Confidential Computing – A Silver Bullet for the Cloud?

When it comes to encryption and data we solved different problems. Since the invention of algorithms like DES, 3DESand/or AES symmetric encryption is something we understand and can solve. With RSA and Diffie-Helman key management and key exchange can be implemented with reasonable management overhead. This led to solid and trusted implementations of encryption at…

Eight Essentials for Hybrid Identity

It is not new, that identity will become your new perimeter, your next control pane. Still I see a lot of companies struggle with the concept and with the feeling to have the identity in the Cloud. Often, I hear the statement that they “lose control” once the identity is (at least partly) managed in…

Microsoft Security Intelligence Report v23 available!

I still remember the first one and now we reach version 23… It has a lot of insights into the malware and cybercrime landscape with really actionable recommendations. The Microsoft Security Intelligence Report can be accessed in different ways: Infographic – https://aka.ms/SIRv23Info Full Report – https://aka.ms/SIRv23 Webinar (April 10th at 10 am PDT) – https://aka.ms/SIRv23webcast…

Leveraging EMET to Win Time to Patch – an Underestimated Jewel

There is a jewel in a security professional’s toolbox, which – in my opinion – is highly underused. At least this is true in infrastructures I know. Since years, Microsoft offers a free tool called EMET (Enhanced Mitigation Experience Toolkit). EMET helps you to leverage the security technology built into Windows. To quote the above…

Using the Cloud to solve business problems in today’s world

I often get asked by customers how I see the cloud in today’s environment. Honestly, I do not see it differently than I did an year ago. If I look at security in general, I see three challenges, which shape my mind: Most investments go towards protecting the infrastructure, whereas most attacks are successful on…