Category: Microsoft Security Blog

Microsoft is proud to be named a Leader in The Forrester Wave™: Security Analytics Platforms, Q2 2025—which we believe reflects our deep investment in innovation and commitment to support SOC’s critical mission. The post Microsoft is named a Leader in…

Read more →

Microsoft is proud to be named a Leader in The Forrester Wave™: Security Analytics Platforms, Q2 2025—which we believe reflects our deep investment in innovation and commitment to support SOC’s critical mission. The post Microsoft is named a Leader in…

Read more →

Microsoft Security Exposure Management’s eBook helps educate teams on how to anticipate threats across hybrid environments, transforming risk into resilience. The post Navigating cyber risks with Microsoft Security Exposure Management eBook appeared first on Microsoft Security Blog. This article has…

Read more →

Seventy-four percent of organizations surveyed experienced at least one data security incident with their business data exposed in the previous year as reported in Microsoft’s Data Security Index: Trends, insights, and strategies to secure data report. The post Data Breach Reporting…

Read more →

Hear directly from Microsoft’s Deputy CISO for Customer Security, Ann Johnson, about the need for proactive planning in cyber incidents. The post Cyber resilience begins before the crisis appeared first on Microsoft Security Blog. This article has been indexed from…

Read more →

Meet the minds behind how Microsoft prioritizes cybersecurity across every team and employee. The post Meet the Deputy CISOs who help shape Microsoft’s approach to cybersecurity: Part 3 appeared first on Microsoft Security Blog. This article has been indexed from…

Read more →

Microsoft will spotlight ​​its AI-first, end-to-end security platform at the Gartner Security & Risk Management Summit. Read our blog post for details on how to connect with us there and a teaser of what to expect from our sessions.​​ The…

Read more →

Learn why many CISOs prefer Microsoft Defender for Endpoint for comprehensive cyberthreat protection across devices and platforms. The post How Microsoft Defender for Endpoint is redefining endpoint security appeared first on Microsoft Security Blog. This article has been indexed from…

Read more →

To help security teams protect critical assets while ensuring business continuity, Microsoft Defender developed automatic attack disruption: a built-in self-defense capability. The post Discover how automatic attack disruption protects critical assets while ensuring business continuity appeared first on Microsoft Security…

Read more →

Microsoft and CrowdStrike are teaming up to create alignment across our individual threat actor taxonomies to help security professionals connect insights faster. The post Announcing a new strategic collaboration to bring clarity to threat actor naming appeared first on Microsoft…

Read more →

Microsoft Deputy CISO Yonatan Zunger shares tips and guidance for safely and efficiently implementing AI in your organization. The post How to deploy AI safely appeared first on Microsoft Security Blog. This article has been indexed from Microsoft Security Blog…

Read more →

Threat actors continue to develop and leverage various techniques that aim to compromise cloud identities. Despite advancements in protections like multifactor authentication (MFA) and passwordless solutions, social engineering remains a key aspect of phishing attacks. Implementing phishing-resistant solutions, like passkeys,…

Read more →

Our industry needs to continue working together on identity standards for agent access across systems. Read about how Microsoft is building a robust and sophisticated set of agents. The post The future of AI agents—and why OAuth must evolve appeared…

Read more →

Microsoft Threat Intelligence has discovered a cluster of worldwide cloud abuse activity conducted by a threat actor we track as Void Blizzard, who we assess with high confidence is Russia-affiliated and has been active since at least April 2024. Void…

Read more →

Over the past year, Microsoft Threat Intelligence observed the persistent growth and operational sophistication of Lumma Stealer, an info-stealing malware used by multiple financially motivated threat actors to target various industries. Microsoft, partnering with others across industry and international law…

Read more →

At Microsoft Build 2025, we’re taking important steps to secure the agentic workforce. We are excited to introduce Microsoft Entra Agent ID which extends industry-leading identity management and access capabilities to AI agents. The post Microsoft extends Zero Trust to…

Read more →

Read how you can improve your security posture by applying Zero Trust framework and principles based on learnings from the April 2025 Secure Future Initiative progress report. The post ​​How the Microsoft Secure Future Initiative brings Zero Trust to life…

Read more →

Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output Messenger, a multiplatform chat software.…

Read more →

Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-27920) in the messaging app Output Messenger, a multiplatform chat software.…

Read more →

Meet the minds behind how Microsoft prioritizes cybersecurity across every team and employee. Three deputy chief information security officers share their experiences in cybersecurity and how they are redefining protection. The post Meet the Deputy CISOs who help shape Microsoft’s…

Read more →