At Microsoft, we remain steadfast in our commitment to security, which continues to be our top priority. Through our Secure Future Initiative (SFI), we’ve dedicated the equivalent of 34,000 full-time engineers to the effort, making it the largest cybersecurity engineering project in history—driving continuous improvement in our cyber resilience. In our latest update, we share insights into the work we are doing in culture, governance, and cybernorms to promote transparency and better support our customers in this new era of security. For each engineering pillar, we provide details on steps taken to reduce risk and provide guidance so customers can do the same.

Insights gained from SFI help us continue to harden our security posture and product development. At Microsoft Ignite 2024, we are pleased to unveil new security solutions, an industry-leading bug bounty program, and innovations in our AI platform. 

Transforming security with graph-based posture management 

Microsoft’s Security Fellow and Deputy Chief Information Security Office (CISO) John Lambert says, “Defenders think in lists, cyberattackers think in graphs. As long as this is true, attackers win,” referring to cyberattackers’ relentless focus on the relationships between things like identities, files, and devices. Exploiting these relationships helps criminals and spies do more extensive damage beyond the point of intrusion. Poor visibility and understanding of relationships and pathways between entities can limit traditional security solutions to defending in siloes, unable to detect or disrupt advanced persistent threats (APTs).

We are excited to announce the general availability of Microsoft Security Exposure Management. This innovative solution dynamically maps changing relationships between critical assets such as devices, data, identities, and other connections. Powered by our security graph, and now with third-party connectors for Rapid 7, ServiceNow, Qualys, and Tenable in preview, Exposure Management provides customers with a comprehensive, dynamic view of their IT assets and potential cyberattack paths. This empowers security teams to be more proactive with an end-to-end exposure management solution. In the constantly evolving cyberthreat landscape, defenders need tools that can quickly identify signal from noise and help prioritize critical tasks.  

Beyond seeing potential cyberattack paths, Exposure Management also helps security and IT teams measure the effectiveness of their cyber hygiene and security initiatives such as zero trust, cloud security, and more. Currently, customers are using Exposure Management in more than 70,000 cloud tenants to proactively protect critical entities and measure their cybersecurity effectiveness.

Announcing $4 million AI and cloud security bug bounty “Zero Day Quest” 

Born out of our Secure Future Initiative commitments and our belief that security is a team sport, we also announced Zero Day Quest, the industry’s largest public security research event. We have a long history of partnering across the industry to mitigate potential issues before they impact our customers, which also helps us build more secure products by default and by design.  

Every year our bug bounty program pays millions for high-quality security research with over $16 million awarded last year. Zero Day Quest will build on this work with an additional $4 million in potential rewards focused on cloud and AI—— which are areas of highest impact to our customers. We are also committed to collaborating with the security community by providing access to our engineers and AI red teams. The quest starts now and will culminate in an in-person hacking event in 2025.

As part of our ongoing commitment to transparency, we will share the details of the critical bugs once they are fixed so the whole industry can learn from them—after all, security is a team sport. 

New advances for securing AI and new skills for Security Copilot 

AI adoption is rapidly outpacing many other technologies in the digital era. Our generative AI solution, Microsoft Security Copilot, continues to be adopted by security teams to boost productivity and effectiveness. Organizations in every industry, including National Australia Bank, Intesa Sanpaolo, Oregon State University, and Eastman are able to perform security tasks faster and more accurately.² A recent study found that three months after adopting Security Copilot, organizations saw a 30% reduction in their mean time to resolve security incidents. More than 100 partners have integrated with Security Copilot to enrich the insights with ecosystem data. New Copilot skills are now available for IT admins in Microsoft Entra and Microsoft Intune, data security and compliance teams in Microsoft Purview, and security operations teams in the Microsoft Defender product family.   

According to our Security for AI team’s new “Accelerate AI transformation with strong security” white paper, we found that over 95% of organizations surveyed are either already using or developing generative AI, or they plan to do so in the future, with two thirds (66%) choosing to develop multiple AI apps of their own. This fast-paced adoption has led to 37 new AI-related bills passed into law worldwide in 2023, reflecting a growing international effort to address the security, safety, compliance, and transparency challenges posed by AI technologies.³ This underscores the criticality of securing and governing the data that fuels AI. Through Microsoft Defender, our customers have discovered and secured more than 750,000 generative AI app instances and Microsoft Purview has audited more than a billion Copilot interactions.⁴  

Microsoft Purview is already helping thousands of organizations, such as Cummins, KPMG, and Auburn University, with their AI transformation by providing data security and compliance capabilities across Microsoft and third-party applications. Now, we’re announcing new capabilities in Microsoft Purview to discover, protect, and govern data in generative AI applications. Available for preview, new capabilities in Purview include Data Loss Prevention (DLP) for Microsoft 365 Copilot, prevention of data oversharing in AI apps, and detection of risky AI use such as malicious intent, prompt injections, and misuse of protected materials. Additionally, Microsoft Purview now includes Data Security Posture Management (DSPM) that gives customers a single pane of glass to proactively discover data risks, such as sensitive data in user prompts, and receive recommended actions and insights for quick responses during incidents. For more details, read the blog on Tech Community. 

Microsoft continues to innovate on our end-to-end security platform to help defenders make the complex simpler, while staying ahead of cyberthreats and enabling their AI transformation. At the same time, we are continuously improving the safety and security of our cloud services and other technologies, including these recent steps to make Windows 11 more secure. 

Next steps with Microsoft Security

From the advances announced to our daily defense of customers, and the steadfast dedication of Chief Executive Officer (CEO) Satya Nadella and every employee, security remains our top priority at Microsoft as we deliver on our principles of secure by design, secure by default, and secure operations. To learn more about our vision for the future of security, tune in to the Microsoft Ignite keynote. 

Microsoft Ignite 2024

Gain insights to keep your organizations safer with an AI-first, end-to-end cybersecurity approach.

Register now

Are you a regular user of Microsoft Security products? Review your experience on Gartner Peer Insights™ and get a $25 gift card. To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity. 

¹ Microsoft Digital Defense Report 2024.

² Microsoft customer stories:

• National Australia Bank invests in an efficient, cloud-managed future with Windows 11 Enterprise
• Intesa Sanpaolo accrues big cybersecurity dividends with Microsoft Sentinel, Copilot for Security
• Oregon State University protects vital research and sensitive data with Microsoft Sentinel and Microsoft Defender
• Eastman catalyzes cybersecurity defenses with Copilot for Security

³ How countries around the world are trying to regulate artificial intelligence, Theara Coleman, The Week US. July 4, 2023.

⁴ Earnings Release FY25 Q1, Microsoft. October 30, 2024.

The post AI innovations for a more secure future unveiled at Microsoft Ignite appeared first on Microsoft Security Blog.

Across many sessions and demos, we’ll address the top security pain points related to AI and empower you with practical, actionable strategies. Keep reading this blog for a guide of highlighted sessions for security professionals of all levels, whether you’re attending in-person or online.

And be sure to register for the digital experience to explore the Microsoft Security sessions at Microsoft Ignite.

Be among the first to hear top news

Microsoft is bringing together every part of the company in a collective mission to advance cybersecurity protection to help our customers and the security community. We have four powerful advantages to drive security innovation: large-scale data and threat intelligence; end-to-end protection; responsible AI; and tools to secure and govern the use of AI.

