To help you seize this opportunity, we are excited to announce the general availability of Microsoft Copilot for Security (Copilot) on April 1st. This industry-leading product is the only generative AI solution that helps security and IT professionals amplify their skillset, collaborate more, see more, and respond faster. 

Move at the speed of AI

Copilot brings insights from across Microsoft Security products and those of other software vendors, delivering natural language guidance to increase team efficiency and manage daily workflows. Copilot isn’t a replacement for these tools; Instead, it enables security and IT professionals to access, summarize, and act on insights from their existing tools faster. 

In a recent research study conducted by Microsoft’s Office of the Chief Economist, experienced security analysts using Copilot were 22% faster at the common security tasks we gave them, and they achieved these time savings while also increasing accuracy by 7%. 

Most importantly, 97% of the experienced security analysts said they wanted to use Copilot again next time. 

These gains in speed, accuracy, and sentiment mean that security and IT teams have the power to radically improve not only their work, but also their sense of job satisfaction as they find the time to work on the most critical tasks, vs. being bogged down in the more mundane part of their roles. View the full report or infographic for more results from the study. 

“Recently we hired a few junior analysts and what we’ve seen is, to get those folks up to speed, with Copilot, the speed is tremendous,” said Mario Ferket, Chief Information Security Officer at Dow. “If you want to create a complex KQL script, you can now use natural language. This levels the playing field because in the past, the junior analysts would have needed help from senior analysts to do that type of work.” 

Product Capabilities 

Based on our learning from hundreds of customers during our early access program, that we began back in October, we are highlighting four critical security operations tasks, where we expect Copilot to deliver the greatest value to your teams at time of release:  

Incident Summarization 

Gain context for incidents and improve communication across your organization by leveraging generative AI to swiftly distill complex security alerts into concise, actionable summaries, which then enables quicker response times and streamlined decision-making.

Impact Analysis 

Utilize AI-driven analytics to assess the potential impact of security incidents, offering insights into affected systems and data to prioritize response efforts effectively. 

Reverse Engineering of Scripts 

Eliminate the need to manually reverse engineer malware and enable every analyst to understand the actions executed by attackers. Analyze complex command line scripts and translate them into natural language with clear explanations of actions. Efficiently extract and link indicators found in the script to their respective entities in your environment. 

Guided Response 

Receive actionable step-by-step guidance for incident response, including directions for triage, investigation, containment, and remediation. Relevant deep links to recommended actions allow for quicker response. 

Copilot is available both via an immersive standalone portal that helps teams gain a broader context to troubleshoot and remediate incidents faster with cross-product guidance and through an intuitive experience natively embedded within our existing and familiar security products. 

In addition to general availability, we are also announcing the following new Copilot product capabilities: 

Custom promptbooks allow customers to create and save their own series of natural language prompts for common security workstreams, tasks, and scenarios.  

Knowledge base integrations (in public preview) empowers Copilot for Security to integrate your business context, so you can search and query over your proprietary content.  

Usage reporting provides dashboard insights on how your teams use Copilot so that you can identify even more opportunities for optimization.  

Expanded language localization now includes prompting and responses in eight languages and the product interface is now available in 25 languages to deliver improved user experiences.

Connect to your curated external attack surface from Microsoft Defender EASM to identify and analyze the most up-to-date information on your organization’s external attack surface risks. 

Microsoft Entra audit logs and diagnostic logs give additional insight for a security investigation or IT issue and summarize audit logs related to a specific user or event. 

Use Copilot across your entire security estate

From the beginning, in addition to hundreds of early access program customers, we have worked with a broad set of security partners to help shape Copilot for Security. This has included validating and refining our new capabilities and doing critical work on plugins to extend Copilot to an ever-growing set of security products and data. 

“By integrating Copilot for Security with our MXDR service offering and Difenda AIRO, we continue to rapidly address routine triage and response activities. Through customer testing, we have proven at least a 60% reduction in alert volume from phishing incidents and we are excited to see the drastic acceleration of cyber security program maturity for companies of all levels.” 

-Andrew Hodges, VP of Service Delivery & Product Development, Difenda 

Discover the innovations MISA partner, Quorum Cyber, is making to help defend customers against cyber threats at scale with the generative AI capabilities of Copilot for Security. Watch the video.

Learn how MISA partner, Netskope, is advancing threat response and enhancing data protection for customers with the generative AI capabilities of Copilot for Security. Watch the video.

Today we have a rapidly growing library of plugins for Copilot for Security, and we continue to work with our partner ecosystem to deliver more. Most recently, we are highlighting:

• Netskope: Enrich investigations with alerts and incidents data from malware, malsite, User Behavior Analytics, app access, and connection events. 
• Valence Security: Respond to SaaS threats with enriched context from posture, identity, threat detection alerts, data shares, and integration context. 
• Tanium: Assess incidents with endpoint visibility and resolve with recommended remediation actions. 
• Cyware: Gain context and enrichments to analyze, prioritize and remediate. 
• SGNL: Maintain a posture of zero standing privilege with cross-ecosystem visibility and insights. 

For partners who want to join us on the Copilot for Security journey to help our mutual customers please visit us at https://aka.ms/CopilotforSecurityPartners to learn more. 

Get started 

Microsoft plans to make Copilot for Security generally available for purchase as a consumption offering beginning April 1, 2024. We will have one simple pricing model that covers both the standalone Copilot experience, and embedded experiences across the Microsoft Security product portfolio. 

A consumption model means it will be easy to get started quickly and on a small scale, to experiment and learn with no upfront per device or per user charges. Customers will use their existing Azure subscription or sign up for one if they are not already an Azure customer. They will then be able to provision Azure capacity to support all their Copilot for Security workloads, both standalone and embedded. Copilot for Security capacity is anticipated to be billed monthly via a new Security Compute Unit (SCU) at the rate of $4/hr. 

Learn more about Copilot for Security 

To learn more about Microsoft Copilot for Security, visit aka.ms/CopilotForSecurity or contact your Microsoft sales representative. If you missed us at Microsoft Secure, you may watch the replay video.

11 Likes

 Like

The post Microsoft Copilot for Security: General Availability details appeared first on Microsoft Security Blog.

At Microsoft, we aim to help our customers meet the range of today’s security demands—together. In this environment, it is not a surprise that organizations are looking to do more with less and turning to managed security services to help their security teams.

Microsoft Security Experts

Extend your ability to defend and manage with a comprehensive line of services from the experts at Microsoft.

Learn more

Microsoft Defender Experts for XDR

In preview last year, Microsoft Defender Experts for XDR is now generally available. This managed extended detection and response (MXDR) service helps customers alleviate some of their most pressing pain points, including alert fatigue, scarce cybersecurity resources, and a limited ability to look end-to-end—beyond the endpoints—to visualize and correlate threat data across their entire digital environment. For most companies, security isn’t their core business. Defender Experts for XDR can help customers drive security operations center (SOC) efficiency and add security expertise to their team quickly, freeing up their time to work on other security priorities.

Microsoft Defender Experts for XDR helps SOC teams focus on what matters, triaging and investigating prioritized incidents on your behalf. Our Defender Experts are available around the clock to chat about specific incidents or alerts, so your team can get immediate confirmation or clarification on a particular incident. Also, they provide detailed best practices and recommendations to help your team prevent future attacks and improve your overall security posture.

