a gift from the Finnish CISO. As I did a little research int...

March-April 2018 test results: More insights into industry AV tests

In a previous post, in the spirit of our commitment to delivering industry-leading protection, customer choice, and transparency on the quality of our solutions, we shared insights and context into the results of AV-TESTs January-February 2018 test cycle. We released a transparency report to help...

Jumpstart your Microsoft Graph Security API integration with the new JavaScript sample app

The Microsoft Graph Security API, which launched this spring, is a unified REST API for integrating data and intelligence from Microsoft products, services, and partners. Using Microsoft Graph, developers can easily build applications that consolidate and correlate security alerts from multiple...

Enable your users to work securely from anywhere, anytime, across all of their devices

This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 Security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog, Assessing...

Microsoft Intelligent Security Association expands with new members and products

Last April, we introduced theMicrosoft Intelligent Security Associationa group of 19 security technology providers who have integrated their solutions with a select set of Microsoft products to provide customers better protection, detection, and response. Today, we are pleased to announce five ne...

How Microsoft 365 Security integrates with the broader security ecosystem—part 1

Today's post was coauthored by Debraj Ghosh, Senior Product Marketing Manager, and Diana Kelley, Cybersecurity Field CTO. This week is the annual Microsoft Inspire conference, where Microsoft directly engages with industry partners. Last year at Inspire, we announced Microsoft 365, providing a...

Hawkeye Keylogger – Reborn v8: An in-depth campaign analysis

Much of cybercrime today is fueled by underground markets where malware and cybercriminal services are available for purchase. These markets in the deep web commoditize malware operations. Even novice cybercriminals can buy malware toolkits and other services they might need for malware campaigns...

P = NP: Cloud data protection in vulnerable non-production environments

Data is the holy grail of your cloud workloads for attackers. Data breaches are the kind of breaches that make the news. With the recent European Union General Data Protection Regulations GDPR, they will make even bigger headlines. From an enterprise point of view, the most challenging aspect of...

Assessing Microsoft 365 security solutions using the NIST Cybersecurity Framework

This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series, youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blogNew...

Perspectives of a former CISO: Disrupted security in digitalization

My passion is the connection of security to the business objectives, and it has been a part of my work with many CISOs across industries as well as my experience as a CISO. This blog series a compilation of my learnings as a CISO, as well as learnings from peers and customers who are actively...

Taking apart a double zero-day sample discovered in joint hunt with ESET

In late March 2018, I analyzed an interesting PDF sample found by ESET senior malware researcherAnton Cherepanov. The sample was initially reported to Microsoft as a potential exploit for an unknown Windows kernel vulnerability. During my investigation in parallel with ESET researchers, I was...

The need and opportunity for adaptive prevention in the cloud

This post is authored by Michael Bargury, Data Scientist, C+E Security. The need The cloud introduces new security challenges, which differ from classic ones by diversity and scale. Once a Virtual Machine VM is up and running with an open internet port, it is almost instantaneously subject to...

Driving data security is a shared responsibility, here’s how you can protect yourself

You're driving a long, dark road on a rainy night. If you're driving 20 miles over the speed limit and you don't step on the brakes when the car in front of you comes to a sudden stop, is it your fault or your car manufacturers fault if you rear-end the car that is in front of you? When we drive,...

New FastTrack benefit: Deployment support for Co-management on Windows 10 devices

This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog Getting th...

Building Zero Trust networks with Microsoft 365

The traditional perimeter-based network defense is obsolete. Perimeter-based networks operate on the assumption that all systems within a network can be trusted. However, todays increasingly mobile workforce, the migration towards public cloud services, and the adoption of Bring Your Own Device...

Updating your cybersecurity strategy to enable and accelerate digital transformation

This post is authored by Cyril Voisin, Chief Security Advisor, Enterprise Cybersecurity Group. Nowadays every company is becoming a digital company to some extent. Digital transformation changes the way business is done. For example, it puts more control into the hands of employees, who now deman...

Machine learning vs. social engineering

Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Just in the last few months, machine learning h...

Cybersecurity Reference Architecture: Security for a Hybrid Enterprise

The Microsoft Cybersecurity Reference Architecture describes Microsofts cybersecurity capabilities and how they integrate with existing security architectures and capabilities. We recently updated this diagram and wanted to share a little bit about the changes and the document itself to help you...

Virtualization-based security (VBS) memory enclaves: Data protection through isolation

The escalating sophistication of cyberattacks is marked by the increased use of kernel-level exploits that attempt to run malware with the highest privileges and evade security solutions and software sandboxes. Kernel exploits famously gave the WannaCry and Petya ransomware remote code execution...

Getting the most value out of your security deployment

This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog Now that y...

From the ground up to the cloud: Microsoft’s Intelligent Security supporting CISOs’ cloud transformation

Its no secret that Microsoft has embraced the cloud in a big wayfrom enterprise solutions like Microsoft Azure to Office 365 and Windows. But a recent research report by Forrester focuses on an equally important shift in our approach to securityintegrating workforce and cloud security in ways tha...

