Roger Halbheer on Security
This is a questions I get fairly often. But before I try to answer, let’s take a step back: We know that attackers typically try to compromise user accounts and then move laterally until they find higher-value credentials. The holy grail in this movement is typically and administrator who uses his admin account to surf…
I guess you all know Microsoft Defender ATP as (one of the best) Endpoint Detection and Response solution. Additionally we are constantly looking for additional ways to leverage the data and the functionality to drive additional ways to get the security team more productive. One of them is the new Threat and Vulnerability Management functionality…
I guess you might have heard that we will launch the first cloud-native SIEM/SOAR solution soon. No worries about scaling etc, we will do that for you.
Sarah Young was just a guest at our Azure Friday session. This gives you a good overview over Azure Sentinel:
If you are interested in learning more about Microsoft Defender ATP and the corresponding advanced hunting capabilities, you should join one of our two webinars. You find the dates here.
This week the European Identity and Cloud Conference took place, where Joy Chik, Corporate Vice President, Microsoft Identity was talking. She was actually announcing some very interesting efforts around identity and privacy, mainly the work we do around decentralized identity. If you read her blog post here, you will find a few very remarkable statement like…
An interesting article you could learn from as well. It was a long but good journey for us: How Microsoft builds empathy between its security and development teams (you have to sign up for free to read CSO Online)
I am deeply convinced that moving to the Cloud – for most companies – will increase their security dramatically – I would even go that far that a secure future without leveraging the cloud is not possible anymore. However, it does not come “just for free”, you still need to know what you need and…
Sometimes it is hard to find the right answer to your question in the vast amount of documentation on our cloud services out there. One of the questions I often get is, which keys are used where, how they are protected and why. This is documented but all over the place (and not always consistently).…
We are actively working on getting rid of passwords within Microsoft. In a first phase, we will not see and use our passwords anymore but on a more technical level they might still exist. The basis for this is the leverage of technologies like Windows Hello for Business and the Microsoft Authenticator App. All the…
Over the course of the last months we got a lot of good questions on Office telemetry and the data we collect to ensure the product runs smooth, secure and delivers on your expectations. Privacy is constantly in our focus and we are always trying to make improvements in that space to increase customer trust.…
A lot changed in the IT and regulatory world when it comes to the cloud. A few years ago, banks would nto even think about the cloud (maybe for dev and test but for sure not for production workloads. It was simply unthinkable that a bank would move their data in a hyper-scale cloud. And…
That’s not a bad start of the day, reading such a headline from a Forrester analyst. I am often asked, how far we are going to drive security within Microsoft. Well, I guess here you have an answer from an outsider: Make No Mistake — Microsoft Is A Security Company Now. Even though the author…
When you see security incidents “in the Cloud” they often link back to misconfigurations on the networking side: Public interfaces being open, public ports being misconfigured etc. Our customers often find it hard to really understand and control the Network Security Group’s settings. Therefore, we now released Adaptive Network Hardening in public preview. To quote:…
Just before the RSA Conference, we announced the cloud-abased SOC we call Azure Sentinel. With all the noise and excitement which we had around this, another important announcement got kind of lost, even though it is at least as impactful: I am talking of Microsoft Threat Experts. To quote the announcement: Microsoft Threat Experts enables…
I hope you know the Microsoft Security Intelligence Report as we publish it since a long time.
Now, this time, we have it interactive in different areas. You can drill down to geos etc. and cut the data as you like it. It might help you to get your personal SIR.
There are different areas, where companies often struggle, when it comes to security. Setting up a proper Security Monitoring is definitely one of them. There is a lot of complexity in building a SOC, where you do not only discover anomalies caused but the average attacker but really seeing more of what is going on…
We just launched the new Microsoft 365 security center and Microsoft 365 compliance center. This is an exciting first step in the right direct direction.
Read the corresponding clop post: Introducing the new Microsoft 365 security center and Microsoft 365 compliance center
We recently published an interesting paper to address a concern we hear often – Compliance with regards to data residency and security. The paper covers this: This paper provides guidance about the security, data residency, data flows, and compliance aspects of Azure. It is designed to help you ensure that your data on Microsoft Azure…
I recently complained about the Swiss government and our inability in Switzerland to really drive Cybersecurity forward (Federal Council not deciding again – Switzerland falling behind on Cybersecurity). It was one of the most-read blog posts I wrote during the last few years… In one of the discussions on LinkedIn I talked about one of…
We are introducing two new Microsoft 365 security and compliance offerings: Identity & Threat Protection—This new package brings together security value across Office 365, Windows 10, and EMS in a single offering. It includes best of breed for advanced threat protection services including Microsoft Threat Protection (Azure Advanced Threat Protection (ATP), Windows Defender ATP, and…
