Select Page

How to implement Multi-Factor Authentication (MFA)

Another day, another data breach. If the regular drumbeat of leaked and phished accounts hasn’t persuaded you to switch to Multi-Factor Authentication (MFA) already, maybe the usual January rush of ‘back to work’ password reset requests is making you reconsider ... continue reading

New Azure blueprint for CIS Benchmark

We’ve released our newest Azure blueprint that maps to another key industry-standard, the Center for Internet Security (CIS) Microsoft Azure Foundations Benchmark. This follows the recent announcement of our Azure blueprint for FedRAMP moderate and adds to the growing list ... continue reading
Introducing security defaults

Introducing security defaults

Hey folks, In 2012, we started the Identity security and protection team for our consumer accounts (Microsoft accounts used for signing in to OneDrive, Skype, Xbox and such). We started out by doing two things – putting metrics in place ... continue reading
Zero Hype

Zero Hype

At Ignite, I had the privilege of presenting “Zero Hype” with my colleagues Nupur Goyal (@nupur_11) who leads our Product Marketing, and Yinon Costica (@c0stica) who directs program management for Azure Security Center, Microsoft Cloud App Security, and Azure ATP ... continue reading
Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks

Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks

Computers with Windows Remote Desktop Protocol (RDP) exposed to the internet are an attractive target for adversaries because they present a simple and effective way to gain access to a network. Brute forcing RDP, a secure network communications protocol that ... continue reading
Capture10.PNG

Troubleshooting problems related to Azure AD authentication with Azure SQL DB and DW

When working with Azure AD authentication for Azure SQL DB and DW, you may sometimes encounter certain issues. The table below contains some of the Azure AD authentication problems that may appear when accessing SQL DB/DW, as well as how ... continue reading
Image showing "Signers" using in the credential dumping tool signed using a stolen Whizzimo, LLC certificate.

GALLIUM: Targeting global telecom

Microsoft Threat Intelligence Center (MSTIC) is raising awareness of the ongoing activity by a group we call GALLIUM, targeting telecommunication providers. When Microsoft customers have been targeted by this activity, we notified them directly with the relevant information they need ... continue reading
Image of three devices, one showing Windows Hello, another Microsoft Authenticator, and finally FIDO2 Security Keys.

Go passwordless to strengthen security and reduce costs

We all know passwords are inherently unsecure. They’re also expensive to manage. Users struggle to remember them. It’s why we’re so passionate about eliminating passwords entirely. Passwordless solutions, such as Windows Hello, FIDO2 security keys, and the Microsoft Authenticator app, ... continue reading
Spear phishing campaigns—they’re sharper than you think

Spear phishing campaigns—they’re sharper than you think

Even your most security-savvy users may have difficulty identifying honed spear phishing campaigns. Unlike traditional phishing campaigns that are blasted to a large email list in hopes that just one person will bite, advanced spear phishing campaigns are highly targeted ... continue reading
What's the difference between Group Policy and Azure Policy?

What's the difference between Group Policy and Azure Policy?

To understand the difference between Group Policy and Azure Policy, we need to start with the architecture differences regarding how devices are seen in a Windows Server domain versus in Microsoft Azure. Traditional Group Policy architecture is based on Users ... continue reading