Category: Microsoft Security

Read the original article: How do I implement a Zero Trust security model for my Microsoft remote workforce? A Zero Trust strategy grounded in digital empathy will allow you to better protect your mobile workforce. The post How do I…

Read more →

Read the original article: Microsoft and Corrata integrate to extend cloud app security to mobile endpoints Corrata’s Microsoft Cloud App Security integration addresses risk mitigation through endpoint-based discovery and control for cloud apps Enter meta description of post – Need…

Read more →

Read the original article: Gartner announces the 2020 Magic Quadrant for Unified Endpoint Management Gartner has listed Microsoft as a Leader in its 2020 Magic Quadrant for Unified Endpoint Management. The post Gartner announces the 2020 Magic Quadrant for Unified…

Read more →

Read the original article: Taking Transport Layer Security (TLS) to the next level with TLS 1.3 TLS 1.3 eliminates obsolete cryptographic algorithms, enhances security over older versions, and aims to encrypt as much of the handshake as possible. The post…

Read more →

Read the original article: New data from Microsoft shows how the pandemic is accelerating the digital transformation of cyber-security A Microsoft survey of security leaders during the pandemic highlight phishing threats, increased budgets & hiring, and investment in the cloud…

Read more →

Read the original article: New Forrester study shows customers who deploy Microsoft Azure AD benefit from 123% ROI. : Results from a Forrester TEI study show that customers who secure apps with Microsoft Azure Active Directory can improve user productivity,…

Read more →

Read the original article: Microsoft Office 365—Do you have a false sense of cloud security? Security is not just flipping the switch of security features to “on” and think you are done. DART explores the concept of having a false…

Read more →

Read the original article: Zero Trust: From security option to business imperative overnight As COVID-19 forced organizations across the world to send their workforce home, organizations rapidly focused on Zero Trust approaches to alleviate challenges of enabling and securing remote…

Read more →

Read the original article: How to organize your security team: The evolution of cybersecurity roles and responsibilities Evolve your security skills and security organization to enable digital transformation. The post How to organize your security team: The evolution of cybersecurity…

Read more →

Read the original article: Afternoon Cyber Tea: Revisiting social engineering: The human threat to cybersecurity People often say that you can identify a phishing campaign because it just doesn’t feel right. But what if that isn’t true? The post Afternoon…

Read more →

Read the original article: Associate Microsoft and Pradeo to manage and secure Android Enterprise mobile devices Learn more on how Android Enterprise works with existing mobility management and security solutions. The post Associate Microsoft and Pradeo to manage and secure…

Read more →

Read the original article: CISO Stressbusters: Post #4: 4 tips for running a highly effective security operation CISO Stressbusters provides peer to peer guidance and support on how to alleviate stressful situations in the SOC and on the team. The…

Read more →

Read the original article: Inside Microsoft Threat Protection: Solving cross-domain security incidents through the power of correlation analytics Through deep correlation logic, Microsoft Threat Protection automatically finds links between related signals across domains. It connects related existing alerts and generates…

Read more →

Read the original article: Inside Microsoft Threat Protection: Solving cross-domain security incidents through the power of correlation analytics Through deep correlation logic, Microsoft Threat Protection automatically finds links between related signals across domains. It connects related existing alerts and generates…

Read more →

Read the original article: Empower your analysts to reduce burnout in your security operations center Strategic use of automation and metrics can help you create a continuous learning culture that keeps your team engaged in the work The post Empower…

Read more →

Read the original article: Guiding principles of our identity strategy: staying ahead of evolving customer needs A global pandemic made remote access essential and forced many of professionals to accelerate their digital transformation plans. The post Guiding principles of our…

Read more →

Read the original article: Afternoon Cyber Tea: Peak, Plateau, or Plummet? Cyber security trends that are here to stay and how to detect and recover from ransomware attacks The rapidity of change in the cyberthreat landscape can be daunting for…

Read more →

Read the original article: Seeing the big picture: Deep learning-based fusion of behavior signals for threat detection Learn how we’re using deep learning to build a powerful, high-precision classification model for long sequences of wide-ranging signals occurring at different times.…

Read more →

Read the original article: Preventing data loss and mitigating risk in today’s remote work environment New solutions and features—like the new Endpoint Data Loss Prevention—help organizations to protect against data loss and other risks, especially in remote work scenarios. The…

Read more →

Read the original article: Preventing data loss and mitigating risk in today’s remote work environment New solutions and features—like the new Endpoint Data Loss Prevention—help organizations to protect against data loss and other risks, especially in remote work scenarios. The…