Microsoft Chairman and Chief Executive Officer Satya Nadella said in May 2024 that security is the top priority for our company. At the Microsoft Ignite opening keynote on Tuesday, November 19, 2024, Microsoft Security Executive Vice President Charlie Bell and Corporate Vice President (CVP), Microsoft Security Business Vasu Jakkal will join Nadella to discuss Microsoft’s vision for the future of security. Other well-known cybersecurity speakers at Microsoft Ignite include Ann Johnson, CVP and Deputy Chief Information Security Officer (CISO); Joy Chik, President, Identity, and Network Access; Mark Russinovich, Chief Technology Officer and Deputy CISO; and Sherrod DeGrippo, Director of Threat Intelligence Strategy.

For a deeper dive into security product news and demos, join the security general session on Wednesday, November 20, 2024, at 11:00 AM CT. Hear from Vasu Jakkal; Joy Chik; Rob Lefferts, CVP, Microsoft Threat Protection; Herain Oberoi, General Manager, Microsoft Data Security, Privacy, and Compliance; and Michael Wallent, CVP; who will share exciting security innovations to empower you with AI tools designed to help you get ahead of attackers.

These news-breaking sessions are just the start of the value you can gain from attending online.

Benefit from insights designed for your role

While cybersecurity is a shared concern of security professionals, we realize the specific concerns are unique to role. Recognizing this, we developed sessions tailored to what matters most to you.

• CISOs and senior security leaders: If you’ll be with us in Chicago, kick off the conference with the Microsoft Ignite Security Forum on November 18, 2024 from 1 PM CT to 5 PM CT. Join this exclusive pre-day event to hear from Microsoft security experts on threat intelligence insights, our Secure Future Initiative (SFI), and trends in security. Go back to your registration to add this experience on. Also for those in Chicago, be sure to join the Security Leaders Dinner, where you can engage with your peers and provide insights on your greatest challenges and successes. If you’re joining online, gain firsthand access to the latest Microsoft Security announcements. Whether you’re in person or online, don’t miss “Proactive security with continuous exposure management” (BRK324), which will explore how Microsoft Security Exposure Management unifies disparate data silos for visibility of end-to-end attack surface, and “Secure and govern data in Microsoft 365 Copilot and beyond” (BRK321), which will discuss the top concerns of security leaders when it comes to AI and how you can gain the confidence and tools to adopt AI. Plus, learn how to make your organization as diverse as the threats you are defending in “The Power of Diversity: Building a stronger workforce in the era of AI” (BRK330).
• Security analysts and engineers: Join actionable sessions for information you can use immediately. Sessions designed for the security operations center (SOC) include “Microsoft cybersecurity architect lab—Infrastructure security” (LAB454), which will showcase how to best use the Microsoft Secure Score to improve your security posture, and “Simplify your SOC with the unified security operations platform” (BRK310), which will feature a fireside chat with security experts to discuss common security challenges and topics. Plus, learn to be a champion of safe AI adoption in “Scott and Mark learn responsible AI” (BRK329), which will explore the three top risks in large language models and the origins and potential impacts of each of these.
• Developers and IT professionals: We get it—security isn’t your main focus, but it’s increasingly becoming part of your scope. Get answers to your most pressing questions at Microsoft Ignite. Sessions that may interest you include “Secure and govern custom AI built on Azure AI and Copilot Studio” (BRK322), which will dive into how Microsoft can enable data security and compliance controls for custom apps, detect and respond to AI threats, and managed your AI stack vulnerabilities, and “Making Zero Trust real: Top 10 security controls you can implement now” (BRK328), which offers technical guidance to make Zero Trust actionable with 10 top controls to help improve your organization’s security posture. Plus, join “Supercharge endpoint management with Microsoft Copilot in Intune” (THR656) for guidance on unlocking Microsoft Intune’s potential to streamline endpoint management.
• Microsoft partners: We appreciate our partners and have developed sessions aimed at supporting you. These include “Security partner growth: The power of identity with Entra Suite” (BRK332) and “Security partner growth: Help customers modernize security operations” (BRK336).

Attend sessions tailored to addressing your top challenge

When exploring effective cybersecurity strategies, you likely have specific challenges that are motivating your actions, regardless of your role within your organization. We respect that our attendees want a Microsoft Ignite experience tailored to their specific objectives. We’re committed to maximizing your value from attending the event, with Microsoft Security sessions that address the most common cybersecurity challenges.

• Managing complexity: Discover ways to simplify your infrastructure in sessions like “Simpler, smarter, and more secure endpoint management with Intune” (BRK319), which will explore new ways to strengthen your security with Microsoft Intune and AI, and “Break down risk silos and build up code-to-code security posture” (BRK312), which will focus on how defenders can overcome the expansive alphabet soup of security posture tools and gain a unified cloud security posture with Microsoft Defender for Cloud.   
• Increasing efficiency:: Learn how AI can help you overcome talent shortage challenges in sessions like “Secure data across its lifecycle in the era of AI” (BRK318), which will explore Microsoft Purview leveraging Microsoft Security Copilot can help you detect hidden risks, mitigate them, and protect and prevent data loss, and “One goal, many roles: Microsoft Security Copilot: Real-world insights and expert advice” (BRK316), which will share best practices and insider tricks to maximize Copilot’s benefits so you can realize quick value and enhance your security and IT operations.  
• Threat landscape: Navigate effectively through the modern cyberthreat landscape, guided by the insights shared in sessions like “AI-driven ransomware protection at machine speed: Defender for Endpoint” (BRK325), which will share a secret in Microsoft Defender for Endpoint success and how it uses machine learning and threat intelligence, and the theater session “Threat intelligence at machine speed with Microsoft Security Copilot” (THR555), which will showcase how Copilot can be used as a research assistant, analyst, and responder to simplify threat management.
• Regulatory compliance: Increase your confidence in meeting regulatory requirements by attending sessions like “Secure and govern your data estate with Microsoft Purview” (BRK317), which will explore how to secure and govern your data with Microsoft Purview, and “Secure and govern your data with Microsoft Fabric and Purview” (BRK327), which will dive into how Microsoft Purview works together with Microsoft Fabric for a comprehensive approach to secure and govern data.
• Maximizing value: Discover how to maximize the value of your cybersecurity investments during sessions like “Transform your security with GenAI innovations in Security Copilot” (BRK307), which will showcase how Microsoft Security Copilot’s automation capabilities and use cases can elevate your security organization-wide, and “AI-driven ransomware protection at machine speed: Defender for Endpoint” (BRK325), which will dive into the key secret to the success of Defender for Endpoint customers in reducing the risk of ransomware attacks as well maximizing the value of the product’s new features and user interfaces.

Explore cybersecurity tools with product showcases and hands-on training

Learning about Microsoft security capabilities is useful, but there’s nothing like trying out the solutions for yourself. Our in-depth showcases and hands-on trainings give you the chance to explore these capabilities for yourself. Bring a notepad and your laptop and let’s put these tools to work.

