How Microsoft builds privacy and security to work hand-in-hand

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

Explore the latest Microsoft Incident Response proactive services for enhanced resilience

As cyberthreats become faster, harder to detect, and more sophisticated, organizations must focus on building resilience—strengthening their ability to prevent, withstand, and recover from cybersecurity incidents. Resilience can mean the difference between containing an incident with minimal...

Explore the latest Microsoft Incident Response proactive services for enhanced resilience

As cyberthreats become faster, harder to detect, and more sophisticated, organizations must focus on building resilience—strengthening their ability to prevent, withstand, and recover from cybersecurity incidents. Resilience can mean the difference between containing an incident with minimal...

Phishing actors exploit complex routing and misconfigurations to spoof domains

Phishing actors are exploiting complex routing scenarios and misconfigured spoof protections to effectively spoof organizations’ domains and deliver phishing emails that appear, superficially, to have been sent internally. Threat actors have leveraged this vector to deliver a wide variety of...

Phishing actors exploit complex routing and misconfigurations to spoof domains

Phishing actors are exploiting complex routing scenarios and misconfigured spoof protections to effectively spoof organizations’ domains and deliver phishing emails that appear, superficially, to have been sent internally. Threat actors have leveraged this vector to deliver a wide variety of...

Introducing the Microsoft Defender Experts Suite: Elevate your security with expert-led services

Security teams are being pushed to their limits as AI‑powered cyberattacks grow in speed, scale, and sophistication—and only 14% of organizations surveyed by the World Economic Forum report they feel confident they have the right people and skills needed to meet their cybersecurity objectives.1 A...

New Microsoft e-book: 3 reasons point solutions are holding you back

While patchwork tools slow defenders down and impact visibility into potential cyberthreats, they’re an unfortunate reality for many organizations. As digital risk accelerates and attack surfaces multiply, security leaders are doing their best to stitch together point solutions while trying to...

New Microsoft e-book: 3 reasons point solutions are holding you back

While patchwork tools slow defenders down and impact visibility into potential cyberthreats, they’re an unfortunate reality for many organizations. As digital risk accelerates and attack surfaces multiply, security leaders are doing their best to stitch together point solutions while trying to...

Access Fabric: A modern approach to identity and network access

Today, most organizations use multiple identity systems and multiple network access solutions from multiple vendors. This happens, either intentionally or organically, when different areas of a company choose different tools, creating a fragmented environment that leaves weaknesses that...

Access Fabric: A modern approach to identity and network access

Today, most organizations use multiple identity systems and multiple network access solutions from multiple vendors. This happens, either intentionally or organically, when different areas of a company choose different tools, creating a fragmented environment that leaves weaknesses that...

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182 also referred to as React2Shell and includes CVE-2025-66478, which was merged into it is a critical pre-authentication remote code execution RCE vulnerability affecting React Server Components, Next.js, and related frameworks. With a CVSS score of 10.0, this vulnerability could all...

Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components

CVE-2025-55182 also referred to as React2Shell and includes CVE-2025-66478, which was merged into it is a critical pre-authentication remote code execution RCE vulnerability affecting React Server Components, Next.js, and related frameworks. With a CVSS score of 10.0, this vulnerability could all...

Microsoft named an overall leader in KuppingerCole Leadership Compass for Generative AI Defense

Today, we are proud to share that Microsoft has been recognized as an overall leader in the KuppingerCole Leadership Compass for Generative AI Defense GAD, an independent report from a leading European analyst firm. This recognition reinforces the work we’ve been doing to deliver enterprise-ready...

Microsoft named an overall leader in KuppingerCole Leadership Compass for Generative AI Defense

Today, we are proud to share that Microsoft has been recognized as an overall leader in the KuppingerCole Leadership Compass for Generative AI Defense GAD, an independent report from a leading European analyst firm. This recognition reinforces the work we’ve been doing to deliver enterprise-ready...

Imposter for hire: How fake people can gain very real access

In the latest edition of our Cyberattack Series, we dive into a real-world case of fake employees. Cybercriminals are no longer just breaking into networks—they’re gaining access by posing as legitimate employees. This form of cyberattack involves operatives posing as legitimate remote hires,...

Imposter for hire: How fake people can gain very real access

In the latest edition of our Cyberattack Series, we dive into a real-world case of fake employees. Cybercriminals are no longer just breaking into networks—they’re gaining access by posing as legitimate employees. This form of cyberattack involves operatives posing as legitimate remote hires,...