To learn more about Defender Experts for XDR, read through our blog that walks through how the service works or watch our explainer video to see the service in action.

Microsoft Defender Experts for Hunting

Microsoft Defender Experts for Hunting is generally available for customers who look to Microsoft to proactively hunt for threats across Microsoft Defender data—including endpoints, email, cloud applications, and identity. Defender Experts for Hunting combines human expertise and hunter-trained AI to probe deeper to expose threats and correlate across your security stack. Improve your SOC response and prioritize significant threats with timely notifications and analysis by our expert threat hunters. And if you have questions, you can contact our Experts on Demand directly within your Microsoft Defender portal.

To learn more about how we approach active threat hunting, read through our Threat Hunting Survival Guide, or read about our participation in MITRE’s first managed services evaluation.

Microsoft Incident Response

For customers that want help remediating a complex breach (or avoiding one altogether), Microsoft Incident Response (Microsoft IR) offers an end-to-end portfolio of proactive and reactive incident response services. We’ve been helping customers with their toughest incident response challenges since 2008. And we created Microsoft IR to be the first call for customers before, during, and after an incident. We operate in 190 countries and our incident responders are seasoned veterans with more than a combined 1,000 years of career experience resolving attacks from ransomware criminals to the most sophisticated nation-state threat actor groups.

Proactive services can help organizations identify and mitigate risks before they become incidents. This includes services such as compromise assessments, threat hunting, and incident response planning. We know companies that put proactive measures in place detect breaches 108 days faster than those without support (214 days compared to 322 days).³ Reactive services can help organizations respond to a breach quickly and effectively to mitigate damage. This includes services such as incident investigation, containment, and remediation.

Since our last update, Microsoft Incident Response Retainer is now generally available. This new option is designed to give our customers a proactive way to get IR support from Microsoft and was designed to work with cyber insurance. The Microsoft IR Retainer is a flexible and scalable service that can help organizations of all sizes prepare for and respond to cyber incidents. The retainer includes pre-paid hours that provide organizations with peace of mind knowing that they have the resources they need to respond to an incident, regardless of its size or complexity. And if reactive services are not needed, the pre-paid hours can be reallocated to proactive services that help shore up the organization’s security posture. The Microsoft Incident Response Retainer is a valuable tool for organizations of all sizes that want to be prepared for the unexpected. View the explainer video for more information.

To learn more about all our Incident Response services—including the newly available retainer—visit our Microsoft Incident Response webpage or go behind the scenes for an inside look at real-life cyberattack investigations in the Cyberattack Series.

Expert-led security transformation

Microsoft Security Enterprise Services (Enterprise Services), formerly known as Microsoft Security Services for Modernization, has restructured its offerings and is now more focused on helping customers meet modern security needs. These services are ideal for large enterprises that want to leverage Microsoft best practices and know-how as they continue their security transformation. Enterprise Services offers hands-on expertise and advisory services to assess and create your modern organizational cybersecurity strategy. These offerings provide planning and operations expertise to help you mitigate business risks and meet compliance requirements to ensure your business is future-ready. The services have recently been combined into two core expertise areas:

Security Cyber Resilience: End-to-end services to modernize and secure your digital estate including identities, data, applications, and devices across Microsoft Azure and multicloud environments. Microsoft Security Cyber Resilience helps safeguard your digital estate and create a transformation program of change, strategy, and operating models.

Security Operations: Secure your digital estate and safeguard critical information and assets with a security strategy and framework designed and implemented to respond to the modern threat landscape. Security Operations helps create—and action—a program of change for cybersecurity to make your digital estate more secure.

Working alongside our partners

Cybersecurity is a team sport. Too often, organizations play it outnumbered and outsmarted by the attacker. For most companies, cybersecurity is not their core business, and hiring specialized resources to address these concerns can be a challenge. Most customers rely on a trusted security provider in some capacity to help them on their security journey.

Microsoft partners provide robust services and the ability to uniquely customize their offering to your needs. Service providers commonly protect across the breadth of your estate including Microsoft and other third-party security tools. Microsoft’s partners also routinely provide customized service level agreements, data regulatory and industry specialization, and other specialized services aligned with the specific needs you may have, ranging from remotely managed supplementary services to your in-house team through full outsourcing services as required. Microsoft Security Experts services were built to work alongside partner services, and we frequently partner with them on customer requests and design feedback for our solutions.

Over the previous 12 months, more than 40 partners in the Microsoft Cloud Partner Program with Security designations have now received this verified MXDR engineering verification. If you are considering adding MXDR services, we recommend reviewing one of Microsoft’s verified MXDR service partners.

Looking to the future

As we continue to face new cybersecurity challenges, Microsoft will continue to evolve our Microsoft Security Experts services through our innovative engineering practices while leveraging the immense power of AI and other breakthrough technologies to help protect individuals, businesses, and more. Visit the Microsoft Security Experts page to learn more.

Cybersecurity and AI news

Discover the latest trends and best practices in cyberthreat protection and AI for cybersecurity.

Get the latest resources

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.  

¹Revealing New Opportunities for the Cybersecurity Workforce, (ISC)2. 2022.

²Top Risks in Cybersecurity 2023, Bipartisan Policy Center. February 13, 2023.

³Cost of a Data Breach Report 2023, IBM. 2023.

The post Expanded Microsoft Security Experts offerings provide comprehensive protection appeared first on Microsoft Security Blog.

2020 was a transformational year. Seemingly overnight, COVID-19 reshaped our perspective on work, home life, and security. Setting up home offices and powering through online presentations in our pajama bottoms (with cameos by pets and children), our industry rose to the challenge. All that challenging work kept firstline workers, students, medical professionals, and the rest of us connected and secure through a dark year. Now as we approach a full year, we will again celebrate our colleagues in security, compliance, and identity at the second annual Microsoft Security 20/20 awards ceremony on May 12, 2021.

“The past 12 months have reshaped our industry. We’ve all been pushed to reach new heights—creating integrated security, compliance, and identity solutions that work across platforms and cloud environments. We want to recognize the partners who helped get us there by creating their own game-changing Microsoft-based solutions and services.” —Vasu Jakkal, CVP Microsoft Security, Compliance & Identity

Perspective

According to the American Optometric Association: “20/20 vision does not necessarily mean you have perfect vision, it only indicates the sharpness or clarity of vision at a distance.” Last year’s theme of “Vision and Clarity” focused on shaping Microsoft’s vision for the security ecosystem alongside our partners, but the past year has prompted all of us to have a new perspective. The last 12 months have, in a way, forced us all to step back and reexamine the solutions we offer. Our industry burned the midnight oil, retooling products to better support a new remote workplace. The Microsoft Security 20/20 awards ceremony will acknowledge our new reality and shifted viewpoint with the theme of “Perspective—Through the looking glass.”

Unlike the online meetings we all know too well, this awards show will be an immersive, digital experience, ripe with dazzling visuals and soundscapes. We’re going all-in to celebrate our finalists and winners across 18 award categories honoring the best in the security, compliance, and identity ecosystem. We promise to engage all five of your senses to get you out of that office chair (figuratively, anyway), traveling through lush forests, bright meadows, and along a breezy beach.