Adding transparency and context into industry AV test results

Corporate Vice President Brad Anderson recently shared his insights on how Windows Defender Advanced Threat Protection Windows Defender ATP evolved to achieve important quality milestones. Our Windows Defender ATP team is committed to delivering industry-leading protection, customer choice, and...

Want better apps? You need a (agile security) hero!

If weve learned anything from the rise of Marvel Cinematic Universe, its that good things tend to happen when heroes intervene. For securing new applications, this metaphor is a useful one because security isnt always top-of-mind for scrum teams, nor is it always conducive to meeting aggressive...

Data classification and protection now available for structured data in SQL

This post is authored by Gilad Mittelman, Senior Program Manager, SQL Data Security. Data privacy and data security have become one of the most prominent topics in organizations in almost every industry across the globe. New regulations that formalize requirements are emerging around these topics...

Partnerships power the future of better security

This post is authored by Jeremy Dallman, Principal Program Manager. Our goal in building the Microsoft Graph Security API is to enable customers to share insights and take action across security solutions to improve protection and speed response. By creating a connected security ecosystem,...

Now that you have a plan, it’s time to start deploying

This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series, youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog First...

Securing the modern workplace with Microsoft 365 threat protection – part 4

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. Responding to ransomware in the Modern Workplace Over the last few weeks, we have shared the roots of Microsoft 365 threat protection and how Microsoft 365 threat protection helps protect against and...

Use Windows Information Protection (WIP) to help make accidental data leakage a thing of the past

Have you always wished you could have mobile application management MAM on Windows? Now you can! Windows Information Protection WIP is an out-of-the box data leakage prevention feature for Windows 10 that can automatically apply protection for work files and data to prevent accidental data leakag...

The final compliance countdown: Are you ready for GDPR?

On May 25, the General Data Protection Regulation GDPR will replace the Data Protection Directive as the new standard on data privacy for all organizations that do business with European Union EU citizens.1When GDPR goes into effect, government agencies and organizations that control, maintain, o...

Enhancing Office 365 Advanced Threat Protection with detonation-based heuristics and machine learning

Email, coupled with reliable social engineering techniques, continues to be one of the primary entry points for credential phishing, targeted attacks, and commodity malware like ransomware and, increasingly in the last few months, cryptocurrency miners. Office 365 Advanced Threat Protection ATP...

Here is Homeland Security, black swans, and thwarted cyberattacks

Last week, I had the honor of addressing The Homeland Security Training Institute HSTI at the College of DuPage as part of the HSTI Live educational series. The event featured other prominent speakers at the forefront of cybersecurity defense, including: Dave Tyson, CEO of CISO Insights, a global...

Securing the modern workplace with Microsoft 365 threat protection – part 3

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. Detecting ransomware in the modern workplace Over the last two weeks, we have shared with you the roots of Microsoft 365 threat protection and how Microsoft 365 threat protect helps protect the modern...

Securing the modern workplace with Microsoft 365 threat protection – part 2

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. Protecting the modern workplace against Ransomware Last week, we shared the roots of Microsoft 365 threat protection. This week, we want to share how Microsoft 365 threat protection services work...

Building a world without passwords

Nobody likes passwords. They are inconvenient, insecure, and expensive. In fact, we dislike them so much that weve been busy at work trying to create a world without them a world without passwords. In this blog, we will provide a brief insight into how we at Microsoft think about solving this...

First things first: Envisioning your security deployment

This blog post is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 Security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog...

Overwhelmed by overchoice at RSA Conference 2018

As over 500 companies vied for mindshare at this years RSA conference - a cacophony of vendors pitching thousands of products from brightly colored booths - it reminded me of how challenging it was for me to separate signal from noise when I was managing global networks. And the rapid growth of...

Securing the modern workplace with Microsoft 365 threat protection – part 1

This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. The roots of Microsoft 365 threat protection Over the next few weeks, well introduce you to Microsoft 365s threat protection services and demonstrate how Microsoft 365s threat protection leverages...

Teaming up in the war on tech support scams

Editors note: Erik Wahlstrom spoke about the far-reaching impact of tech support scams and the need for industry-wide cooperation in his RSA Conference 2018 talk Tech Scams: Its Time to Release the Hounds. Social engineering attacks like tech support scams are so common because theyre so effectiv...

Introducing Windows Defender System Guard runtime attestation

At Microsoft, we want users to be in control of their devices, including knowing the security health of these devices. If important security features should fail, users should be aware. Windows Defender System Guard runtime attestation, a new Windows platform security technology, fills this need...

Connect to the Intelligent Security Graph using a new API

Most organizations deal with high volumes of security data and have dozens of security solutions in their enterprise, making the task of integrating various products and services daunting and complex. The cost, time, and resources necessary to connect systems, enable correlation of alerts, and...

Tapping the intelligent cloud to make security better and easier

There has been a distinct shift in my conversations with customers over the last year. Most have gone from asking can we still keep our assets secure as we adopt cloud services?, to declaring, we are adopting cloud services in order to improve our security posture. The driving factor is generally...