From awareness to action: Building a security-first culture for the agentic AI era

The insights gained from Cybersecurity Awareness Month, right through to Microsoft Ignite 2025, demonstrate that security remains a top priority for business leaders. It serves as a strategic lever for organizational growth, fosters trust, and facilitates the advancement of AI innovation. The Wor...

From awareness to action: Building a security-first culture for the agentic AI era

The insights gained from Cybersecurity Awareness Month, right through to Microsoft Ignite 2025, demonstrate that security remains a top priority for business leaders. It serves as a strategic lever for organizational growth, fosters trust, and facilitates the advancement of AI innovation. The Wor...

Clarity in complexity: New insights for transparent email security

As email threats grow more sophisticated and layered security architectures become more common, organizations need clear, data-driven insights to evaluate how their security solutions perform together. Benchmarking plays a critical role in helping security leaders understand not just individual...

Clarity in complexity: New insights for transparent email security

As email threats grow more sophisticated and layered security architectures become more common, organizations need clear, data-driven insights to evaluate how their security solutions perform together. Benchmarking plays a critical role in helping security leaders understand not just individual...

Shai-Hulud 2.0: Guidance for detecting, investigating, and defending against the supply chain attack

The Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. Attackers maliciously modified hundreds of publicly available packages, targeting developer environments, continuous integration and continuous delivery CI/CD...

Shai-Hulud 2.0: Guidance for detecting, investigating, and defending against the supply chain attack

The Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. Attackers maliciously modified hundreds of publicly available packages, targeting developer environments, continuous integration and continuous delivery CI/CD...

Changing the physics of cyber defense

The Deputy CISO blog series is whereMicrosoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

Changing the physics of cyber defense

The Deputy CISO blog series is whereMicrosoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

Stronger together: New Beazley collaboration enhances cyber resilience

Today’s cyberthreat landscape demands more than technical expertise: it requires a unified response team of technical responders, insurers, brokers, and legal counsel. This integrated approach is key to building long-term cyber resilience to help your organization anticipate, withstand, recover...

Stronger together: New Beazley collaboration enhances cyber resilience

Today’s cyberthreat landscape demands more than technical expertise: it requires a unified response team of technical responders, insurers, brokers, and legal counsel. This integrated approach is key to building long-term cyber resilience to help your organization anticipate, withstand, recover...

Microsoft named a leader in the 2025 Gartner® Magic Quadrant™ for Email Security

We’re honored to share that Microsoft has been named a Leader in the 2025 Gartner® Magic Quadrant™ for Email Security. We believe this recognition highlights the value of Microsoft Defender for Office 365’s innovative capabilities in addressing today’s complex email security challenges. Protect...

Microsoft named a leader in the 2025 Gartner® Magic Quadrant™ for Email Security

We’re honored to share that Microsoft has been named a Leader in the 2025 Gartner® Magic Quadrant™ for Email Security. We believe this recognition highlights the value of Microsoft Defender for Office 365’s innovative capabilities in addressing today’s complex email security challenges. Protect...

Cybersecurity strategies to prioritize now​​

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

Cybersecurity strategies to prioritize now​​

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

How to build forward-thinking cybersecurity teams for tomorrow

We are witnessing something unprecedented in cybersecurity: the democratization of advanced cyberattack capabilities. What once required nation-state resources sophisticated social engineering, polymorphic malware, coordinated infrastructure now fits in a prompt window. AI is no longer a futurist...

How to build forward-thinking cybersecurity teams for tomorrow

We are witnessing something unprecedented in cybersecurity: the democratization of advanced cyberattack capabilities. What once required nation-state resources sophisticated social engineering, polymorphic malware, coordinated infrastructure now fits in a prompt window. AI is no longer a futurist...

Charting the future of SOC: Human and AI collaboration for better security

Security operations centers are under pressure from unprecedented scale and complexity. Speed, precision, and consistency matter more than ever, and AI is everywhere—but hype alone doesn’t solve the challenge. This blog shares our journey and insights from building autonomous AI agents for MDR...

Charting the future of SOC: Human and AI collaboration for better security

Security operations centers are under pressure from unprecedented scale and complexity. Speed, precision, and consistency matter more than ever, and AI is everywhere—but hype alone doesn’t solve the challenge. This blog shares our journey and insights from building autonomous AI agents for MDR...

