Select Page
The evolution of Microsoft Threat Protection, December update

The evolution of Microsoft Threat Protection, December update

December was another month of significant development for Microsoft Threat Protection capabilities. As a quick recap, Microsoft Threat Protection is an integrated solution securing the modern workplace across identities, endpoints, user data, cloud apps, and infrastructure. Last month, we shared ... continue reading
Customer subscription flow chart

Azure Cosmos DB and multi-tenant systems

In this blog post, we will discuss how to build a multi-tenant system on Azure Cosmos DB. Azure Cosmos DB itself is a multi-tenant PaaS offering on Microsoft Azure. Building a multi-tenant system on another multi-tenant system can be challenging, ... continue reading
flow chart for the various layers of security provided by Cosmos DB

How to develop secure applications using Azure Cosmos DB

Before we begin to discuss how to develop secure applications using Azure Cosmos DB, we should also highlight some of the different layers of security that Azure Cosmos DB offers. The following image illustrates these various layers of security: Azure ... continue reading
Everything you need to know about Windows Server 2019 – Part 3

Everything you need to know about Windows Server 2019 – Part 3

This blog post was authored by Dean Wells, Principal Program Manager, Windows Server. In the preceding blogs, you were given a video-tour of some of the high-level advancements made in Windows Server 2019 that touched on areas such as the ... continue reading
PowerShell Injection Hunter: Security Auditing for PowerShell Scripts

PowerShell Injection Hunter: Security Auditing for PowerShell Scripts

At the DEFCON security conference last year, we presented the session: “Get $pwnd: Attacking Battle Hardened Windows Server“. In this talk, we went through some of the incredibly powerful ways that administrators can secure their high-value systems (for example, Just ... continue reading

Sharing research and discoveries at PWN2OWN

The annual PWN2OWN exploit contest at the CanSecWest conference in Vancouver, British Columbia, Canada, brings together some of the top security talent from across the globe in a friendly competition. For the participants, these events are a platform to demonstrate ... continue reading
FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines

FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines

Office 365 Advanced Threat Protection (Office 365 ATP) blocked many notable zero-day exploits in 2017. In our analysis, one activity group stood out: NEODYMIUM. This threat actor is remarkable for two reasons: Its access to sophisticated zero-day exploits for Microsoft ... continue reading
#Microsoft Secure #DevOps Kit of #Azure to Secure your Cloud #Security

#Microsoft Secure #DevOps Kit of #Azure to Secure your Cloud #Security

Overview The “Secure DevOps Kit for Azure” (will be referred to as ‘AzSDK’ henceforth) is a collection of scripts, tools, extensions, automations, etc. that caters to the end to end Azure subscription and resource security needs for dev ops teams ... continue reading
Use Group Policy Preferences to Manage the Local Administrator Group

Use Group Policy Preferences to Manage the Local Administrator Group

Hello Everyone! Graeme Bray back with you today to talk about how you can reduce the audit and risk surface within your environment. If you can’t tell, Microsoft has taken a strong stance towards security. In a previous life, I ... continue reading
Loading...