Read more →

Read the original article: Hello open source security! Managing risk with software composition analysis Software composition analysis guides the selection and management of open source components to help you reduce your security risk. The post Hello open source security! Managing…

Read more →

Read the original article: 5 cybersecurity paradigm shifts that will lead to more inclusive digital experiences Cybersecurity has proven to be the foundation for digital empathy in a remote workforce. The post 5 cybersecurity paradigm shifts that will lead to…

Read more →

Read the original article: Prevent and detect more identity-based attacks with Azure Active Directory Security controls built into Azure Active Directory can reduce your risk of compromise. The post Prevent and detect more identity-based attacks with Azure Active Directory appeared…

Read more →

Read the original article: CISO Stressbusters Post #3: 3 ways to share accountability for security risk management CISO Stressbusters: CISO guidance and support from around the world. The post CISO Stressbusters Post #3: 3 ways to share accountability for security…

Read more →

Read the original article: Microsoft Intelligent Security Association expands to include managed security service providers The Microsoft Intelligent Security Association expands to include Security MSSPs, through a pilot program that launched July 2020. The post Microsoft Intelligent Security Association expands…

Read more →

Read the original article: Making Azure Sentinel work for you A new white paper outlines best practice recommendations for configuring data sources for incident response and proactively hunting for threats using Azure Sentinel. The post Making Azure Sentinel work for…

Read more →

Read the original article: Inside Microsoft Threat Protection: Correlating and consolidating attacks into incidents The incidents view in Microsoft Threat Protection empowers SOC analysts by automatically fusing attack evidence and providing a consolidated view of an attack chain and affected…

Read more →

Read the original article: Introducing Kernel Data Protection, a new platform security technology for preventing data corruption Kernel Data Protection (KDP) is a set of APIs that provide the ability to mark some kernel memory as read-only, preventing attackers from…

Read more →

Read the original article: Protecting your remote workforce from application-based attacks like consent phishing Learn how to protect your workforce from application-based attacks and the investments Microsoft is making to help foster a secure and trustworthy app ecosystem. The post…

Read more →

Read the original article: New study shows customers save time, resources and improve security with Microsoft Cloud App Security The global pandemic has forever changed our workplaces and reshaped our cybersecurity priorities. While in recent months cloud apps have helped…

Read more →

Read the original article: The world is your authentication and identity oyster For decades we have been taught that passwords are some level of security that can be implemented to protect websites. We need to dispel this unfortunate notion. The…

Read more →

Read the original article: Afternoon Cyber Tea: Cybersecurity & IoT: New risks and how to minimize them Every year billions of new connected devices come online. These devices enable businesses to finetune operations, optimize processes, and develop analytics-based services. The…

Read more →

Read the original article: The psychology of social engineering—the “soft” side of cybercrime Build a phishing resistant culture with Cialdini’s 6 Principles of Persuasion . The post The psychology of social engineering—the “soft” side of cybercrime appeared first on Microsoft…

Read more →

Read the original article: Best security, compliance, and privacy practices for the rapid deployment of publicly facing Microsoft Power Apps intake forms Security is a major concern of not only major governments but of other entities using Microsoft Power App…

Read more →

Read the original article: Lessons learned from the Microsoft SOC—Part 3d: Zen and the art of threat hunting This blog provides lessons learned on how Microsoft hunts for threats in our IT environment and how you can apply these lessons…

Read more →

Read the original article: Feeling fatigued? Cloud-based SIEM relieves security team burnout Most CISOs and CSOs are worried that a growing volume of alerts is causing burnout among their teams, according to new research from IDG. The post Feeling fatigued?…

Read more →

Read the original article: Defending Exchange servers under attack Exchange servers are high-value targets. These attacks also tend to be advanced threats with highly evasive, fileless techniques. Keeping these servers safe from these advanced attacks is of utmost importance. The…

Read more →

Read the original article: CISO Stressbusters: Post #2: 4 tips for getting the first 6 months right as a new CISO CISO Stressbusters: CISO guidance and support from around the world. The post CISO Stressbusters: Post #2: 4 tips for…

Read more →

Read the original article: Microsoft continues to extend security for all with mobile protection for Android Announcing the public preview of Microsoft Defender ATP for Android! In the rapidly evolving world of mobile threats, Microsoft is taking a holistic approach…

