Select Page

Work remotely, stay secure—guidance for CISOs

With many employees suddenly working from home, there are things an organization and employees can do to help remain productive without increasing cybersecurity risk. While employees in this new remote work situation will be thinking about how to stay in ... continue reading
Empower Firstline Workers with Azure AD and YubiKey passwordless authentication

Empower Firstline Workers with Azure AD and YubiKey passwordless authentication

At the end of February, Microsoft announced the FIDO2 passwordless support for hybrid environments. The integration of FIDO2-based YubiKeys and Azure Active Directory (Azure AD) is a game changer. It combines the ubiquity of Azure AD, the usability of YubiKey, ... continue reading

Guarding against supply chain attacks—Part 3: How software becomes compromised

Do you know all the software your company uses? The software supply chain can be complex and opaque. It’s comprised of software that businesses use to run operations, such as customer relationship management (CRM), enterprise resource planning (ERP), and project ... continue reading
Threat hunting: Part 1—Why your SOC needs a proactive hunting team

Threat hunting: Part 1—Why your SOC needs a proactive hunting team

Cybersecurity can often feel like a game of whack-a-mole. As our tools get better at stopping one type of attack, our adversaries innovate new tactics. Sophisticated cybercriminals burrow their way into network caverns, avoiding detection for weeks or even months, ... continue reading

Real-life cybercrime stories from DART, the Microsoft Detection and Response Team

When we published our first blog about the Microsoft Detection and Response Team (DART) in March of 2019, we described our mission as responding to compromises and helping our customers become cyber-resilient. In pursuit of this mission we had already ... continue reading

IT executives prioritize Multi-Factor Authentication in 2020

In 2020, many IT executives will roll out or expand their implementation of Multi-Factor Authentication (MFA) to better safeguard identities. This is one of the key findings of a survey conducted by Pulse Q&A for Microsoft in October 2019.1 Specifically, ... continue reading

Quick wins—single sign-on (SSO) and Multi-Factor Authentication (MFA)

With Multi-Factor Authentication (MFA) and single sign-on (SSO) being a few of the most effective countermeasures against modern threats, organizations should consider a Cloud Identity as a Service (IDaaS), and MFA solution, like Azure Active Directory (AD). Here are seven ... continue reading

MISA expands with new members and new product additions

Another RSA Conference (RSAC) and another big year for the Microsoft Intelligent Security Association (MISA). MISA was launched at RSAC 2018 with 26 members and a year later we had doubled in size to 53 members. Today, I am excited ... continue reading

Microsoft Insider Risk Management and Communication Compliance in Microsoft 365 now generally available

Microsoft Insider Risk Management and Communication Compliance in Microsoft 365—now generally available—help organizations address internal risks, such as IP theft or code of conduct policy violations. The new Microsoft Insider Risk Management solution helps to quickly identify, detect, and act ... continue reading
Azure Sentinel uncovers the real threats hidden in billions of low fidelity signals

Azure Sentinel uncovers the real threats hidden in billions of low fidelity signals

Cybercrime is as much a people problem as it is a technology problem. To respond effectively, the defender community must harness machine learning to compliment the strengths of people. This is the philosophy that undergirds Azure Sentinel. Azure Sentinel is ... continue reading