
Spear phishing campaigns—they’re sharper than you think
Even your most security-savvy users may have difficulty identifying honed spear phishing campaigns. Unlike traditional phishing campaigns that are blasted to a large email list in hopes that just one person will bite, advanced spear phishing campaigns are highly targeted ... continue reading

Rethinking cyber learning—consider gamification
As promised, I’m back with a follow-up to my recent post, Rethinking how we learn security, on how we need modernize the learning experience for cybersecurity professionals by gamifying training to make learning fun. Some of you may have attended ... continue reading

Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1
This is the first in a blog series discussing the tools, techniques, and procedures that the Microsoft Detection and Response Team (DART) use to investigate cybersecurity incidents at our customer organizations. Today, we introduce the team and give a brief ... continue reading
Replace passwords with a biometric security key
Hi everyone, I am deeply passionate about keeping my customers secure. We are on a mission to eliminate passwords since they can be easily shared, leaked, or cracked. Our goal is to replace them with strong authentication methods such as ... continue reading

Azure Sentinel updates: Improve your security operations with innovations from a cloud-native SIEM
Just a month ago, I communicated the details about Azure Sentinel reaching general availability. Since then, many customers have shared how Azure Sentinel has empowered their teams to be nimble and more efficient. ASOS, one of the largest online fashion ... continue reading
Improve security with a Zero Trust access model
Zero Trust is a security model that I believe can begin to turn the tide in the cybersecurity battles. Traditional perimeter-based network security has proved insufficient because it assumes that if a user is inside the corporate perimeter, they can ... continue reading
Top 6 email security best practices to protect against phishing attacks and business email compromise
Most cyberattacks start over email—a user is tricked into opening a malicious attachment, or into clicking a malicious link and divulging credentials, or into responding with confidential data. Attackers dupe victims by using carefully crafted emails to build a false ... continue reading

In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks
Our experience in detecting and blocking threats on millions of endpoints tells us that attackers will stop at nothing to circumvent protections. Even one gap in security can be disastrous to an organization. At Microsoft, we don’t stop finding new ... continue reading

CISO series: Lessons learned from the Microsoft SOC—Part 3a: Choosing SOC tools
The Lessons learned from the Microsoft SOC blog series is designed to share our approach and experience with security operations center (SOC) operations. Our learnings in the series come primarily from Microsoft’s corporate IT security operation team, one of several ... continue reading
Your password doesn’t matter—but MFA does!
Your pa$$word doesn’t matter—Multi-Factor Authentication (MFA) is the best step you can take to protect your accounts. Using anything beyond passwords significantly increases the costs for attackers, which is why the rate of compromise of accounts using any MFA is ... continue reading
Highly Scalable Storage

Easily integrate enterprise class storage into your datacenter within minutes.
View Solution