Microsoft named a Leader in the Gartner® Magic Quadrant™ for Access Management for the ninth consecutive year

I'm deeply grateful to our customers and partners for their continued trust and collaboration. We’re happy to share that Microsoft has been recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Access Management for the ninth consecutive year. We feel this recognition underscores the...

Microsoft named a Leader in the Gartner® Magic Quadrant™ for Access Management for the ninth consecutive year

I'm deeply grateful to our customers and partners for their continued trust and collaboration. We’re happy to share that Microsoft has been recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Access Management for the ninth consecutive year. We feel this recognition underscores the...

​​Ambient and autonomous security for the agentic era​​

Over the past year, I've had countless conversations with customers who are striving to unlock human ambition with AI. They are on their journey to become Frontier Firms, where humans and agents push the boundaries of innovation and create new possibilities, empowering humans to become limitless...

Agents built into your workflow: Get Security Copilot with Microsoft 365 E5

The cybersecurity landscape is at a historic inflection point. As cyberattackers wield AI to automate cyberattacks at extraordinary speed and scale, the challenge before us is not just to keep pace—but to leap ahead. There are over four million unfilled cybersecurity jobs, so depending solely on...

​​Ambient and autonomous security for the agentic era​​

Over the past year, I've had countless conversations with customers who are striving to unlock human ambition with AI. They are on their journey to become Frontier Firms, where humans and agents push the boundaries of innovation and create new possibilities, empowering humans to become limitless...

Agents built into your workflow: Get Security Copilot with Microsoft 365 E5

The cybersecurity landscape is at a historic inflection point. As cyberattackers wield AI to automate cyberattacks at extraordinary speed and scale, the challenge before us is not just to keep pace—but to leap ahead. There are over four million unfilled cybersecurity jobs, so depending solely on...

Collaborative research by Microsoft and NVIDIA on real-time immunity

AI-Powered Threats Demand AI-Powered Defense While AI supports growth and innovation, it is also reshaping how organizations address faster, more adaptive security risks. AI-driven security threats, including “vibe-hacking”, are evolving faster than traditional defenses can adapt. Attackers can n...

Collaborative research by Microsoft and NVIDIA on real-time immunity

AI-Powered Threats Demand AI-Powered Defense While AI supports growth and innovation, it is also reshaping how organizations address faster, more adaptive security risks. AI-driven security threats, including “vibe-hacking”, are evolving faster than traditional defenses can adapt. Attackers can n...

​​Securing our future: November 2025 progress report on Microsoft’s Secure Future Initiative ​​

When we launched the Secure Future Initiative SFI, our mission was clear: accelerate innovation, strengthen resilience, and lead the industry toward a safer digital future. Today, we’re sharing our latest progress report that reflects steady progress in every area and engineering pillar,...

​​Whisper Leak: A novel side-channel attack on remote language models

Microsoft has discovered a new type of side-channel attack on remote language models. This type of side-channel attack could allow a cyberattacker a position to observe your network traffic to conclude language model conversation topics, despite being end-to-end encrypted via Transport Layer...

​​Whisper Leak: A novel side-channel attack on remote language models

Microsoft has discovered a new type of side-channel attack on remote language models. This type of side-channel attack could allow a cyberattacker a position to observe your network traffic to conclude language model conversation topics, despite being end-to-end encrypted via Transport Layer...

New IDC research highlights a major cloud security shift

Cloud security is at a tipping point. While moving to the cloud powers both growth and speed for organizations, it can also bring new risks. According to IDC’s latest research, organizations experienced an average of nine cloud security incidents in 2024, with 89% reporting a year-over-year...

New IDC research highlights a major cloud security shift

Cloud security is at a tipping point. While moving to the cloud powers both growth and speed for organizations, it can also bring new risks. According to IDC’s latest research, organizations experienced an average of nine cloud security incidents in 2024, with 89% reporting a year-over-year...

​​Securing critical infrastructure: Why Europe’s risk-based regulations matter

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

​​Securing critical infrastructure: Why Europe’s risk-based regulations matter

The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers CISOs share their thoughts on what is most important in their respective domains. In this series, you will get practical advice, tactics to start and stop deploying, forward-looking commentary on where the...

​​Learn what generative AI can do for your security operations center

The busier security teams get, the harder it can be to understand the full impact of false positives, queue clutter, tool fragmentation, and more. But what is clear—it all adds up to increased fatigue and an increased potential to miss the cyberthreats that matter most. To help security teams...