Everyone is welcome. In this short-but-sweet awards show, we’ll skip the speeches and double down on creativity and fun. You’re invited to watch the 90-minute event and engage with us on social media. Feel free to invite your spouse, fur baby, or favorite houseplant. Just don’t forget to snap a selfie and share it with the hashtag: #MSFTSecurity2020.

Security for all

Microsoft is committed to building solutions that safeguard your entire organization—delivering integrated security, compliance, identity, and management across platforms and cloud environments. We want to help our customers prioritize risks using unified management tools and strategic guidance that maximize the human experience. The Microsoft Security 20/20 awards honor partners who align with Microsoft’s focus on customer obsession and have developed innovative, integrated solutions during the past year—helping us realize our vision of security for all.

This year’s finalists

The award categories and finalists were selected by a cross-functional group within Microsoft for their excellence in innovation, integration, and customer implementation. This year, winners will be voted on by members of the Microsoft Intelligent Security Association (MISA), making this truly a celebration among peers. Each MISA member company will get one vote and winners will be announced at the event (finalists, you’ll have to watch to find out if you won!).

Security Trailblazer

Partners who drive major security-related initiatives and educate the market on how to be more secure.

• Darktrace Winner
• Fireblocks
• Illusive
• KnowBe4
• Vectra

Most Transformative Integration Partner

Partners that are actively building integration across the Microsoft Security portfolio, along with demonstrating leadership in driving new, differentiated integrations.

• Barracuda
• Check Point Winner
• Cisco
• Citrix
• Forcepoint

Compliance Trailblazer

Partners who further major compliance-related initiatives and educate the market on compliance risks.

• Cognni Winner
• McAfee
• Relativity
• TeleMessage
• Veritas Technologies LLC

Microsoft Security System Integrator of the Year

System Integrators that work closely with field sellers to close deals, integrate, and deploy Microsoft Security into customers’ environments.

• Ascent Solutions
• Edgile
• Glüeck & Kanja Consulting AG
• Optiv Winner
• Oxford Computer Group

Identity Trailblazer

Partners who drive major identity-related initiatives and educate the market on how to protect identities.

• Illusive Winner
• Silverfort
• Strata
• Twilio
• Yubico

Microsoft Security GTM partner of the Year

Partners who complete the largest number of workshops with the highest degree of excellence.

• Insight North America
• Netrix
• PowerOn Platforms
• SoftwareONE Winner
• Synergy Advisors LLC

Microsoft 365 Security Deployment Partner of the Year

Service providers that increase usage and adoption rates for Microsoft 365 security products.

• Accenture Winner
• Atea
• CDW
• Core BTS
• Insight

SCI Advisory of the Year

Security advisory firms that are building core competencies on top of Microsoft Security solutions and acting as a trusted advisor to Microsoft customers.

• Accenture
• EY
• KPMG
• PwC Winner
• Wipro

Microsoft Azure Security Deployment Partner of the Year

Service providers that increase usage and adoption rates for Azure security products.

• Ascent Solutions
• Avanade
• Collective Insights
• Insight Winner
• Planet Technologies

The Security Industry Changemaker

Individuals that make a standout contribution to improve the security community.

• Camille Stewart and Lauren Zabierek Winner
• Ambareen Siraj
• Eva Galperin
• Kevin Mandia
• Marcus Carey

Zero Trust Champion – ISV (Independent Software Vendors)

Software vendors that increase usage and adoption rates with solutions aligned with Microsoft’s Zero Trust strategy.

• Cisco
• F5
• Forcepoint
• Palo Alto Networks
• Zscaler Winner

Top MDR (Managed Detection and Response) Team

Managed Detection and Response teams that provide incident responses for the world’s largest customers and partner with Microsoft Security to continually improve customer security.

• BlueVoyant Winner
• Critical Start
• Mandiant
• Open Systems
• Trustwave

Zero Trust Champion – SI (Systems Integrators)

System Integrators that accelerate secure remote work and help customers accelerate their Zero Trust strategy.

• Atea
• Avanade Winner
• Edgile
• InSpark
• Wortell

Top Managed SOC (Security Operations Centers)

Security Operations Centers that provide managed security services to the world’s largest customers and partner with Microsoft to continually improve customer security.

• Accenture
• BT
• IBM
• Optiv
• Trustwave Winner

Emerging Security ISV Disruptor

Independent Software Vendors who show growth potential and have innovative emerging capabilities.

• Axis Security
• Axonius
• Hunters
• Medigate
• Orca Security Winner

Microsoft Security Customer Impact

Partners who have driven a significant number of customers wins and have a proven track record for customer satisfaction.

• Barracuda
• Fortinet Winner
• Open Systems
• Optiv
• Saviynt

Compliance Services Innovator of the Year

Service partners that demonstrate leadership and innovation in managed compliance service scenarios.

• Accenture
• BDO
• Epiq
• Lighthouse Winner
• Protiviti

Security ISV of the Year

Independent Software Vendors that have shown innovation and the ability to drive revenue.

• Barracuda
• Check Point
• F5
• ServiceNow Winner
• Zscaler

Our partners in the security, compliance, and identity ecosystem continually inspire us to create stronger, more integrated solutions. Please join us in celebrating their achievements at the Microsoft Security 20/20 awards, May 12, 2021—we look forward to seeing you there!

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

The post Finalists announced in second annual Microsoft Security 20/20 awards appeared first on Microsoft Security Blog.

For my team, seeing the Microsoft Intelligent Security Association (MISA) grow to 190 partner companies has been a bright spot in a dark year. To date, MISA members have created 215 product integrations, and I’m pleased to announce that our pilot program for adding managed security service providers (MSSPs) has formally transitioned. MISA now includes 39 MSSP members who have created 76 MSSP offers since the beginning of the fiscal year.

“Microsoft Security integrates with a broad ecosystem of platforms and cloud providers, so they work with the things you already have in your environment; whether those things are from Microsoft, or not. Our partners are key to helping facilitate this integration.”—Vasu Jakkal, CVP, Security, Compliance and Identity

“Adding managed security service providers promises to increase the ecosystem’s value even more by offering an extra layer of threat protection—reducing the day-to-day involvement of in-house security teams. It’s another important step in strengthening and simplifying security at a time when risk mitigation is one of IT’s highest priorities.”—Shawn O’Grady, Senior Vice President and General Manager, Cloud + Data Center Transformation at Insight

Because Microsoft’s footprint extends across many technologies, we have an advantage in creating holistic solutions that encompass the full breadth of security, compliance, and identity. In keeping with that end-to-end approach, we’ve expanded MISA to include 5 new compliance products, growing the MISA product portfolio to 18.

“The explosion of data from digital transformation and remote work make the integration of security and compliance tools across internal and external ecosystems more critical than ever. Together with the deep expertise of our MISA members, we can help our customers address their complex, evolving security and compliance needs.”—Alym Rayani, General Manager, Microsoft Compliance

Compliance comes to MISA

Microsoft compliance products help our customers assess their compliance risk, protect their sensitive data, and govern it according to regulatory requirements. Through MISA, members get support in building managed services and integrations that:

1. Protect and govern data wherever it lives.
2. Identify and take actions on critical insider risks.
3. Simplify compliance and reducing risk.
4. Investigate and respond with relevant data.