• “Secure access at the speed of AI with Copilot in Microsoft Entra” (THR556): Learn how AI with Security Copilot and Microsoft Entra can help you accelerate tasks like troubleshooting, automate cybersecurity insights, and strengthen Zero Trust.  
• “Mastering custom plugins in Microsoft Security Copliot” (THR653): Gain practical knowledge of using Security Copilot’s capabilities during a hands-on session aimed at security and IT professionals ready for advanced customization and integration with existing security tools. 
• “Getting started with Microsoft Sentinel” (LAB452): Get hands-on experience on building detections and queries, configuring your Microsoft Sentinel environment, and performing investigations. 
• “Secure Azure services and workloads with Microsoft Defender for Cloud” (LAB457): Explore how to mitigate security risks with endpoint security, network security, data protection, and posture and vulnerability management. 
• “Evolving from DLP to data security with Microsoft Preview” (THR658): See for yourself how Microsoft Purview Data Loss Prevention (DLP) integrates with insider risk management and information protection to optimize your end-to-end DLP program. 

Network with Microsoft and other industry professionals

While you’ll gain a wealth of insights and learn about our latest product innovations in sessions, our ancillary events offer opportunities to connect and socialize with Microsoft and other security professionals as committed to you to strengthening the industry’s defenses against cyberthreats. That’s worth celebrating!

• Pre-day Forum: All Chicago Microsoft Ignite attendees are welcome to add on to the event with our pre-day sessions on November 18, 2024, from 1 PM CT to 5 PM CT. Topics covered will include threat intelligence, Microsoft’s Secure Future Initiative, AI innovation, and AI security research, and the event will feature a fireside chat with Microsoft partners and customers. The pre-day event is designed for decision-makers from businesses of all sizes to advance your security strategy. If you’re already attending in person, log in to your Microsoft Ignite registration and add on the Microsoft Security Ignite Forum.
• Security Leaders Dinner: We’re hosting an exclusive dinner with leaders of security teams, where you can engage with your peers and provide insights on your greatest challenges and successes. This intimate gathering is designed specifically for CISOs and other senior security leaders to network, share learnings, and discuss what’s happening in cybersecurity.   
• Secure the Night Party: All security professionals are encouraged to celebrate the cybersecurity community with Microsoft from 6 PM CT to 10 PM CT on Wednesday, November 20, 2024. Don’t miss this opportunity to connect with Microsoft Security subject matter experts and peers at our “Secure the Night” party during Microsoft Ignite in Chicago. Enjoy an engaging evening of conversations and experiences while sipping tasty drinks and noshing on heavy appetizers provided by Microsoft. We look forward to welcoming you. Reserve your spot today! 

Something that excites us the most about Microsoft Ignite is the opportunity to meet with cybersecurity professionals dedicated to modern defense. Stop by the Microsoft Security Expert Meetup space to say hello, learn more about capabilities you’ve been curious about, or ask questions about Microsoft’s cybersecurity efforts. 

Hear from our Microsoft Intelligent Security Association partners at Microsoft Ignite

The Microsoft Intelligent Security Association (MISA), comprised of independent software vendors (ISV) and managed security service providers (MSSPs) that have integrated their solutions with Microsoft’s security technology, will be back at Microsoft Ignite 2024.

We kick things off by celebrating our Security Partner of the Year award winners BlueVoyant (Security), Cyclotron (Compliance), and Inspark (Identity) who will join Vasu Jakkal for a fireside chat on “How security strategy is adapting for AI,” during the Microsoft Ignite Security Pre-day Forum. This panel discussion includes insights into trends partners are seeing with customers relating to AI, a view on practical challenges, and scenarios that companies encounter when deploying AI, as well as the expert guidance and best practices that security partners can offer to ensure successful AI integration in security strategies.

MISA is thrilled to welcome small and medium business (SMB) verified solution status to its portfolio. This solution verification highlights technology solutions that are purpose built to meet the needs of small and medium businesses, and the MSSPs who often manage IT and security on behalf of SMBs. MISA members who meet the qualifying criteria and have gone through engineering review, will receive a specialized MISA member badge showcasing the verification and will be featured in the MISA partner catalog. We are excited to launch this status with Blackpoint Cyber and Huntress.

Join MISA members including Blackpoint Cyber and Huntress at the Microsoft Expert Meetup Security area where 14 members will showcase their solutions and Microsoft Security Technology. Review the full schedule below.

We are looking forward to connecting with our customers and partners at the Microsoft Secure the Night Party on Wednesday, November 20, from 6 to 10 PM CT.  This evening event offers a chance to connect with Microsoft Security subject matter experts and MISA partners while enjoying cocktails, great food, and entertainment. A special thank you to our MISA sponsors: Armor, Cayosoft, ContraForce, HID, Lighthouse, Ontinue, and Quorum Cyber.

Register today to attend Microsoft Ignite online

There’s still time to register to participate in Microsoft Ignite online from November 19 to 22, 2024, to catch security-focused breakout sessions, product demos, and participate in interactive Q&A sessions with our experts. No matter how you participate in Microsoft Ignite, you’ll gain insights on how to secure your future with an AI-first, end-to-end cybersecurity approach to keep your organizations safer.

Plus, you can take your security knowledge further at Tech Community Live: Microsoft Security edition on December 3, 2024, to ask all your follow-up questions from Microsoft Ignite. Microsoft Experts will be hosting live Ask Microsoft Anything sessions on topics from Security for AI to Copilot for Security.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

The post Microsoft Ignite: Sessions and demos to improve your security strategy appeared first on Microsoft Security Blog.

The Microsoft Purview team and I are thrilled to showcase the latest innovations in Microsoft Purview and Microsoft Fabric, designed to help customers secure, govern, and manage their complex data estates in the AI era. We’re excited to announce the preview of Microsoft Purview Information Protection, which allows for content restriction in Fabric using sensitivity labels, and Microsoft Purview Data Loss Prevention policies for lakehouses. Additionally, we’re highlighting the recent general availability of the Microsoft Purview Data Governance solution.

Customers are asking for a seamless solution that turns data security, governance, and compliance into a team sport to effectively address the converging trends across 1. scale and sophistication of data threats; 2. increasing regulations; 3. ever-expanding data estate; and 4. acceleration of AI adoption within the business.

Microsoft Purview delivers a comprehensive set of solutions that can help your organization secure, govern, and manage data for compliance and regulatory needs, wherever it lives. As we engage with customers at the Fabric Conference this week, we underscore the pivotal role of security and governance in laying the groundwork for responsible analytics. For businesses all over the world, this comprehensive approach balances the need to secure and protect data from cyberthreats with the need to activate data for business insights and AI.

Integrated with Microsoft Fabric

Microsoft Purview and Microsoft Fabric are committed to delivering a rich integrated experience so customers can seamlessly secure and govern their data estate efficiently to help meet regulatory, compliance, and privacy requirements while ensuring high-quality data for data activation. For Fabric customers, this means you can discover, secure, govern, and manage Fabric items from within Microsoft Purview as a single pane of glass across your heterogeneous data estate.

Microsoft Purview helps you seamlessly discover data assets in OneLake, extend the same Microsoft Purview data security sensitivity labels and policies from Microsoft 365 to Fabric items, and curate your Fabric data assets into a single enterprise data catalog along with other data sources like Azure Databricks, Snowflake, and Google Big Query. And this seamless integration doesn’t require any data movement or duplication, helping you reduce data sprawl and silos.

