
Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1
This is the first in a blog series discussing the tools, techniques, and procedures that the Microsoft Detection and Response Team (DART) use to investigate cybersecurity incidents at our customer organizations. Today, we introduce the team and give a brief ... continue reading
Replace passwords with a biometric security key
Hi everyone, I am deeply passionate about keeping my customers secure. We are on a mission to eliminate passwords since they can be easily shared, leaked, or cracked. Our goal is to replace them with strong authentication methods such as ... continue reading

Azure Sentinel updates: Improve your security operations with innovations from a cloud-native SIEM
Just a month ago, I communicated the details about Azure Sentinel reaching general availability. Since then, many customers have shared how Azure Sentinel has empowered their teams to be nimble and more efficient. ASOS, one of the largest online fashion ... continue reading
Improve security with a Zero Trust access model
Zero Trust is a security model that I believe can begin to turn the tide in the cybersecurity battles. Traditional perimeter-based network security has proved insufficient because it assumes that if a user is inside the corporate perimeter, they can ... continue reading

In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks
Our experience in detecting and blocking threats on millions of endpoints tells us that attackers will stop at nothing to circumvent protections. Even one gap in security can be disastrous to an organization. At Microsoft, we don’t stop finding new ... continue reading

CISO series: Lessons learned from the Microsoft SOC—Part 3a: Choosing SOC tools
The Lessons learned from the Microsoft SOC blog series is designed to share our approach and experience with security operations center (SOC) operations. Our learnings in the series come primarily from Microsoft’s corporate IT security operation team, one of several ... continue reading
Your password doesn’t matter—but MFA does!
Your pa$$word doesn’t matter—Multi-Factor Authentication (MFA) is the best step you can take to protect your accounts. Using anything beyond passwords significantly increases the costs for attackers, which is why the rate of compromise of accounts using any MFA is ... continue reading

All your creds are belong to us!
A few days ago, our team helped someone who had been a target of account takeover (ATO). Despite protecting the account with mandatory two-step verification using SMS and the Authenticator app, attackers had broken into the account and changed the ... continue reading

How to prevent phishing attacks that target your customers with DMARC and Office 365
You already know that email is the number one attack vector for cybercriminals. But what you might not know is that without a standard email security protocol called Domain Message Authentication, Reporting, and Conformance (DMARC), your organization is open to ... continue reading

One simple action you can take to prevent 99.9 percent of attacks on your accounts
There are over 300 million fraudulent sign-in attempts to our cloud services every day. Cyberattacks aren’t slowing down, and it’s worth noting that many attacks have been successful without the use of advanced technology. All it takes is one compromised ... continue reading