“TeleMessage is excited to bring our Mobile Communication Archiving products to be a part of Microsoft’s security solutions. Being a MISA member allows us to work closely with the Microsoft teams and allows us to provide seamless, secure, and compliant integrations delivering all popular forms of mobile communication.”—Guy Levit, CEO at TeleMessage

Microsoft Information Protection has been part of MISA since the association began in 2018, providing broad coverage across devices, apps, cloud services, and on-premises systems. This year, we’re continuing to develop our holistic partner community across security, compliance, and identity by adding five additional Microsoft compliance products to our portfolio:

• Microsoft Information Governance: Keep what you need and delete what you don’t. Apply compliance solutions and a deletion workflow for email, documents, instant messages, social media, document collaboration platforms, and more.
• Microsoft Data Loss Prevention: Help users stay compliant without interrupting their workflow—prevent the accidental sharing of sensitive information across Exchange Online, SharePoint Online, OneDrive for Business, Microsoft Teams, and desktop versions of Excel, PowerPoint, and Microsoft Word.
• Microsoft 365 Insider Risk Management: Identify critical insider risks and take the appropriate action. With built-in privacy controls, use native and third-party signals to identify, investigate, and remediate malicious and inadvertent activities in your organization.
• Microsoft Advanced eDiscovery: Gain an end-to-end workflow to collect, analyze, preserve, and export content that’s responsive to your organization’s internal and external investigations. Identify persons of interest and their data sources, then manage the legal-hold communication process.
• Microsoft Compliance Manager: Get help throughout your compliance journey, from taking inventory of your data protection risks to managing the complexities of implementing controls, staying current with regulations and certifications, and reporting to auditors.

“Joining MISA enhances our relationship with Microsoft and our commitment to being an information governance and compliance leader providing solutions for organizations to bring third-party data into Microsoft 365 archive,” said Charles Weeden, Managing Partner of 17a-4, LCC. “DataParser’s connectors will allow Microsoft 365 Compliance users to ingest content from various sources, such as Bloomberg, Slack, Symphony, Webex Teams and many others.”

Connectors and APIs to extend compliance capabilities

Organizations today face an intimidating amount of data to protect across disparate systems, both on-premises and in the cloud. That’s why Microsoft compliance solutions span information protection and governance, data-loss prevention, insider risk, eDiscovery, audit, and compliance management—including your non-Microsoft data.

Microsoft 365 compliance enables organizations to extend, integrate, accelerate, and support their compliance solutions with three key building blocks:

• Data connectors: Import, archive, and apply Microsoft 365 protection and governance capabilities to third-party data.
• APIs: Enable programmatic access to Microsoft 365 compliance capabilities.
• Power Automate Integrations: Gain seamless automation and workflow customizations.

All of these new capabilities exist within Microsoft’s integrated compliance platform. Meaning, customers only need to set compliance policies a single time, regardless of the data source.

“The Veritas Merge1 connector platform integration with M365 allows our joint customers to configure, connect, and capture a vast number of data sources from within the M365 compliance center. The integration makes it easy to quickly identify which data sources need to be captured, to configure connectivity to those data sources and to pull data into M365 all from within the Azure infrastructure. Our development teams have worked closely together for over 12 months to make sure the workflow is simple and the capabilities are robust. With the increase in global regulations over the past several years, our goal is to simplify compliance, and we believe we have achieved that by working together with Microsoft.”—David Scott, Sr. Director, Digital Compliance at Veritas Technologies

Microsoft Security lights the way

As the global pandemic forced millions into remote work last year, hackers took advantage and upped their game, as seen with the recent Solorigate attack. Many organizations saw their sensitive data created, viewed, and distributed across multiple fragmented platforms that increased the potential attack surface. Because we view security as part of the common good, we chose to take a proactive approach; shifting cybersecurity away from the shadows and into a place of innovation and empowerment.

“MISA has helped us promote successful integrations with Azure Security Graph API and Azure Active Directory, both now deeply embedded in Barracuda security solutions.”—Tim Jefferson, SVP Data, Networking, and Applications, Barracuda Networks

During Microsoft Ignite, March 2-4, 2021, you’ll see added investment in our security, compliance, and identity portfolio as we continue to innovate and create holistic solutions that support cultures of security for our customers and partners, based on four basic principles:

• Protect everything: Safeguard your entire organization with integrated security, compliance, and identity solutions built to work across platforms and cloud environments.
• Simplify the complex: Prioritize risks with unified management tools and strategic guidance created to maximize the human expertise inside your company.
• Catch what others miss: Enable AI, automation, and human expertise to help you detect threats quickly, respond effectively, and fortify your security posture.
• Grow your future: Gain the peace of mind that comes with a comprehensive security solution, empowering you to grow, create, and innovate across your business.

To learn more about upcoming big announcements at Microsoft Ignite this week, visit our latest blog posts:

• 4 Ways Microsoft Is Delivering Security for All in a Zero Trust World by Vasu Jakkal.
• Securing & Governing Data in a New Hybrid Work Reality by Alym Rayani.
• Microsoft Compliance joins the Microsoft Intelligent Security Association (MISA) as we continue to extend the Microsoft Compliance ecosystem by Hammad Rajjoub.

To learn more about Microsoft Security solutions, visit our website.  Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

The post Compliance joins Microsoft Intelligent Security Association (MISA) appeared first on Microsoft Security Blog.

Welcoming Managed Security Service Providers to MISA

Two years ago, we launched MISA to offer our customers holistic solutions that help them better defend against a world of increasing threats. Our vision was to build a robust security ecosystem that included leading security technology companies that provide value to our joint customers. We began by partnering with independent software vendors that have integrated their solutions with Microsoft. Since launch, MISA has expanded significantly—in just the last year, membership increased from 57 members to 133!

Through MISA, we’ve been able to collaborate with some of the most innovative security companies in the world, but our joint customers also need security services that are deeply interwoven with MISA software solutions. To meet this demand, MISA is launching an invitation-only pilot program in July 2020 for select managed security service providers (MSSPs).

“Today we’re happy to bring a win-win-win offering by enabling MSSPs and managed detection and response partners to sell and deploy not just Microsoft’s security solutions but more importantly our joint solutions with our independent software vendor partners.”  – Eran Barak, Principle PM Manager, Microsoft Threat Protection.

By including MSSPs in the program, our joint customers will benefit from security consultants with deep expertise in MISA solutions, enabling them to get the most out of their investments. The expansion also creates more opportunities for security organizations to work together on the creative solutions we will need to confront an evolving threat landscape.

“MISA members are the cybersecurity industry leaders, unified by the common goal of helping secure our customers by offering their own valuable expertise and making the association more effective as it expands.”– Mandana Javaheri, Global Director of Cybersecurity Solutions Group at Microsoft Corp.

I am proud of the work that MISA has accomplished to date and look forward to partnering with our newest members to help our joint customers better safeguard their organizations. Please join me in welcoming the following MSSPs to MISA:

Accenture

MISA service offering: Azure Sentinel

Accenture Security helps organizations prepare, protect, detect, respond and recover along across the entire Microsoft Security portfolio across the full security lifecycle. Learn more.