Seamlessly secure your data

Microsoft Purview Data Security capabilities are already loved and leveraged by customers around the world for their Microsoft 365 data, and with today’s announcements, we are extending this value further to Microsoft Fabric customers. These added investments enhance the Microsoft Purview Data Security capabilities already available for Fabric released in March.

Now in preview, Microsoft Purview Information Protection now includes the ability to restrict access to content based on sensitivity labels for Fabric data, which helps you discover, classify, and protect sensitive information, including the ability to apply sensitivity labels. By extending the sensitivity label support to Fabric data, security admins can now use sensitivity labels to manage who has access to Fabric items with certain labels. For example, a security admin could restrict access to data items with a “financial data” sensitivity label to only users in the finance department.

We are also extending support for Microsoft Purview Data Loss Prevention (Purview DLP) policies for your Fabric items. Purview DLP helps an organization protect sensitive data and reduce the risk of data oversharing by letting organizations define and apply policies. With these new integrations, security admins can now apply Purview DLP policies to Fabric data. As an example, a policy can be set to help detect the upload of sensitive data, like social security numbers to a lakehouse in Fabric. If detected, the policy will trigger an automatic audit activity, which can alert the security admin, and can also surface a custom policy tip to data owners to take action and remedy the non-compliance with the policy.

Learn more about Microsoft Purview Data Security integrations in Fabric.

Confidently activate your data

Microsoft Purview’s new data governance experience was made generally available on September 1, 2024. This newly reimagined solution is purpose-built for federated data governance and offers a business-friendly experience, AI-powered experiences for dramatic efficiencies, and all the key ingredients you’d expect, including catalog curation, data quality management, actionable insights, rich user experiences, and integration with third-party data management solutions—helping organizations to confidently activate their data for analytics and AI.

Microsoft Fabric customers can complement the governance capabilities in Fabric for a single-pane-of-glass experience in Microsoft Purview for data catalog curation, data user access, data quality management, health controls, and actionable insights for Fabric items and for data assets across your heterogeneous data environment.

A complete solution for the modern data governance practice

Data Catalog management offers a business-friendly experience and terms, making it easy to logically build a data catalog for your unique business needs while built-in AI serves up recommendations based on your active metadata. Data owners and data stewards can easily participate across data curation and management, responsible data access, and impact analysis—easily combining data assets from the heterogenous data estate (for example: Fabric, Databricks, Snowflake, and Google). Data users can seamlessly and securely request access to data assets for use in insights, analysis, development, and AI.

Data Health management offers a rich experience across data quality capabilities, actionable insights, and health reports, which help organizations to assess and action the quality of their governed data estate—making it easy and efficient to support a strong healthy data governance posture. With complete data quality capabilities, you can apply built-in rules and AI-generated rules that are applied and translate into data quality scores and actions across your data assets, data products, and governance domains, helping you to more effectively manage and improve your data governance posture. Data Health controls enable data stewards and chief data officers to assess the health of their data estate through the lens of industry-recognized standards and controls. While the control rules are established at a global level, execution is delegated to individual governance domains, allowing for the application of broad standards while meeting the specific needs of various groups within the organization.

Purpose-built integration with industry-leading master data management and data modeling solutions extend the value of Microsoft Purview further and help customers maximize their existing data management investments.

• CluedIn brings native master data management and Data Quality functionality to Microsoft Fabric, Microsoft Purview, and the Azure stack. Learn more about CluedIn. 
• Profisee Master Data Management is a complimentary and necessary piece of your data governance strategy. Learn more about Profisee. 
• Semarchy combines master data management, data intelligence, and data integration into a singular application in any environment. Learn more about Semarchy.  
• RELTIO’s AI-powered data unification and management solutions unify data from disparate sources, delivering a single source of truth. Learn more about RELTIO.
• ER/Studio (an Idera company) delivers advanced data modeling and metadata management to help organizations improve their data posture. Learn more about ER/Studio.

The general availability release also delivered new data governance capability not previously available during preview. Some of these new capabilities include: customers can now delete business concepts, more easily manage data access through the data catalog admin settings, view data product access request workflows, browse an enterprise glossary to better understand terms, and apply the Data Quality capabilities to Azure Synapse, Databricks Unity Catalog, Fabric Lakehouse, Google Big Query (preview), and Snowflake. Check out the complete list of new capabilities in Microsoft Purview Data Governance.

Learn more about Microsoft Purview

• Try Microsoft Purview today.
• Watch the webinar The CDO Dilemma.
• Visit the Microsoft Purview website.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Activate your data responsibly in the era of AI with Microsoft Purview appeared first on Microsoft Security Blog.

Join us for Microsoft Ignite 2024 from Monday, November 18, 2024, through Friday, November 22, 2024, in Chicago, Illinois, to find out how to secure and govern AI and create a security-first culture with end-to-end security. Listen and learn from Microsoft security leaders and network with fellow security professionals, partners, and tech enthusiasts. Security professionals of all levels can join interactive labs, workshops, keynotes, technical breakout sessions, demos, and more, led by Microsoft security leaders and experts. It’s our opportunity to share and showcase our latest security product innovations with you, and then dive into the technical details together—so the information you learn at Microsoft Ignite can have an immediate benefit to your digital environments and your customers.

Although all in-person passes are sold out, there’s still time to register to attend Microsoft Ignite online from Tuesday, November 19, 2024, through Thursday, November 21, 2024. By joining us online, you’ll have the flexibility to attend more than 40 security sessions and demos that fit your schedule, access on-demand content, and participate in interactive question and answer sessions with our experts. Register now for an online pass to join us!

Microsoft Ignite 2024

Discover solutions that help modernize and manage intelligent apps, safeguard data, and accelerate productivity, while connecting with partners and growing your community or business.

Register now

Microsoft Security at Microsoft Ignite: An expanded experience

We’re excited to welcome back security leaders and other security professionals to Microsoft Ignite. At Microsoft Ignite, our content is designed to help security professionals secure their environments, use all their Microsoft products and resources safely and securely, and make sure the processes in their organizations prioritize security first. Last year, when customers asked for more security content, we delivered—and we received great feedback. So this year we’re planning even more, with a focus on our continuing commitment to securing our technology and our customers.

Starting a day before the conference, Monday, November 18, 2024, we are hosting the new Microsoft Ignite Security Forum. This exclusive pre-day event is designed for security leaders who are primarily accountable for securing their organizations. The Microsoft Ignite Security Forum is for businesses of all sizes to hear from Microsoft security experts on threat intelligence insights, learnings, and trends in security. It’s also a good opportunity for customers to take a “peek behind the curtain” with in-depth discussions about cybersecurity and information about our Secure Future Initiative (SFI). Attend the Microsoft Ignite Security Forum to discover how you can advance cybersecurity protection and stay ahead of today’s aggressive cyberthreats. Register for Microsoft Ignite today and add on the Microsoft Ignite Security Forum.

From Tuesday, November 19, 2024, through Friday, November 22, 2024, at Microsoft Ignite 2024, Microsoft Security is excited to share how we bring together every part of the company to drive security innovation: our large-scale data and threat intelligence, complete end-to-end protection, responsible AI, and tools to secure and govern the use of AI in your organizations.