Read more →

Read the original article: Microsoft acquires CyberX to accelerate and secure customers’ IoT deployments Today, we’re excited to announce that Microsoft has acquired the comprehensive, network-based IoT security platform CyberX. The post Microsoft acquires CyberX to accelerate and secure customers’…

Read more →

Read the original article: Modernizing the security operations center to better secure a remote workforce The modern SOC will use machine learning to help humans protect organizations in a multi-cloud, IoT world. The post Modernizing the security operations center to…

Read more →

Read the original article: Barracuda and Microsoft: Securing applications in public cloud The biggest blockers to public cloud adoption are sophisticated hackers, open vulnerabilities in applications, DDOs attacks and advanced bots/botnets. Learn how MISA Partner Barracuda works with Microsoft to…

Read more →

Read the original article: Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint In the first blog in the Inside Microsoft Threat Protection series, we will show how MTP provides unparalleled end-to-end visibility into the activities of nation-state…

Read more →

Read the original article: Moving to cloud-based SIEM: the cost advantage Companies weigh multiple factors in any technology implementation, balancing risks with business needs and IT capabilities. And while the same is true with cloud-based security information and event management…

Read more →

Read the original article: UEFI scanner brings Microsoft Defender ATP protection to a new level The UEFI scanner is a new component of the built-in antivirus solution on Windows 10 and gives Microsoft Defender ATP the ability to scan inside…

Read more →

Read the original article: Stay ahead of multi-cloud attacks with Azure Security Center Stay ahead of attacks and protect your workloads with Azure Security. Join us for demos of Azure Secure Score and Security Center threat protection capabilities, while Stuart…

Read more →

Read the original article: Exploiting a crisis: How cybercriminals behaved during the outbreak Cybercriminals adapted their tactics to match what was going on in the world, and what we saw in the threat environment was parallel to the uptick in…

Read more →

Read the original article: Zero Trust—Part 1: Networking Taking a Zero Trust approach can help to ensure optimal security without compromising end user application experiences. The post Zero Trust—Part 1: Networking appeared first on Microsoft Security.   Advertise on IT…

Read more →

Read the original article: Barracuda and Microsoft: Removing security barriers to faster public cloud adoption To quickly and successfully move to public cloud, organizations need to deploy advanced network security solutions that are tightly integrated with the major public cloud…

Read more →

Read the original article: Blue teams helping red teams: A tale of a process crash, PowerShell, and the MITRE ATT&CK evaluation Inspired by MITRE’s transparency in publishing the payloads and tools used in the attack simulation, we’ll describe the mystery…

Read more →

Read the original article: What’s new in Microsoft 365 Compliance and Risk Management Check out some of the investments we’ve made to help you to get the most out of Microsoft 365 Compliance and take a more integrated approach to…

Read more →

Read the original article: Misconfigured Kubeflow workloads are a security risk Azure Security Center monitors and defends thousands of Kubernetes clusters running on top of Azure Kubernetes Service. In this blog, we’ll reveal a new campaign that was observed recently…

Read more →

Read the original article: The science behind Microsoft Threat Protection: Attack modeling for finding and stopping evasive ransomware Microsoft Threat Protection uses a data-driven approach for identifying lateral movement, combining industry-leading optics, expertise, and data science to deliver automated discovery…

Read more →

Read the original article: 11 security tips to help stay safe in the COVID-19 era The COVID-19 pandemic has changed our daily routines, the ways we work, and our reliance on technology. As we spend more time online, it’s more…

Read more →

Read the original article: Zero Trust—Part 1: Networking Taking a Zero Trust approach can help to ensure optimal security without compromising end user application experiences. The post Zero Trust—Part 1: Networking appeared first on Microsoft Security.   Advertise on IT…

Read more →

Read the original article: Managing cybersecurity like a business risk: Part 1—Modeling opportunities and threats We often talk about risks only in term.s of potential loss, but most risks have the potential for gain too. To manage cybersecurity as a…

Read more →

Read the original article: Managing cybersecurity like a business risks: Part 1—Modeling opportunities and threats We often talk about risks only in term.s of potential loss, but most risks have the potential for gain too. To manage cybersecurity as a…

Read more →

Read the original article: 4 identity partnerships to help drive better security Microsoft identity engineering has expanded product partnerships to help customers transform digitally with Azure AD-integrated solutions. The post 4 identity partnerships to help drive better security appeared first…

Read more →

Read the original article: Zero Trust Deployment Guide for devices Guidance on how to make your endpoints one of the strongest. The post Zero Trust Deployment Guide for devices appeared first on Microsoft Security.   Advertise on IT Security News.…