AscentSolutions

MISA service offering: Azure Sentinel, Azure Security Center

Ascent Solutions’ risk-based defense strategy aligns your priorities with the right technology, processes, and route map to make your business more secure today. And because cybersecurity is at the heart of everything we do, we also help you defend against the right attack vectors and combat malicious actors to better protect your businesses into the future. Learn more.

Avanade

MISA service offering: Azure Sentinel

From enabling a modern workplace, to protecting your applications in the cloud, Avanade provides a holistic approach to security at every step. Learn more. 

BlueVoyant

MISA service offering: Azure Sentinel, Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)

BlueVoyant provides managed detection and response (MDR) services utilizing Azure Sentinel, a cloud-native security information and event manager (SIEM), and Microsoft Threat Protection, an integrated platform that unifies best-in-class products that include Microsoft Defender ATP, Office 365 Advanced Threat Protection, Azure Advanced Threat Protection, and Microsoft Cloud Application Security. Learn more.

Born in the Cloud

MISA service offering: Azure Sentinel, Azure Security Center

Born In The Cloud leverages Azure Security services including Azure Sentinel and machine learning algorithms to monitor your environment and make sense of the data faster than any human can, allowing us to respond to threats quickly. We also manage Windows 10, Office 365, Microsoft Defender ATP and Microsoft Endpoint Manager for you, to help keep devices, data, and identities safe. All built on Azure Cloud. Learn more.

BT

MISA service offering: Azure Sentinel

BT is a leading provider of cybersecurity services, with over 3,000 experts around the world protecting BT’s operations and customers across 180 countries. Its global network of 16 Security Operations Centers protects BT against 125,000 cyber-attacks every month and provides cybersecurity solutions and services to consumers, governments, and businesses, including multinational organizations. BT Security offers managed service solutions that provide flexible choices and reduce complexity for our shared customers, allowing them to concentrate on their business and leave the management of their security in expert hands. Learn more.

Critical Start

MISA service offering: Microsoft Defender ATP, Azure Sentinel

CRITICALSTART enables customers to centralize, ingest, and correlate their logs to ensure their environment is secure. CRITICALSTART’s MDR utilizes a Trusted Behavior Registry to investigate every alert generated until they are classified as a known good and can be safely resolved. Customers see every action our CYBERSOC analysts take since our platform provides transparency across the entire process. Learn more.

Cyberproof

MISA service offering: Azure Sentinel

Cyberproof monitors your security alerts and suspicious events, collected from multiple internal and external customer data sources including Microsoft Azure Sentinel SIEM. Threats are detected as they emerge in critical cloud and on-premises infrastructure. Learn more.

Dell

MISA service offering: Microsoft Defender ATP, Azure ATP

At Dell, security is a priority – a part of every conversation; it connects our team members, customers, processes and technologies. Dell’s Security and Trust Center provides easy access to resources and solutions to help you quickly find answers to your security questions. Learn more.

Expel

MISA service offering: Microsoft Defender ATP, Azure Sentinel

The combination of the Expel Workbench™ and Expel analysts monitor your environment 24×7 to provide transparent managed security that finds attackers and gives you the answers to help you kick them out and keep them out. Learn more.

EY

MISA service offering: Microsoft Defender ATP, Azure Security Center

EY provides day-to-day resilience as well as a proactive, pragmatic, and strategic approach that considers risk and security from the onset. This is Security by Design. Rather than avoiding risk altogether, Security by Design is about enabling trust in systems, designs, and data so that organizations can take on more risk, lead transformational change, and innovate with confidence. EY Next-generation security operations and response teams can provide organizations with the right amount of support to help them manage leading-class security operations in a programmatic way.  Learn more.

FishTech

MISA service offering: Microsoft Defender ATP

Fishtech is the leading current generation cybersecurity services provider for enabling secure and successful business transformation. Data-driven and born in the cloud, Fishtech provides the people, processes, and technology to minimize risk, maintain compliance, and increase business efficiency. Our human-led, machine-driven security-as-a-service division, CYDERES, helps organizations manage cybersecurity risks, detect threats, and respond to security incidents in real-time. Learn more.

Infosys

MISA service offering: Azure Active Directory, Azure Sentinel

Infosys CyberSecurity offers a flexible managed security services model that empowers organizations with people, processes, and technology to secure their critical assets and data. With our quality services, we help protect your data and infrastructure with the latest technology and certified professionals, while adhering to the latest industry-specific compliance standards. Learn more.

Insight

MISA service offering: Azure Sentinel

Insight Services for Azure Sentinel help you take advantage of cutting-edge technology from Microsoft to strengthen and simplify your security environment. During an engagement, our consultants address all major areas of your SOC, including new tools or processes that would be beneficial to adopt. Learn more.

Inspark

MISA service offering: Azure Sentinel

The new Azure Sentinel and the Fusion capabilities empower Inspark to help keep our customers safe for the future. Our Cloud Security Center incorporates Azure Sentinel and the Microsoft Security Graph into our solution to better protect our customers. Learn more.

KPMG (US & EMEA)

MISA service offering: Azure Sentinel

The KPMG + Azure Sentinel solution has been designed to help businesses improve their security monitoring and incident response capabilities by combining KPMG’s cybersecurity, incident response, and industry experience with Microsoft’s advanced cybersecurity technologies. Learn more.

Open Systems

MISA service offering: Azure Sentinel

Open Systems designed a scalable MDR platform that helps detect threats early to limit the damage. It combines human knowhow, advanced automated threat detection, and the best sensor technology. In addition, a cloud-scale SIEM built on Microsoft Azure Sentinel ensures smooth logfile integration from your existing security controls and other sources of relevant data. Learn more.

Optiv Security

MISA service offering: Microsoft Defender ATP, Azure Sentinel, Azure Active Directory

Optiv Security is a security solutions integrator that enables clients to reduce risk by taking a strategic approach to cybersecurity. Align your security program to achieve specific business outcomes with our full suite of service capabilities, from strategy to technology—and everything in between. Our managed security services provide vetted on-staff vulnerability and security researchers and multiple operations centers to support your organization every moment, of every day, so you can refocus your existing IT staff on core business needs. Learn more.

Truesec

MISA service offering: Microsoft Defender ATP

As a leading cybersecurity consulting company, Truesec offers a wide range of services including security health checks, security engineering, and penetration testing, all provided by cyber security specialists. Our managed service will give your organization the capability to detect and respond quickly to cyberattacks. Our success is based on a combination of extraordinary cyber experts, the most advanced tools in the market today, and by investing in truly understanding the specifics of our client’s IT environments. Learn more.

Trustwave

MISA service offering:  Microsoft Defender ATP, Azure Sentinel

Trustwave Threat Detection and Response Services for Microsoft Azure uses Microsoft Security Graph API to ingest data from Microsoft Azure Sentinel and Microsoft Defender ATP to provide real-time triage, analysis, investigation, response, and remediation of security threats. Learn more.