By joining us online, you’ll have the flexibility to attend sessions that fit your schedule, access on-demand content, and participate in interactive Q&A sessions with our experts. Plus, you’ll gain AI-specific cybersecurity skills that will make you an invaluable asset to your organization. 

• Find out how to maximize complete end-to-end security to secure and govern AI.
• Learn how our global-scale threat intelligence informs the products you use daily.
• Hear from Microsoft Security product innovators like Vasu Jakkal (Corporate Vice President, Security, Compliance, Identity, and Management) and Charlie Bell (Executive Vice President, Microsoft Security).
• See products in action during sessions, demos, interactive labs, and workshops.
• Network with fellow security leaders, partners, and technical enthusiasts.

See an overview of the Microsoft Security experience at Microsoft Ignite.

Who is the security experience for?

At Microsoft Ignite, we cater to a diverse audience of security decision makers, security practitioners, developers, and IT professionals, ensuring that each group finds valuable, tailored content to meet their specific needs. Whether you’re a leader looking for strategic insights or a hands-on developer seeking technical guidance, our sessions, demos, interactive labs, and workshops are designed to equip you with the knowledge and tools necessary for securing your environment.

Here’s what we have for you:

• Security decision makers can expect both strategic and actionable technical information at Microsoft Ignite for your leadership and your team. We’ll have content to help you build strategies to secure your environment. We’ll also help you articulate and demonstrate security needs to your senior leadership or board members. And then, we’ll support you with the tactical information you need to execute those plans.
• For privacy, identity, compliance, security operations center (SOC) analysts, and more, Microsoft Ignite will have sessions dedicated to upskilling, certifications, and deeper understanding of Microsoft technologies and solutions—so your knowledge and opportunities both deepen and grow. Looking to boost your skills? Sign up for in-depth security training and hands-on labs offered at the Microsoft Ignite Pre-day on November 18, 2024, that will help improve your organization’s security posture, strengthen team expertise, and outpace bad actors.
• For developers, we’re building specific technical content on how to use your Microsoft security solutions for complete end-to-end-protection, an essential for AI readiness. Need security 101 learning? The hands-on labs offered at Microsoft Ignite Pre-day on November 18, 2024, are for you too. We’ll also share how to create and operate AI applications safely and securely—at scale—with tools to secure and govern your use of AI.
• For partners, the previously separate Microsoft Inspire event is now an integrated part of Microsoft Ignite this year, bringing our entire community closer together, and helping partners understand how they can leverage Microsoft technologies and bring solutions to life for so many of our customers.

For the entire community, we have several celebrations planned to help maximize your opportunities to network and socialize, including our Secure the Night party, the event-wide Microsoft Ignite celebration, and more.

Register now for Microsoft Ignite 2024

You won’t want to miss the opportunity to participate and learn with the global community of technical and security professionals online, November 19 to 21, 2024. Select “Digital Attendee” on the registration page to save your spot for the Microsoft Ignite 2024 online experience today.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Prioritizing security above all else, Microsoft Official Blog. May 3, 2024.

The post Join us at Microsoft Ignite 2024 and learn to build a security-first culture with AI appeared first on Microsoft Security Blog.

Beginning with stops in Latin America, the free, one-day AI Tour events will move to several cities in Europe, North America, Asia, India, Africa, and the United States. Find a Microsoft AI Tour event in a city near you.

Upcoming AI Tour Stops with Microsoft Security   

Microsoft AI Tour

Join experts, industry leaders, and peers to explore the ways AI can drive growth and create lasting value at this free, one-day event in a city near you.

Learn more

Turn AI vision into transformative impact

The Microsoft AI Tour showcases our commitment to answering the overwhelming call to alleviate AI confusion and organizational inertia. AI holds enormous potential to elevate human efficiency, but it also presents new challenges. It’s easier to rise above these—and realize the great advantage of AI usage—if your security and IT teams are equipped with the right tools and strategies. This includes advancing cybersecurity protections—including global threat intelligence, complete end-to-end protection, security and governance tools, and industry-leading responsible AI—that free organizations to implement AI securely.

Taking place in more than 60 countries, the Microsoft AI Tour will address cybersecurity as it’s critically important for those eager to implement AI. Security concerns about integrating generative AI tools with their existing technologies cause organizations to hesitate in AI adoption. Recognizing this, Microsoft empowers organizations to safely and securely adopt AI at every maturity level.

At the Microsoft AI Tour, we’ll showcase how Microsoft Copilot for Security lets you protect at the speed and scale of AI. The tour stops will include welcoming remarks from a Microsoft senior executive—and Microsoft leaders such as Chairman and Chief Executive Officer Satya Nadella and Executive Vice President and Chief Commercial Officer Judson Althoff at some event locations.

Attend an AI Tour event near you and build your own schedule from dozens of sessions that cover everything from practical strategies for implementing AI, steps to ensure your AI implementation is driving business value, and security in the era of AI.

Start your Microsoft AI Tour stop early with Microsoft Security

At select AI Tour stops, Microsoft Security will host a Discovery Day or CISO Roundtable the day before the event. These security-only gatherings are a chance for you to engage directly with our leaders on your cybersecurity challenges and how Microsoft Security can help you.

The highlights from Discovery Day or CISO Roundtable include:

• An interactive presentation by a Microsoft executive to inspire your cybersecurity initiatives.
• Product demos showcasing the latest Microsoft Security innovations.
• Small group discussions on cybersecurity trends.

Look for invitations in your inbox from your local Microsoft representative to these exclusive events.

Reserve your spot at the Microsoft AI Tour

AI is creating opportunities and challenges for organizations but there are strategies, tools, and solutions to address cybersecurity challenges. The Microsoft AI Tour will give insights you need to increase your confidence as you tap AI’s potential and greater peace of mind that you do so safely. Visit the Microsoft AI Tour website to register.

Learn more

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Microsoft AI Tour: Hear the latest product innovations to elevate your security strategy appeared first on Microsoft Security Blog.

This is why a proactive and integrated Zero Trust approach is needed more than ever. A Zero Trust approach considers all activity as suspect, and relies on three foundational principles: verify explicitly, ensure least privilege access, and assume breach. It’s especially effective when an end-to-end security approach is applied to Zero Trust, protecting identities, endpoints, apps, infrastructure, networks, and data consistently across the entire organization’s environment. To learn more about how our new capabilities in identity and network access and security operations make it easier to implement Zero Trust across your entire environment, register for “Zero Trust in the Age of AI” and bring your questions to the livestream at 10:00 AM PT on July 31, 2024.

Microsoft is committed to security above all else² and dedicated to the principles of Zero Trust. We’ll continue to innovate new capabilities for our end-to-end security that combine effectively with these solid principles. We’ll explore the value of these new capabilities at our “Zero Trust in the Age of AI” spotlight at 10:00 AM PT on July 31, 2024. Led by Corporate Vice President of Microsoft Security Vasu Jakkal, the online event will include:

• A keynote exploring why an end-to-end approach centered around a Zero Trust strategy is crucial in addressing future security challenges.
• A demo of the latest product innovations, walking you through how a strong Zero Trust strategy can thwart a breach attempt at machine speed with Microsoft’s unified security operations platform, and how the new Microsoft Entra Suite helps protect every access point to any resource, from anywhere.
• A panel discussion with Gary McLellan, Head of Engineering Frameworks and Core Mobile Apps at Virgin Money, and Carlos Rivera, Senior Analyst at Forrester, on practical ways to take your Zero Trust strategy to the next level.    

