Author: Emma Jones

The data privacy regulation landscape is more complex than ever. Today, I’m excited to share with you some of the new investments we’re making to attempt to bring some simplicity to the complex topic of data privacy regulations.

The post Simplifying the complex: Introducing Privacy Management for Microsoft 365 appeared first on Microsoft Security Blog.

Read More Simplifying the complex: Introducing Privacy Management for Microsoft 365

Microsoft Teams has seen a surge in growth during the pandemic with over 115 million daily active users and growing. With it, customer imperative for enabling safe and trustworthy online collaboration has also increased significantly.

The post archTIS and Microsoft: Zero Trust information security for Microsoft Teams appeared first on Microsoft Security Blog.

Read More archTIS and Microsoft: Zero Trust information security for Microsoft Teams

As organizations move their computing from on-premises to the cloud, they realize that leveraging cloud-native security tools can provide additional cost savings and business benefits to their security infrastructure. Azure network security offers a suite of cloud-native security tools to protect Azure workloads while automating network management, implementing developer security operations (DevSecOps) practices, and reducing the risk of a material security breach.

The post Azure network security helps reduce cost and risk according to Forrester TEI study appeared first on Microsoft Security Blog.

Read More Azure network security helps reduce cost and risk according to Forrester TEI study

Microsoft is excited about the opportunity to create a decentralized identity system that increases customer trust and adoption by minimizing data processing and providing the user much greater control of the specific identity data they share and how it will be used.

The post Microsoft’s 5 guiding principles for decentralized identities appeared first on Microsoft Security Blog.

Read More Microsoft’s 5 guiding principles for decentralized identities

Banco Santander Global Head of Security Research Daniel Cuthbert talks with Microsoft about how to use application security testing and testing standards to increase application security.

The post Practical tips on how to use application security testing and testing standards appeared first on Microsoft Security Blog.

Read More Practical tips on how to use application security testing and testing standards

As the world has changed over the past 18-months, companies have been wrestling with ways to keep employees and data protected as they support new ways of hybrid working. We built Windows 11 to be the most secure Windows yet with built-in chip to cloud protection that ensures company assets stay secure no matter where work happens.

The post Windows 11 offers chip to cloud protection to meet the new security challenges of hybrid work appeared first on Microsoft Security Blog.

Read More Windows 11 offers chip to cloud protection to meet the new security challenges of hybrid work

Zero-day security vulnerabilities are like gold to attackers. With zero-days, or even zero-hours, developers have no time to patch the code, giving hackers enough access and time to explore and map internal networks, exfiltrate valuable data, and find other attack vectors.

The post Defend against zero-day exploits with Microsoft Defender Application Guard appeared first on Microsoft Security Blog.

Read More Defend against zero-day exploits with Microsoft Defender Application Guard

Today, I’m excited to share the general availability of Microsoft Azure Purview, giving organizations that holistic understanding of their data that is so critically important. Azure Purview addresses the need for full visibility across all the places where your data lives, making it easier to manage, glean insights, and govern.

The post A simpler, more integrated approach to data governance appeared first on Microsoft Security Blog.

Read More A simpler, more integrated approach to data governance

In the face of increasingly advanced threats, complex multi-cloud environments, and an evolving trust fabric, identity is emerging as a critical player to deliver the next generation of security, governance, and privacy services.

The post 3 trends shaping identity as the center of modern security appeared first on Microsoft Security Blog.

Read More 3 trends shaping identity as the center of modern security

In the face of increasingly advanced threats, complex multi-cloud environments, and an evolving trust fabric, identity is emerging as a critical player to deliver the next generation of security, governance, and privacy services.

The post 3 trends shaping identity as the center of modern security appeared first on Microsoft Security Blog.

Read More 3 trends shaping identity as the center of modern security

Head of Mandiant Intelligence at FireEye Sandra Joyce talks with Microsoft’s Ann Johnson about the cybersecurity threats to US elections and how to fight them.

The post Afternoon Cyber Tea: Learn how to stop misinformation threats from nation-state bad actors appeared first on Microsoft Security Blog.

Read More Afternoon Cyber Tea: Learn how to stop misinformation threats from nation-state bad actors

Adapting to the evolving business landscape, organizations increasingly depend on Microsoft Endpoint Manager to enable hybrid work—where the endpoint is the new workplace.

The post Microsoft a Leader in 2021 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools appeared first on Microsoft Security Blog.

Read More Microsoft a Leader in 2021 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools

Mozi is a peer-to-peer (P2P) botnet that uses a BitTorrent-like network to infect IoT devices such as network gateways and digital video records (DVRs). It works by exploiting weak telnet passwords1 and nearly a dozen unpatched IoT vulnerabilities2 and it’s been used to conduct distributed denial-of-service (DDoS) attacks, data exfiltration, and command or payload execution.

The post How to proactively defend against Mozi IoT botnet appeared first on Microsoft Security Blog.

Read More How to proactively defend against Mozi IoT botnet

Today, we are open-sourcing Cloud Katana, a cloud-native tool under development, to automate simulation steps on-demand in multi-cloud and hybrid cloud environments. This tool is an event-driven, serverless compute application built on the top of Azure Functions that expedites the research process and validation of security controls.

The post Automating security assessments using Cloud Katana appeared first on Microsoft Security Blog.

Read More Automating security assessments using Cloud Katana

The cybersecurity landscape has fundamentally changed, as evidenced by large-scale, complex attacks like Nobelium, Hafnium, and more recently last week’s Colonial Pipeline attack, which signals that human-operated ransomware is on the rise. Hackers launch an average of 50 million password attacks every day—579 per second. Phishing attacks have increased. Firmware attacks are on the rise,…

The post Securing a new world of hybrid work: What to know and what to do appeared first on Microsoft Security.

Read More Securing a new world of hybrid work: What to know and what to do

Critical infrastructure operators face a hostile cyber threat environment and a complex compliance landscape. Operators must manage industrial control systems as well as IT environments that are part of critical infrastructure or can form attack surfaces for control systems.

The post Meet critical infrastructure security compliance requirements with Microsoft 365 appeared first on Microsoft Security.

Read More Meet critical infrastructure security compliance requirements with Microsoft 365

With cryptocurrency mining on the rise, Microsoft and Intel have partnered to deliver threat detection technology to enable EDR capabilities in Microsoft Defender for Endpoint.

The post Defending against cryptojacking with Microsoft Defender for Endpoint and Intel TDT appeared first on Microsoft Security.

Read More Defending against cryptojacking with Microsoft Defender for Endpoint and Intel TDT

For the third year in a row, Microsoft successfully demonstrated industry-leading defense capabilities in the independent MITRE ATT&CK evaluation.

The post MITRE Engenuity ATT&CK® Evaluation proves Microsoft Defender for Endpoint stops advanced attacks across platforms appeared first on Microsoft Security.

Read More MITRE Engenuity ATT&CK® Evaluation proves Microsoft Defender for Endpoint stops advanced attacks across platforms