Read more →

Read the original article: Zero Trust and its role in securing the new normal As secure remote work becomes the new normal, Microsoft security and Zscaler provide guidance on enabling Zero Trust starting with secure access. The post Zero Trust…

Read more →

Read the original article: Build support for open source in your organization 5 questions that will help you select open source software and 4 recommendations to smooth the internal approval process. Advice from the RSA 2020 panel discussion, Open Source:…

Read more →

Read the original article: Success in security: reining in entropy Your network is unique. It’s a living, breathing system evolving over time. The applications and users performing these actions are all unique parts of the system, adding degrees of disorder…

Read more →

Read the original article: Cybersecurity best practices to implement highly secured devices If an internet-connected device performs a non-critical function, why does it need to be highly secured? Because any device can be the target of a hacker, and any…

Read more →

Read the original article: Microsoft Build brings new innovations and capabilities to keep developers and customers secure As part of this week’s Build virtual event, we’re introducing new Identity innovation to help foster a secure and trustworthy app ecosystem, as…

Read more →

Read the original article: Operational resilience in a remote work world Cybersecurity provides the underpinning to operationally resiliency as more organizations adapt to enabling secure remote work options, whether in the short or long term. The post Operational resilience in…

Read more →

Read the original article: Open-sourcing new COVID-19 threat intelligence While the world faces the common threat of COVID-19, defenders are working overtime to protect users all over the globe from cyber-criminals using COVID-19 as a lure to mount attacks. The…

Read more →

Read the original article: Secured-core PCs help customers stay ahead of advanced data theft Researchers at the Eindhoven University of Technology recently revealed information around “Thunderspy,” an attack that relies on leveraging direct memory access (DMA) functionality to compromise devices.…

Read more →

Read the original article: Empowering your remote workforce with end-user security awareness To help customers deploy quick and effective security training to their remote workforce, we are announcing the availability of the Microsoft Cybersecurity Awareness Kit. The post Empowering your…

Read more →

Read the original article: CISO stress-busters: post #1 overcoming obstacles CISO guidance and support from around the world. The post CISO stress-busters: post #1 overcoming obstacles appeared first on Microsoft Security.   Advertise on IT Security News. Read the original…

Read more →

Read the original article: Microsoft researchers work with Intel Labs to explore new deep learning approaches for malware classification Researchers from Microsoft Threat Protection Intelligence Team and Intel Labs collaborated to study the application of deep transfer learning technique from…

Read more →

Read the original article: Protect your accounts with smarter ways to sign in on World Passwordless Day Given the increase in remote work, the need to go passwordless and use Multifactor Authentication (MFA) is even more significant. In honor of…

Read more →

Read the original article: How to gain 24/7 detection and response coverage with Microsoft Defender ATP Security incidents don’t happen exclusively during business hours: attackers often wait until the late hours of the night to breach an environment. The post…

Read more →

Read the original article: Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2 This blog wraps up the day in the life of a SOC analyst on the investigation team with insights on remediating incidents,…

Read more →

Read the original article: Mitigating vulnerabilities in endpoint network stacks Learn how the Microsoft Security Assurance and Vulnerability Research team secures critical products. The post Mitigating vulnerabilities in endpoint network stacks appeared first on Microsoft Security.   Advertise on IT…

Read more →

Read the original article: Microsoft Threat Protection leads in real-world detection in MITRE ATT&CK evaluation The latest round of MITRE ATT&CK evaluations proved yet again that Microsoft customers can trust they are fully protected even in the face of such…

Read more →

Read the original article: Zero Trust Deployment Guide for Microsoft Azure Active Directory Microsoft is providing a series of deployment guides for customers who have engaged in a Zero Trust security strategy to configure Azure Active Directory (Azure AD) capabilities.…

Read more →

Read the original article: Data governance matters now more than ever Today we are excited to announce the general availability of Microsoft 365 Records Management, which can help organizations to secure and govern their most critical data. The post Data…

Read more →

Read the original article: Managing risk in today’s IoT landscape: not a one-and-done Connectivity empowers organizations to unlock the full potential of IoT—but it also introduces new cybersecurity attack vectors. What does it take to manage those risks? The post…

Read more →

Read the original article: Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk Multiple ransomware groups that have been accumulating access and maintaining persistence on target networks for several months activated dozens of ransomware deployments in…

Read more →

Read the original article: Protecting your organization against password spray attacks If your users sign in with guessable passwords, you may be at risk of a password spray attack. The post Protecting your organization against password spray attacks appeared first…