Zero Trust in the age of AI

Watch our on-demand webinar to learn how to simplify your Zero Trust strategy with the latest end-to-end security innovations.

Watch the webinar

Simplifying Zero Trust implementation

With the recent general availability of the Microsoft Entra Suite and the Microsoft unified security operations platform, Microsoft is reaffirming our commitment to Zero Trust. We believe Forrester has acknowledged this commitment by naming Microsoft as a leader in the 2023 Zero Trust Platform Providers Wave™, recognizing our advocacy of Zero Trust in our products and supporting services as well as giving us the highest scores possible in the innovation and vision criteria.

The Microsoft Entra Suite is the industry’s most comprehensive Zero Trust user access solution for the workforce while our unified security operations platform offers unified threat protection and posture management. This combination of products simplifies the implementation of Zero Trust architecture.

For a technical deep dive on the new Microsoft Entra Suite, join us on August 14, 2024, for the Microsoft Entra Suite Tech Accelerator, part of an ongoing virtual program aimed at expanding attendees’ technical knowledge of Microsoft products and connect them with industry peers.

We’re looking forward to seeing you at the “Zero Trust in the Age of AI” spotlight at 10 AM PT on July 31, 2024! Register today!

Learn more

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Cybercrime Expected To Skyrocket in Coming Years, Statista. February 22, 2024.

²Expanding Microsoft’s Secure Future Initiative (SFI), Charlie Bell. May 3, 2024.

The post Zero Trust in the Age of AI: Join our online event to learn how to strengthen your security posture appeared first on Microsoft Security Blog.

Also at Black Hat, our Microsoft AI Red Team will be onsite holding training sessions, briefings, and panel discussions. And today, we’re releasing a white paper to demonstrate the impact of red teaming in practice when incorporated in the AI development life cycle. The paper details our innovative “Break-Fix” approach to red teaming AI systems and our close collaboration with Microsoft’s Phi-3 team, which allowed us to reduce the harms by 75% in Microsoft’s state-of-the-art small language models.¹   

As a proud sponsor of the inaugural AI Summit at Black Hat, we’re further investing in the community by sharing our learnings in both AI for Security and Securing AI. We’ll be participating in a panel discussion titled “Balancing Security and Innovation—Risks and Rewards in AI-Driven Cybersecurity,” where we’ll debate the trade-offs between innovation in AI and security risks and share strategies to foster innovation while maintaining robust security postures.  

There’s also a sponsored session titled “Moonstone Sleet: A Deep Dive into their TTPs,” presented by Greg Schloemer, Threat Intelligence Analyst at Microsoft, that takes a deep dive into cyber threat actors associated with the Democratic People’s Republic of Korea (DPRK), as well as educational and engaging theater sessions in our Microsoft booth #1240. With a ton of critical security content to catch—all detailed below—we hope you’ll make time to connect with us at Black Hat 2024. 

Plan your schedule with our standout sessions  

Join us for core Black Hat sessions, submitted for consideration by Microsoft subject matter experts and selected by the Black Hat content committee to be included in its main agenda.  

Stop by our booth (1240) to connect with Microsoft security experts  

At Black Hat 2024, Microsoft Security is here with security leaders and resources that include:   

• Threat researchers and security experts from Microsoft Security, here to connect with the community and share insights.  
• Live demos of Microsoft Copilot for Security, informed by the 78 trillion signals Microsoft processes daily, to help security pros be up to 22% faster. ²
• Theater presentations of Microsoft’s unified security operations experience, which brings together extended detection and response (XDR) and security information and event management (SIEM), so you get full visibility into cyberthreats across your multicloud, multiplatform environment.  
• Hands-on experience with Microsoft Security solutions to help you adopt AI safely.  

Connect with Microsoft leaders and representatives to learn about our AI-first end-to-end security for all. Additionally, you’ll be able to view multiple demonstrations on a wide range of topics including threat protection, securing AI, multicloud security, Copilot for Security, data security, and advanced identity. You’ll also be able to connect with our Microsoft Intelligent Security Association (MISA) partners during your visit—the top experts from across the cybersecurity industry with the shared goal of improving customer security worldwide. And if you have specific questions to ask, sign up for a one-on-one chat with Microsoft Security leaders. 

Partner presence at the Microsoft booth

At the Theater in the Microsoft booth, watch our series of presentations and panels featuring Microsoft Threat Intelligence Center (MSTIC) experts and Microsoft Researchers. Half of the sessions will be presented by the MSTIC Team. The Microsoft booth will also feature sessions from select partners from the Microsoft Intelligent Security Association (MISA). MISA is an ecosystem of leading Security companies that have integrated their solutions with Microsoft Security technology with a goal of protecting our mutual customers from cybersecurity threats. Seven partners will showcase their solutions at our MISA demo station and five partners will be presenting their solutions in our mini-theater. We would love to see you there. Click here to view our full theater session schedule. 

Reserve your spot at the Microsoft Security VIP Mixer  

The event will be co-hosted by Ann Johnson, Corporate Vice President and Deputy CISO of Microsoft Security, and Aarti Borkar, Vice President of Microsoft Security, Customer Success and Microsoft Incident Response, and, we are thrilled to have five MISA partners—Avertium, BlueVoyant, NCC Group, Trustwave, and Quorum Cyber—sponsoring our Microsoft Security VIP Mixer. The mixer is a great time to connect and network with fellow industry experts, and grab a copy of Security Mixology, a threat intelligence-themed cocktail and appetizer cookbook—you’ll be able to meet some of the contributors! Drinks and appetizers will be provided. Reserve your spot to join us at this exclusive event.

Don’t miss the AI Summit at Black Hat  

On Tuesday, August 6, 2024, from 11:10 AM PT to 11:50 AM PT, we’ll be part of a panel discussion titled “Balancing Security and Innovation—Risks and Rewards in AI-Driven Cybersecurity.” Microsoft is honored to be a VisionAIre sponsor for this event. Brandon Dixon, Partner Product Manager, Security AI Strategy will debate the trade-offs between innovation in AI and security risks, share strategies to foster innovation while maintaining robust security, and more. Note: The AI Summit is a separate, one-day event featuring technical experts, industry leaders, and security tsars, designed to give attendees a comprehensive understanding of the potential risks, challenges, and opportunities associated with AI and cybersecurity.  

Microsoft’s Most Valuable Researchers 

Security researchers are a critical part of the defender community, on the front lines of security response evolution, working to protect customers and the broader ecosystem. On Thursday, August 8, 2024, we’ll host our invite-only Microsoft Researcher Celebration. And on August 6, 2024, Microsoft Security Response Center (MSRC) will announce the annual top 100 Most Valuable Researchers (MVRs) who help protect our customers through surfacing and reporting security vulnerabilities under Coordinated Vulnerability Disclosure (CVD). Follow @msftsecresponse on X and Microsoft Security Response Center on LinkedIn for the MVR reveal. 

