Microsoft has been named a leader in The Forrester Wave™: Extended Detection and Response (XDR) platforms, Q2, 2024, and received the highest scores in both strategy and current offering categories, as well as in the market presence category.
I’ve been beating our drum for a while now about the inevitability of failure in cloud-based systems. Simply put, the complexities and interdependencies of the cloud make it nearly impossible to avoid service failure, so instead we have to go against our instincts and actually design for this eventuality. Once you accept this basic premise, […]
<p>A vulnerability disclosure, as the term is used in the <a href="http://www.microsoft.com/sir">Microsoft Security Intelligence Report</a>, is the revelation of a software vulnerability to the public at large. Disclosures can come from a variety of sources, including publishers of the affected software, security software vendors, independent security researchers, and even malware creators.</p> <p>The vulnerability disclosure data in the Security Intelligence Report is compiled from vulnerability disclosure data that is published in the <a href="http://nvd.nist.gov/">National Vulnerability Database </a>(NVD). This database is the US government’s repository of standards-based vulnerability management data. The NVD represents all disclosures that have a published Common Vulnerabilities and Exposures (CVE) identifier.</p> <p><span style="text-decoration:underline;"><strong>Industry-wide vulnerability disclosures trending upwards</strong></span><br>Figure 1 illustrates the vulnerability disclosure trend across the entire industry since 2011. Between 2011 and the end of 2013 vulnerability disclosure counts ranged from a low of 1,926 in the second half of 2011 to a high of 2,588 in the first half of 2012; there were more than 4,000 vulnerability disclosures across the entire industry each year during this period. For <a href="/b/security/archive/2012/03/15/trustworthy-computing-learning-about-threats-for-over-10-years-part-4.aspx">additional context</a>, the peak period for industrywide vulnerability disclosures was 2006-2007 when 6,000 - 7,000 vulnerabilities were disclosed each year. Vulnerability disclosures across the industry in the second half of 2013 (2H13) were up 6.5 percent from the first half of the year, and up 12.6 percent from the second half of 2012. <a href="/b/security/archive/2014/07/08/industry-vulnerability-disclosures-trending-up.aspx">Read more</a></p>
When you try to view or edit your credit card details or other sensitive information in your Microsoft account, you might need to enter a security code first, to make sure that only you can get in to your account. But you can designate a computer or other device as a trusted device. On trusted […]
In July, we published a blog post which talked about the advancements Microsoft had made in encryption for Outlook.com and OneDrive to further increase the security of our customers data. Today, Microsoft Azure has taken additional steps toward our commitment to protecting customer data with the announcement of encryption improvements for Microsoft Azure guest OS. […]
Microsoft Entra expands beyond identity and access management with new product categories such as cloud infrastructure entitlement management (CIEM) and decentralized identity.
Two-step verification makes it more difficult for hackers to access your account, even when they have your password. If you turn on two-step verification, you’ll see an extra page every time you sign in on a device that isn’t trusted. The extra page prompts you to enter a security code to sign in. When you turn […]
Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) about your computer security or software fixes.
<p>Today, the Microsoft Security Response Center (MSRC) announced the private preview of <a href="http://www.microsoft.com/interflow">Microsoft Interflow</a>. This is a security and threat information exchange platform for cybersecurity analysts and researchers.</p> <p>Interflow provides an automated machine-readable feed of threat and security information that can be shared across industries and community groups in near real-time. This platform provides this information using open specifications <a href="http://stix.mitre.org/">STIX™ (Structured Threat Information eXpression), </a><a href="http://taxii.mitre.org/">TAXII™ (Trusted Automated eXchange of Indicator Information), </a>and<a href="http://cybox.mitre.org/"> CybOX™ (Cyber Observable eXpression standards). </a>This enables Interflow to integrate with existing operational and analytical tools that many organizations use through a plug-in architecture. It has the potential to help reduce the cost of defense by automating processes that are currently performed manually. </p> <p>You can get more information on Microsoft Interflow on the <a href="/b/msrc/archive/2014/06/23/announcing-microsoft-interflow.aspx">MSRC blog</a>, and as well as in this <a href="http://technet.microsoft.com/en-us/security/dn726547">FAQ</a> and at <a href="http://www.microsoft.com/interflow">www.microsoft.com/interflow</a>.</p>
<p>One of the questions I get asked from time to time is about the days of risk between the time that a vulnerability is disclosed and when we first see active exploitation of it; i.e. how long do organizations have to deploy the update before active attacks are going to happen? Trustworthy Computing’s <a href="http://www.microsoft.com/security/msec.aspx">Security Science </a>team published new data that helps put the timing of exploitation into perspective, in the recently released <a href="http://www.microsoft.com/sir">Microsoft Security Intelligence Report volume 16</a>.</p> <p>The Security Science team studied exploits that emerged for the most severe vulnerabilities in Microsoft software between 2006 and 2013. The exploits studied were for vulnerabilities that enable remote code execution. The timing of the release of the first known exploit for each remote code execution vulnerability was examined and the results were put into three groups. <a href="/b/security/archive/2014/06/16/when-vulnerabilities-are-exploited-the-timing-of-first-known-exploits-for-remote-code-execution-vulnerabilities.aspx">Read more</a></p>
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
Some say, “It takes a village to raise a child.” Extending this notion, it takes an entire global community to make the Internet a safer and better place. Microsoft is committed to fostering digital citizenship—the safer, responsible, and more appropriate use of devices and technology. Although it’s impossible to be all things to all people, […]
<p>Public Key Infrastructure (PKI) is used as a building block to provide key security controls, such as data protection and authentication for organizations. Many organizations operate their own PKI to support things like remote access, network authentication and securing communications.</p> <p>The threat of compromise to IT infrastructures from attacks is evolving. The motivations behind these attacks are varied, and compromising an organization’s PKI can significantly help an attacker gain access to the sensitive data and systems they are after.</p> <p>To help enterprises design PKI and protect it from emerging threats, Microsoft IT has released a detailed technical reference document - “<strong><a href="/controlpanel/blogs/posteditor.aspx/<strong>http:/aka.ms/securingpkidl</strong>">Securing Public Key Infrastructure</a></strong>.” <a href="/b/security/archive/2014/06/11/new-guidance-for-securing-public-key-infrastructure.aspx">Read more</a></p>