Wipro

MISA service offering: Azure Active Directory, Azure Sentinel

Wipro provides end-to-end security solutions and services for business to enterprise, partners and consumers through Microsoft security stacks. Learn more

For more information

To learn more about the Microsoft Intelligent Security Association watch this video or visit the webpage.  To learn more about Microsoft Security solutions visit our website.  Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

The post Microsoft Intelligent Security Association expands to include managed security service providers appeared first on Microsoft Security Blog.

New members expand the portfolio of MISA integrations

Our new members include a number of ecosystem partners, like RSA, ServiceNow, and Net Motion, which have developed critical integrations that benefit our shared customers and we look forward to deepening our relationship through MISA engagement.

New MISA member RSA is now using Azure Active Directory’s risky user data and other Microsoft security signals to enrich their risk score engine. Additionally, RSA also leverages the Graph Security API to feed their SIEM solution, RSA NetWitness with alerts from the entire suite of Microsoft Security solutions.

 “RSA is excited to showcase the RSA SecurID and RSA NetWitness integrations with Microsoft Security products. Our integrations with Microsoft Defender ATP, Microsoft Graph Security API, Azure AD, and Microsoft Azure Sentinel, help us to better secure access to our mutual customer’s applications, and detect threats and attacks. We’re excited to formalize the long-standing relationship through RSA Ready and MISA to better defend our customers against a world of increasing threats.”
—Anna Sarnek, Head of Strategic Business Development, Cloud and Identity for RSA

The ServiceNow Security Operations integration with Microsoft Graph Security API enables shared customers to automate incident management and response, leveraging the capabilities of the Now Platform’s single data model to dramatically improve their ability to prioritize and respond to threats generated by all Microsoft Security Solutions and custom alerts from Azure Sentinel.

“ServiceNow is pleased to join the Microsoft Intelligent Security Alliance to accelerate security incident response for our shared customers. The ServiceNow Security Operations integration with Azure Sentinel, via the graph security API, enables shared customers to automate incident management and response, leveraging the capabilities of the Now Platform’s single data model to dramatically improve their ability to prioritize and respond to threats.”
—Lou Fiorello, Head of Security Products for ServiceNow

Microsoft is pleased to welcome NetMotion, a connectivity and security solutions company for the world’s growing mobile workforce, into the security partner program. Using NetMotion’s class-leading VPN, customers not only gain uncompromised connectivity and feature parity, they benefit from a VPN that is compatible with Windows, MacOS, Android and iOS devices. For IT teams, NetMotion delivers visibility and control over the entire connection from endpoint to endpoint, over any network, through integration with Microsoft Endpoint Manager (Microsoft Intune).

“NetMotion is designed from the ground up to protect and enhance the user experience of any mobile device. By delivering plug-and-play integration with Microsoft Endpoint Manager, the mobile workforce can maximize productivity and impact without any disruption to their workflow from day one. For organizations already using or considering Microsoft, the addition of NetMotion’s VPN is an absolute no-brainer.”
—Christopher Kenessey, CEO of NetMotion Software

Expanded partner strategy for Microsoft Defender Advanced Threat Protection (ATP)

The Microsoft Defender ATP team worked with our ecosystem partners to take their rich and complete set of APIs a step further to extend the power of our combined platforms. This helps customers strengthen their network and endpoint security posture, add continuous security validation and attack simulation testing, orchestrate and automate incident correlation and remediation, and add threat intelligence and web content filtering capabilities. Read Extending Microsoft Defender ATP network of partners to learn more about their partner strategy expansion and their open framework philosophy.

New product teams join the association

In addition to growing our membership, MISA expanded to cover 12 of Microsoft’s security solutions, including our latest additions: Azure Security Center for IoT Security and Azure DDoS.

Azure Security Center for IoT Security announces five flagship integration partners

The simple onboarding flow for Azure Security Center for IoT enables you to protect your managed and unmanaged IoT devices, view all security alerts, reduce your attack surface with security posture recommendations, and run unified reports in a single pane of glass.

Through partnering with members like Attivo Networks, CyberMDX, CyberX, Firedome, and SecuriThings, Microsoft is able to leverage their vast knowledge pool to help customers defend against a world of increasing IoT threats in enterprise. These solutions protect managed and unmanaged IoT devices in manufacturing, energy, building management systems, healthcare, transportation, smart cities, smart homes, and more. Read more about IoT security and how these five integration partners are changing IoT security in this blog.

Azure DDoS Protection available to partners to combat DDoS attacks

The first DDoS attack occurred way back on July 22, 1999, when a network of 114 computers infected with a malicious script called Trin00 attacked a computer at the University of Minnesota, according to MIT Technology Review. Even after 20 years DDoS continues to be an ever-growing problem, with the number of DDoS attacks doubling in the last year alone and the types of attacks getting increasingly sophisticated with the explosion of IoT devices.

Azure DDoS Protection provides countermeasures against the most sophisticated DDoS threats. The service provides enhanced DDoS mitigation capabilities for your application and resources deployed in your virtual networks. Technology partners can now protect their customers’ resources natively with Azure DDoS Protection Standard to address the availability and reliability concerns due to DDoS attacks.

“Extending Azure DDoS Protection capabilities to Microsoft Intelligent Security Association will help our shared customers to succeed by leveraging the global scale of Azure Networking to protect their workloads against DDoS attacks”
—Anupam Vij, Principal Product Manager, Azure Networking

Learn more

To see MISA members in action, visit the Microsoft booth at RSA where we have a number of our security partners presenting and demoing throughout the week. To learn more about the Microsoft Intelligent Security Association, visit our webpage or the video playlist of member integrations. For more information on Microsoft security solutions, visit our website.

The post MISA expands with new members and new product additions appeared first on Microsoft Security Blog.

Microsoft Security 20/20 is nearly here and our team is putting the final touches on what we think will be a memorable event. Microsoft Security 20/20 will put the spotlight on companies and individuals with a clear-eyed view of the security challenges we face and smart solutions to help solve them. By working together, we advance the vision of what’s possible—and our joint customers’ security is stronger because of it.

“Solving our mutual customers’ security challenges is very much a team sport. I’m excited to recognize these leaders in the ecosystem at Microsoft’s inaugural security awards.”
—Andrew Conway, General Manager, Security Product Marketing

About the event

At the inaugural Microsoft Security 20/20 partner awards, we’ll celebrate finalists in 16 award categories that span security integration partners, system integrators, and managed security service providers. The awards gala will take place February 23, 2020—the Sunday before the RSA Conference in San Francisco. All finalists have been invited to attend this private event. Opening remarks from Ann Johnson, Corporate Vice President of the Cybersecurity Solutions Group, will center around Microsoft’s vision for the security ecosystem and how—together—we’ll help our customers get clarity on security.

“The themes for Microsoft Security 20/20 are vision and clarity. Microsoft is focused on protecting our customers and there is no vision for the future that doesn’t involve security partners. We’re hosting the first Microsoft Security 20/20 partner awards gala to honor security partners that are making an impact through technology development and customer enablement.”
—Rob Lefferts, Corporate Vice President, Microsoft Threat Protection

Better together

I passionately believe that the security ecosystem must work together to realize a future where people, information, and companies are safer. Microsoft Security 20/20 honors partners that have developed and delivered exceptional Microsoft-based solutions and services during the past year that put us on the path toward that vision.