Read more →

Read the original article: Defending the power grid against supply chain attacks: Part 3 – Risk management strategies for the utilities industry By working with governments, trade organizations, and suppliers, the utility industry can improve security across the supply chain.…

Read more →

Read the original article: MITRE ATT&CK APT 29 evaluation proves Microsoft Threat Protection provides deeper end to end view of advanced threats During the MITRE ATT&CK evaluation, Microsoft Threat Protection delivered on providing the deepest optics, near real time detection,…

Read more →

Read the original article: MITRE ATT&CK evaluation results prove Microsoft Threat Protection capabilities against advanced threats During the MITRE ATT&CK evaluation, Microsoft Threat Protection delivered on providing the deepest optics, near real time detection, and a complete view of the…

Read more →

Read the original article: NERC CIP Compliance in Azure vs. Azure Government cloud North American Electric Reliability Corporation—Critical Infrastructure Protection (NERC CIP) Compliance options in Azure public cloud and Azure Government. The post NERC CIP Compliance in Azure vs. Azure…

Read more →

Read the original article: Security guidance for remote desktop adoption As the volume of remote workers quickly increased over the past two to three months, IT teams in many companies have been scrambling to figure out how their infrastructures and…

Read more →

Read the original article: Secure the software development lifecycle with machine learning A collaboration between data science and security produced a machine learning model that accurately identifies and classifies security bugs based solely on report names. The post Secure the…

Read more →

On Afternoon Cyber Tea with Ann Johnson, Ann and Ian Coldwell talk about how CISOs can prepare for a cyberattack, master the magic and complexity of containers, and encourage collaboration between engineering and security. The post Afternoon Cyber Tea: Building…

Read more →

Azure Security Center security controls can help you monitor your security posture as usage of cloud assets increases. The post Enable remote work while keeping cloud deployments secure appeared first on Microsoft Security.   Advertise on IT Security News. Read…

Read more →

Our threat intelligence shows that COVID-19 themed threats are retreads of existing attacks that have been slightly altered to tie to the pandemic. We’re seeing a changing of lures, not a surge in attacks. These attacks are settling into the…

Read more →

What percentage of endpoints in your organization are currently protected? The post Mobile security—the 60 percent problem appeared first on Microsoft Security.   Advertise on IT Security News. Read the complete article: Mobile security—the 60 percent problem

Read more →

What percentage of endpoints in your organization are currently protected? The post Mobile security—the 60 percent problem appeared first on Microsoft Security.   Advertise on IT Security News. Read the complete article: Mobile security—the 60 percent problem

Read more →

Business continuity is an imperative, and you must rely on your employees to stay connected and productive outside of the traditional digital borders of business. In doing so, identifying and managing potential risks within the organization is critical to safeguarding…

Read more →

Today, it’s important to adjust security policies to enable productivity from home, all while keeping sensitive data secure. The post Microsoft Defender ATP can help you secure your remote workforce appeared first on Microsoft Security.   Advertise on IT Security…

Read more →

Today, we’re glad to share DART Case Report 002—Full Operational Shutdown. The post Full Operational Shutdown—another cybercrime case from the Microsoft Detection and Response Team appeared first on Microsoft Security.   Advertise on IT Security News. Read the complete article:…

Read more →

While Kubernetes has many advantages, it also brings new security challenges that should be considered. Therefore, it is crucial to understand the various security risks that exist in containerized environments, and specifically in Kubernetes. The post Attack matrix for Kubernetes…

Read more →

The Zero Trust Assessment tool is now live! The post Zero Trust framework to enable remote work appeared first on Microsoft Security.   Advertise on IT Security News. Read the complete article: Zero Trust framework to enable remote work

Read more →

Microsoft identified several dozens of hospitals with vulnerable gateway and VPN appliances. We sent these hospitals a first-of-its-kind notification with important info about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates.…

Read more →

If you don’t have enough diversity on your cybersecurity team, it may be because you aren’t looking in the right places. The post Welcoming a more diverse workforce into cybersecurity: expanding the pipeline appeared first on Microsoft Security.   Advertise…

Read more →

Ensure your remote workforce has secure access to all the apps they need: SaaS, cloud-hosted, on-premises, and legacy. The post Making it easier for your remote workforce to securely access all the apps they need, from anywhere appeared first on…

Read more →

Increased remote work has many organizations rethinking network and security strategies. In this post we share guidance on how to manage security in this changing environment. The post Alternative ways for security professionals and IT to achieve modern security controls…

Read more →