Secure your future with Microsoft global-scale threat intelligence  

In the hands of security professionals and teams, AI can deliver the greatest advantage to organizations of every size, across every industry, tipping the scales in favor of defenders. Microsoft is bringing together every part of the company in a collective mission to advance cybersecurity protection to help our customers and the security community. We offer four powerful advantages to drive security innovation: large-scale data and threat intelligence; the most complete end-to-end protection; industry leading, responsible AI; and the best tools to secure and govern the use of AI. Together we can propel innovation and create a safer world. We’re excited to share the latest product news and Microsoft Security innovations during Black Hat 2024 and we hope to see you there.  

Join us at the Microsoft Security VIP Mixer

Don’t miss this opportunity to connect with Microsoft Security experts and fellow industry leaders—and pick up your copy of Security Mixology!

Register now

For more threat intelligence guidance and insights from Microsoft security experts, visit Security Insider. 

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity. 

Sources:

¹Phi-3 Technical Report: A Highly Capable Language Model Locally on Your Phone, Microsoft. April 2024.

²Microsoft Copilot for Security is generally available on April 1, 2024, with new capabilities, Vasu Jakkal. March 13, 2024.

The post Connect with Microsoft Security at Black Hat USA 2024​​ appeared first on Microsoft Security Blog.

Alongside applauding our partners’ achievements, we highlighted the transformative impact of AI in security. AI is the defining technology of our time, revolutionizing how we anticipate, prevent, and respond to threats. MISA—a coalition of Microsoft leaders and subject matter experts, independent software vendors (ISVs), and managed security service providers (MSSPs)—and its members play a pivotal role in driving this evolution, ensuring a safer digital future for everyone.

Together, we work to defend organizations around the world from increasing cyberthreats. In San Francisco, California, on May 6, 2024, the first day of RSA Conference 2024 (RSAC), we were honored to bring together MISA members and Microsoft Security leadership to honor the top finalists and announce award winners.

“I’m so pleased to congratulate this year’s Microsoft Security Excellence awards recipients and to acknowledge all those who were nominated,” said Vasu Jakkal, Corporate Vice President, Microsoft Security Business. “Our partner community plays such an important role in helping our customers navigate a rapidly evolving cybersecurity landscape. Each of this year’s recipients demonstrates true innovation and an inspiring dedication to the mission of security. We are so proud to work alongside them in a shared commitment to building a safer world for everyone.”

Celebrating innovation and impact

This year we streamlined the award categories to spotlight the achievements that not only redefine our industry but also significantly advance our collective mission towards a more secure and efficient digital future.

We also introduced a new award category: the Endpoint Management Trailblazer, which celebrates partners’ contributions to modernizing endpoint and device management. As the landscape of cyberthreats continues to evolve, the security perimeter of organizations extends beyond traditional boundaries, making endpoint management more critical than ever.

Effective endpoint and device management ensures that every device connected to an organization’s network is continuously monitored and secured, reducing the risk of breaches. This not only includes safeguarding the devices themselves but also involves managing access to networks and data in a way that keeps up with the dynamic nature of cyberthreats.

By spotlighting our partners who excel in this area, we aim to underscore the importance of adopting forward-thinking security measures that align with the modern workplace’s needs, ultimately fostering a safer and more resilient digital environment for businesses and their stakeholders.

Meet the leaders behind this year’s awards

Executives from across Microsoft came together to recognize and celebrate all the award winner finalists and winners, including:

Security Trailblazer: Alym Rayani, Vice President Security GTM.

Compliance and Privacy Trailblazer: Herain Oberoi, General Manager, Data Security, Governance, Compliance, and Privacy.

Identity Trailblazer: Irina Nechaeva, General Manager, Identity and Network Access; and Morgan Webb, Principle Group Manager, Security Customer Experience Engineering.

Endpoint Management Trailblazer: Dilip Radhakrishnan, General Manager, Microsoft Intune.

Security Customer Champion: Jeffrey York, Vice President, Security Partner Investments and Incentives.

Security Changemaker: Ann Choi, General Manager, Commercial Cloud Partner Strategy.

Diversity in Security: Tara Knapp, Director, Security Business Development; and Tara Ragan, Channel Strategy and Operations Manager, Lighthouse.

Security MSSP of the Year: Vasu Jakkal, Corporate Vice President, Microsoft Security Business.

Security ISV of the Year: Vasu Jakkal, Corporate Vice President, Microsoft Security Business.

2024 Security Excellence Award winners

In line with this year’s theme focused on the evolution of cybersecurity, we’re proud to spotlight the key role of innovative technology and dedicated individuals in shaping a more secure future. After receiving many impressive award nominations, our review panel shortlisted five nominees for each category, with winners determined by votes from Microsoft and MISA members. The finalists and winners in each category are:

Security Trailblazer 

Partners that have delivered innovative solutions or services that leverage the full Microsoft range of security products and have proven to be outstanding leaders in accelerating customers’ efforts to mitigate cybersecurity threats.

• Bulletproof—Winner
• Atech Cloud
• BlueVoyant
• Kovrr
• Performanta

Compliance and Privacy Trailblazer

Partners that deliver innovative solutions or services and are distinguished leaders in driving holistic or end-to-end Microsoft compliance or privacy strategy with customers.

• Lighthouse—Winner
• archTIS
• Infotechtion
• PwC
• Secude

Identity Trailblazer

Partners that are leaders in the identity space, have driven identity-related initiatives, and delivered innovative solutions or services with Microsoft Entra ID.

• Thales—Winner
• InSpark
• Oxford Computer Group
• Valence Security
• Wipro

Endpoint Management Trailblazer

Partners that have proven expertise in helping customers modernize their endpoint and device management posture while enabling organizations to reduce costs.

• water IT Security—Winner
• CGI
• Insight
• Senserva
• Synergy Advisors

Security Customer Champion

Partners that go above and beyond to drive customer impact and that have a proven track record of customer obsession and success.

• Ascent Solutions—Winner
• Protiviti
• PwC
• Quorum Cyber
• Tanium

Security Changemaker

Individuals within partner organizations who have made a remarkable security contribution to the company or the larger security community.

• Anna Webb, Kocho—Winner
• Adrianna Chen, D3 Security
• Ricardo Nicolini, Bulletproof
• Scott Edwards, Summit 7
• Tom Boltman, Kovrr

Diversity in Security

Partners that have demonstrated a significant commitment to enhancing diversity, equity, and inclusion to better serve security customers and foster change in the industry.

• Avanade—Winner
• Check Point
• CyberProof a UST Company
• Entrust
• Eviden

Security MSSP of the Year  

MSSPs that are all-around powerhouses with strong integration between Microsoft products and ongoing managed security services that drive the end-to-end Microsoft Security stack to our mutual customers.       

• Wortell—Winner
• Difenda
• glueckkanja AG
• Quorum Cyber
• Transparity

Security ISV of the Year

ISVs that are all-around powerhouses, show growth potential, and have innovative security solutions that integrate with a MISA-qualifying security product.

