This tumultuous year has brought paradigm shifts across every facet of daily life. A global pandemic has pushed much of our lives online—work, school, entertainment, shopping, and socializing. But one thing remains unchanged: people everywhere share a common need for ... continue reading

Zero Trust revolves around three key principles:  verify explicitly, use least privileged access, and assume breach.  Microsoft’s Advanced Compliance Solutions are an important part of Zero Trust. This post applies a Zero Trust lens to protecting an organization’s sensitive data ... continue reading

Today, Microsoft is releasing a new annual report, called the Digital Defense Report, covering cybersecurity trends from the past year. This report makes it clear that threat actors have rapidly increased in sophistication over the past year, using techniques that ... continue reading

Microsoft consistently tracks the most advanced threat actors and evolving attack techniques. We use these findings to harden our products and platform and share them with the security community to help defenders everywhere better protect the planet. Recently, the Microsoft ... continue reading

Everyone knows about phishing scams, and most of us think we’re too smart to take the bait. Our confidence often reaches superhero levels when we’re logged onto a company network. As Chief Security Advisor for Microsoft, and previously at telco ... continue reading

The threat landscape continues to increase in both complexity and the level of sophistication of the attacks we observe. Attackers target the most vulnerable resources in an organization and then traverse laterally to target high-value assets. No longer can you ... continue reading

As we talk with a broad range of customers in the current environment, we hear some consistent challenges businesses are facing. With so many remote workers, people are creating, sharing, and storing data in new ways, which fosters productivity, but ... continue reading

This blog post is part of the Microsoft Intelligent Security Association (MISA) guest blog series. Click here to learn more about MISA. Traditional security operations center (SOC) processes typically involve a wide variety of disparate event notification tools that force ... continue reading

Microsoft is dedicated to working with the community and our customers to continuously improve and tune our platform and products to help defend against the dynamic and sophisticated threat landscape. Earlier this year, we announced that we would replace the ... continue reading

I wrote a series of blogs last year on how gamified learning through cyber ranges can create more realistic and impactful cybersecurity learning experiences and help attract tomorrow’s security workforce. With the global talent shortage in this field, we need ... continue reading