The award categories and finalists were selected by a cross functional group within Microsoft. These finalists were chosen among a global field of top Microsoft partners for demonstrating excellence in innovation, integration, and customer implementation. Winners will be chosen based on a vote from a broad swath of Microsoft Security experts, which includes engineers, marketers, partners, managers, security architects, and more.

This blog would not be complete without showcasing each and every one of these amazing companies and visionary industry leaders, because in a kaleidoscope of security threats and news, these finalists offer an inspiring vision for the future.

ISV Partner of the Year

Software vendors that have shown innovation and the ability to drive revenue.

• F5 Networks
• Barracuda
• Check Point
• Citrix
• Zscaler Winner

Emerging ISV Disruptor

Partners who show growth potential and have innovative emerging capabilities.

• Silverfort
• Onfido
• Hyas
• Extrahop
• AttackIQ Winner

Most Prolific Integration Partner

Partners with numerous integrations across Azure and Microsoft 365 security.

• F5 Networks
• Check Point Winner
• Entrust Datacard
• CyberArk
• Symantec

Customer Impact

Independent software vendors (ISVs) that have driven a significant number of customers wins.

• Barracuda
• F5 Networks Winner
• Trend Micro
• Zscaler
• RSA

Identity Trailblazer

Partners that are driving major identity-related initiatives and educating the market on how to be protect identities.

• Yubico Winner
• Duo
• Feitian
• HID Global
• Thales Group

Security Trailblazer

Partners that are driving major security-related initiatives and educating the market on how to be more secure.

• Swimlane
• ServiceNow Winner
• Tenable
• Workplace from Facebook
• Valimail

Security Workshop Partner of the Year

Service partners that are driving the most high-quality security workshops.

• IT-Dev SP. Z O.O.
• Sulava Oy
• Synergy Advisors, LLC Winner
• Akari Solutions
• Catapult Systems, LLC

Azure Security Deployment Partner of the Year

Service providers that are increasing usage and adoption rates for Azure security products.

• Ascent Solutions, LLC
• Insight Winner
• CyberProof 
• Planet Technologies
• Content and Code

Microsoft 365 Security Deployment Partner of the Year

Service providers that are increasing usage and adoption rates for Microsoft 365 security products.

• Synergy Technical Winner
• Dell
• Atea Global
• pro•duhk•tiv
• Binary Tree Inc.

Security System Integrator of the Year

System Integrators that are working closely with the Cybersecurity Solutions Group to close deals and integrate Microsoft into customers’ environments.

• Edgile Winner
• Optiv
• Insight
• Onevinn
• Wipro

Security Advisory of the Year

Security advisory firms that are building core competencies on top of Microsoft Security solutions and working closely with the Cybersecurity Solutions Group to act as a trusted advisor to Microsoft customers.

• PwC
• KPMG
• EY
• Avanade Winner
• Accenture

Top Managed SOC/MDR

Security operations centers that are supporting the largest customers in the world and building strong intellectual property that layers on top of Microsoft Security solutions.

• Accenture Winner
• Optiv
• Born in the Cloud
• DXC Technology
• CyberProof 

MSSP/TDR Disrupter

Threat, detection, and response experts that are changing the game for managed security services.

• Inspark
• CRITICALSTART
• Infosys Winner
• Trustwave
• Secureworks

Top Github Contributor

With input from the GitHub team, we identified individuals who are going above and beyond to support the open source community with their GitHub contributions.

• Brent Cook (busterb), Rapid7 Winner
• Ricardo van Zutphen (RicoVZ), Hatching International
• Teddy Reed (theopolis), Facebook
• Felipe Costa (zimmerle), Trustwave
• Sergi Alvarez (radare), NowSecure

Industry Changemaker

Individuals who are making a standout contribution to improving the security community.

• Stina Ehrensvard, Yubico Winner
• Parker Crockford, Onfido
• Eva Chen, Trend Micro
• Tracie Martin, DefendCon
• Paula Januszkiewicz, CQURE

Election Security Partner of the Year

Organizations that are effecting change for one of our most critical global security challenges—election security.

• Center for Internet Security (CIS) Winner
• VotingWorks
• Brennan Center for Justice
• Center for Democracy & Technology (CDT)
• Harvard’s Belfer Center’s Defending Digital Democracy Program

Learn more

To learn more about Microsoft Security partners, see our partners page. To find out more about what Microsoft’s up to at RSA Conference 2020, read this blog.

Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

The post Visionary security partners to be honored at the very first Microsoft Security 20/20 event appeared first on Microsoft Security Blog.

It was born out of a desire to be easy to do business with and be a better partner to our security peers—providing a single contact for all products in MISA, which reduces administrative work and serves as a central place for introductions to other engineering teams when you’re ready to build more integrations with Microsoft Security. In the spring of 2018, MISA launched with 26 founding partners, which included pivotal companies like Check Point, Zscaler, and F5. Just a year later, we had more than doubled in size, and as we head into Ignite 2019, the association has grown to 81 members—including new members RSA, eWBM, and ExtraHop.

“RSA is helping organizations secure their digital transformation journeys, addressing the growing number of threats, new digital risks and increasing sophistication of identity attacks in a hyper-connected world. The Microsoft Intelligent Security Association is an extension of our strategic partnership with Microsoft driving the common goal of better, more secure solutions for our customers and partners to enable organizations across the globe to secure their most critical assets.” —Jim Ducharme, Vice President of RSA Identity, Fraud & Risk Intelligence

MISA product updates

Three new products were added to the MISA product integration portfolio: Azure Sentinel, Azure Security Center (ASC), and ASC for IoT Security. The 11 product teams that make up the MISA product portfolio are announcing many product enhancements and partner integrations at Ignite 2019. Here are a few highlights:

Azure Sentinel

Enterprises worldwide can now keep pace with the exponential growth in security data, improve security outcomes and modernize their security operations with Azure Sentinel. As a cloud-native SIEM, Azure Sentinel helps security teams focus on the most important security events and removes the need to invest in infrastructure setup and maintenance. With analytics powered by built-in machine learning and automated playbooks, security teams can quickly detect and respond to previously unknown threats.

Azure Sentinel collects and analyzes security data from all sources across your enterprise—in Azure, on-premises and even other clouds. Azure Sentinel has built-in integrations with a growing list of MISA partners, including new integrations from Zscaler, F5, Barracuda, Citrix, ExtraHop, One Identity, and Trend Micro. These built-in connectors make it easy for the SecOps teams to collect and analyze security data easily while integrating with existing tools and threat intelligence.

Azure Sentinel

Intelligent security analytics for your entire enterprise.

Learn more

Azure Security Center

Azure Security Center is extending its coverage with a new platform for community and partners to support Security Center’s fast growth in the marketplace and meet our customers’ demands around threat protection, cloud security posture, and enterprise-scale deployment and automation. We’re introducing new import and export API’s that will allow partners to share their recommendations into Security Center and get recommendations into their product consoles. Our customers can use Security Center to receive recommendations from Microsoft and solutions from partners such as Check Point, Tenable, and CyberArk.

