Select Page

Introducing Windows Defender System Guard runtime attestation

At Microsoft, we want users to be in control of their devices, including knowing the security health of these devices. If important security features should fail, users should be aware. Windows Defender System Guard runtime attestation, a new Windows platform ... continue reading

Unique identities are hard: How I learned to stop worrying and love the ID scope

Behold the ID scope, one of the most nuanced concepts in the IoT Hub Device Provisioning Service. It is both reviled and lauded for its name-spacing characteristics in device provisioning. It throws a wrench in complex provisioning scenarios, but it’s ... continue reading

A digital transformation Journey featuring Contoso Manufacturing and Azure IoT

This is a story about the digital transformation of Contoso HVAC Manufacturing, a virtual company that is growing its business from a traditional HVAC Chillers manufacturer, to delivering value to customers as a service. Contoso HVAC understands that the Internet ... continue reading

Looking at the Hyper-V Event Log (January 2018 edition)

Hyper-V has changed over the last few years and so has our event log structure. With that in mind, here is an update of Ben’s original post in 2009 (“Looking at the Hyper-V Event Log”). This post gives a short ... continue reading

Shielded VM local mode and HGS mode

With the new capability in Windows 10, version 1709, Windows Client can host shielded VMs while using remote Host Guardian Service (HGS) attestation. This caused some confusion as people stated they have already been running shielded VMs on client. This ... continue reading

Migrating local VM owner certificates for VMs with vTPM

Whenever I want to replace or reinstall a system which is used to run virtual machines with a virtual trusted platform module (vTPM), I’ve been facing a challenge: For hosts that are not part of a guarded fabric, the new ... continue reading

Why use shielded VMs for your privileged access workstation (PAW) solution?

It’s great to see customers trying out PAWs and it’s generating a lot of great questions. Many questions are related to shielded VMs so I’d like to focus this blog post on sharing our reasoning for building the PAW solution ... continue reading

Hardening the system and maintaining integrity with Windows Defender System Guard

One of the things we spend a great deal of time thinking about here at Microsoft is how attackers will attempt to persist and evade detection once they’ve successfully compromised a device. With Windows 10 we’ve made it more difficult ... continue reading

PAW host buildout

Continuing with the PAW series, in this blog post, I'd like to share the details of what we are planning to configure the host. I'd love to hear your thoughts, feedback about the design. For a recap on the PAW ... continue reading
Loading...