Security Center’s simple onboarding flow can connect our customer’s existing solutions, enabling them to view their security posture recommendations in a single place, run unified reports and leverage all of Security Center’s capabilities against both built-in and partner recommendations. Our customers can also export Security Center recommendations to partner products.

Furthermore, Security Center is opening its gates for the security community to contribute and improve the policies and configurations used in Security Center. You can now use the Security Center community menu, the central hub of information for additional scripts, content, and community resources.

Azure Active Directory (Azure AD)

To help customers secure their entire application environment, we partnered with network security vendors—such as Akamai, Citrix, F5 Networks and Zscaler—making it simple to connect and protect your legacy-auth based applications. Integrating with these partners makes it possible for you to seamlessly connect with Azure AD without rewriting your applications that use protocols like header-based and Kerberos authentication.

Over the past few years, Microsoft has worked closely with our identity hardware partners to help drive the future of passwordless login by building integrations with the full suite of FIDO2-enabled Microsoft products including Windows 10 with Azure AD and Microsoft Edge with Microsoft Accounts. Today, MISA member Yubico announced the preview of the YubiKey Bio, which brings strong Windows passwordless login using biometrics for Azure AD users. With support for both biometric and PIN-based logins, the YubiKey Bio will leverage the full range of multi-factor authentication (MFA) capabilities outlined in the FIDO2 and WebAuthn standard specifications.

Microsoft Information Protection

Last year at Ignite, we made the Microsoft Information Protection SDK; it allowed our ecosystem of partners to participate in building integrations in a truly cross-platform way. Since then, many members of MISA have released in-market solutions that add to the Microsoft Information Protection value proposition.

Now, you can use Adobe Acrobat DC and Acrobat Reader DC on the Windows and Mac OS desktop to open files protected with Microsoft Information Protection solutions, including Azure Information Protection (AIP) and Information Protection using Office 365. Acrobat Reader DC and Acrobat DC auto-detects a Microsoft Information Protection-protected file and prompts you to download the corresponding plugin. Once you download and install the plugin, the protected files open like any other PDF in Acrobat or Reader after authentication. You can also see the label information applied to PDF using Acrobat Reader DC and Acrobat DC.  Download the Microsoft Information Protection plugin from this Adobe page.

To learn more about the above announcements, check out these Ignite announcement blogs:

• Microsoft announces new innovations in security, compliance, and identity at Ignite
• Further enhancing security from Microsoft, not just for Microsoft
• What’s new in Azure Active Directory at Microsoft Ignite 2019
• Azure Sentinel updates: Improve your security operations with innovations from a cloud-native SIEM
• Microsoft Information Protection integration round up

MISA at Ignite

As security becomes more mainstream, it’s reflected in the content you will see at Ignite. MISA hosted its first members pre-day in conjunction with the inaugural cybersecurity pre-day for Microsoft customers. As part of this event, MISA members shared expert insights and best practices on a range of security topics:

• Forcepoint—Unify Data Protection in a Hybrid IT World
• Morphisec—An ATT&CK Tactic Approach to Measuring Security and Risk
• Palo Alto—SOAR to the Clouds: Tackling Cloud Security in Your SOC
• Lookout—Mobile Threat Landscape in 2019
• Feitian—Go Passwordless with Fingerprint Biometrics for More Security

Microsoft Ignite

Join us online November 4–8, 2019 to livestream keynotes, watch selected sessions on-demand, and more.

Learn more

Learn more

To learn more about MISA, watch this two-minute video or visit the MISA webpage. To learn more about association members, visit the member catalog, or view the integration video playlist.

The post Microsoft Intelligent Security Association grows to more than 80 members appeared first on Microsoft Security Blog.

Together with Zscaler—a Microsoft Intelligent Security Association (MISA) member—we’re focused on providing our joint customers with secure, fast access to the cloud for every user. Since partnering with Zscaler, we’ve delivered several integrations that help our customers better secure their environments, including:

• Azure Active Directory (Azure AD) integration to extend conditional access policies to Zscaler applications to validate user access to cloud-based applications. We also announced support for user provisioning of Zscaler applications to enable automated, policy-based provisioning and deprovisioning of user accounts with Azure AD.
• Microsoft Intune integration that allows IT administrators to provision Zscaler applications to specific Azure AD users or groups within the Intune console and configure connections by using the existing Intune VPN profile workflow.
• Microsoft Cloud App Security integration to discover and manage access to Shadow IT in an organization. Zscaler can be leveraged to send traffic data to Microsoft’s Cloud Access Security Broker (CASB) to assess cloud services against risk and compliance requirements before making access control decisions for the discovered cloud apps.

“We’re excited to see customers use Zscaler and Microsoft solutions together to deliver fast, secure, and direct access to the applications they need. The Technology Partner of the Year Award is a testament of Microsoft’s commitment to helping customers better secure their environments.”
—Punit Minocha, Vice President of Business Development at Zscaler

“The close collaboration between our teams and deep integration across Zscaler and Microsoft solutions help our joint customers be more secure and ensure their users stay productive. We’re pleased to partner with Zscaler and honored to be named Zscaler’s Technology Partner of the Year.”
—Alex Simons, Corporate Vice President of Program Management at Microsoft

We’re thrilled to be Zscaler’s Technology Partner of the Year in the Impact category and look forward to our continued partnership and what Zscaler.

The post Microsoft is awarded Zscaler’s Technology Partner of the Year for 2019 appeared first on Microsoft Security Blog.

For more than 20 years, Microsoft and our antimalware partners have collaborated through MVI to help develop integrated and compatible solutions for Windows. MISA was created as an ecosystem of independent software vendors that have integrated their security solutions to help defend against a world of increasing threats. Our mission is to provide better security for our shared customers by integrating across the security ecosystem to gain more signals, increase visibility, and better protect against threats. That’s why we’re thrilled to welcome members of MVI!

Stopping malware at scale with the power of the cloud

Antivirus and antimalware products have long been the backbone of security solutions. As modern security products evolve, more antimalware providers are taking advantage of the power of the cloud, transforming how we protect, detect, and respond to threats at scale. Antimalware products play a key role in achieving our shared vision of collaboration that reduces security complexity and delivers better protection to customers.

By joining MISA, Microsoft’s antimalware partners will help break down silos and help customers realize the benefit of using solutions from multiple vendors in harmony. This is done by connecting the security ecosystem to gain more signal, increase visibility, and protect against threats.

At the annual MVI Partner Forum in Redmond, Washington, Microsoft reiterated that we’re investing heavily in both security and partnerships throughout the upcoming fiscal year. This includes expanding the size of the association and adding additional member benefits.

As a security provider to 95 percent of the Fortune 500, our customers are diverse and have different needs and configurations. In 2018, we created MISA to build an ecosystem of intelligent security solutions that better defend against a world of increased threats by sharing security signals across the Microsoft security stack. Since its launch, the organization has more than doubled, and we now have 59 members. Most recently, as part of Microsoft’s participation in the FIDO alliance, we welcomed new FIDO2 security key partners Feitian and HID Global. You can read more about these partnerships in this recent blog.

Security ISVs interested in joining MISA can get started by building an integration with of the Microsoft security products included in MISA.

The post Microsoft Intelligent Security Association welcomes members of the Microsoft Virus Initiative appeared first on Microsoft Security Blog.