• ContraForce—Winner
• Kovrr
• Netskope
• Senserva
• Silverfort

We’re ready for what’s next 

This was an amazing evening, bringing together MISA members, Microsoft executives, and future security experts. Many thanks to all who came, and congratulations again to all our finalists and winners. One constant within the ever-changing world of cybersecurity is the way our community comes together to protect and empower customers. We look forward to seeing everything you accomplish in the upcoming year. 

If you’re at RSA Conference May 6-9, 2024, come and visit us at the Microsoft Booth 6044 North Expo where MISA members will be showcasing their solutions at our MISA demo station and the Microsoft Theater. We’d love to see you at the following Theater sessions: 

• ContraForce and Bulletproof—Hyperautomation for SecOps Service Management. Tuesday, May 7, 2024, 5:00 PM PT to 5:20 PM PT.
• glueckkanja AG—Use Microsoft Copilot for Security to bring context to your incidents. Tuesday, May 7, 2024, 5:30 PM PT to 5:50 PM PT.  
• Kovrr—The need for Shift Up Strategy: Financially Quantifying C-Suite Cyber Risk Management Decisions. Wednesday, May 8, 2024, 5:00 PM PT to 5:20 PM PT. 
• Darktrace—Combining the power of Darktrace & Microsoft Copilot for Security to Empower the Modern SOC. Wednesday, May 8, 2024, 5:30 PM PT to 5:50 PM PT.
• Avanade—Real world stories of using Microsoft Purview Data Protection to enable responsible adoption of Copilot for Microsoft 365. ​Thursday May 9, 2024, 10:30 AM PT to 10:50 AM PT. 

Learn more

Learn more about the Microsoft Intelligent Security Association.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Microsoft announces the 2024 Microsoft Security Excellence Awards winners appeared first on Microsoft Security Blog.

Security is our top priority at Microsoft—above all else—and our expanded Secure Future Initiative underscores our company-wide commitment to making the world a safer place for everyone. I am proud that Microsoft is prioritizing security in the age of AI as we continue to innovate with a security-first mindset. 

Today, new capabilities are now available in Microsoft Defender and Microsoft Purview to help organizations secure and govern generative AI applications at work. These releases deliver purpose-built policy tools and better visibility to help you secure and govern generative AI apps and their data. We are also delivering a new unified experience for the security analyst and integrating Microsoft Copilot for Security across our security product portfolio.  

You’ll be able to see firsthand these innovations and more across the Microsoft Security portfolio at RSA Conference (RSAC). I also hope you will also join me on Tuesday, May 7, 2024, for “Securing AI: What We’ve Learned and What Comes Next,” to explore the strategies that every organization can implement to securely design, deploy, and govern AI.

Secure your AI transformation with Microsoft Security

Wherever your organization is in your AI transformation, you will need comprehensive security controls to secure govern your AI applications and data throughout their lifecycle—development, deployment, and runtime.  

With the new capabilities announced today, Microsoft becomes the first security provider to deliver end-to-end AI security posture management, threat protection, data security, and governance for AI.

Discover new AI attack surfaces, strengthen your AI security posture, and protect AI apps against threats with Microsoft Defender for Cloud. Now security teams can identify their entire AI infrastructure—such as plugins, SDKs, and other AI technologies—with AI security posture management capabilities across platforms like Microsoft Azure OpenAI Service, Azure Machine Learning, and Amazon Bedrock. You can continuously identify risks, map attack paths, and use built-in security best practices to prevent direct and indirect attacks on AI applications, from development to runtime.

Integrated with Microsoft Azure AI services, including Microsoft Azure AI Content Safety and Azure OpenAI, Defender for Cloud will continuously monitor AI applications for anomalous activity, correlate findings, and enrich security alerts with supporting evidence. Defender for Cloud is the first cloud-native application protection platform (CNAPP) to deliver threat protection for AI workloads at runtime, providing security operations center (SOC) analysts with new detections that alert to malicious activity and active threats, such as jailbreak attacks, credential theft, and sensitive data leakage. Additionally, SOC analysts will be able facilitate incident response with native integration of these signals into Microsoft Defender XDR.

Identify and mitigate data security and data compliance risks with Microsoft Purview. Give your security teams greater visibility into and understanding of which AI applications are being used and how to help you safeguard your data effectively in the age of AI. The Microsoft Purview AI Hub, now in preview, delivers insights such as sensitive data shared with AI applications, total number of users interacting with AI apps and their associated risk level, and more. To prevent potential oversharing of sensitive data, new insights help organizations identify unlabeled files that Copilot references and prioritize mitigation of oversharing risks. Additionally, we are excited to announce the preview of non-compliant usage insights in the AI Hub to help customers discover potential AI interactions that violate enterprise and regulatory policies in areas like hate and discrimination, corporate sabotage, money laundering, and more.

Govern AI usage to comply with regulatory policies with new AI compliance assessments in Microsoft Purview. We understand how important it is to comply with regulations, and how complicated it can be when deploying new technology. Four new Compliance Manager assessment templates, now in preview, are available to help you assess, implement, and strengthen compliance with AI regulations and standards, including EU AI Act, NIST AI RMF, ISO/IEC 23894:2023, and ISO/IEC 42001. The new assessment insights will also be surfaced within the Purview AI Hub, providing recommended actions to support compliance as you onboard and deploy AI solutions.

Together we can help everyone pursue the benefits of AI, by thoughtfully addressing the new risks. The new capabilities in Microsoft Defender for Cloud and Microsoft Purview, which build on top of the innovations we shared at Microsoft Ignite 2023 and Microsoft Secure 2024, are important advancements in empowering security teams to discover, protect, and govern AI—whether you’re adopting software as a service (SaaS) AI solutions or building your own.

Read more about all of the new capabilities and features that help you secure and govern AI.

Strengthening end-to-end security with a unified security operations platform

We continue investing in our long-standing commitment to providing you with the most complete end-to-end protection for your entire digital estate. There is an immediate need for tool consolidation and AI to gain the speed and scale required to defend against these new digital threats. Microsoft integrates all of the foundational SOC tools—cloud-native security information and event management (SIEM), comprehensive native extended detection and response (XDR), unified security posture management, and generative AI—to deliver true end-to-end threat protection in a single platform, with a common data model, and a unified analyst experience.  

The new unified security operations platform experience, in preview, transforms the real-world analyst experience with a simple, approachable user experience that brings together all the security signals and threat intelligence currently stuck in other tools. Analysts will have more context at every stage, with helpful recommendations and suggestions for automation that make investigation and response easier than ever before. We are also introducing new features across Microsoft Sentinel and Defender XDR, including global search, custom detections, and automation rules.

We are also pleased to announce a number of additional new features and capabilities that will empower your security operations center (SOC) to work across Microsoft security products for stronger end-to-end security.

• Microsoft Security Exposure Management initiatives help your security team identify risky exposures and instances of insufficient implementation of essential security controls, to find opportunities for improvement.
• SOC analysts can now use insider risk information as part of their investigation in Microsoft Defender XDR.
• Microsoft Defender XDR expands to include native operational technology (OT) protection, enabling automatic correlation of OT threat signal into cross-workload incidents and the ability to manage OT and industrial control system vulnerabilities directly within Defender XDR.
• Expanded attack disruption in Microsoft Defender XDR, powered by AI, machine learning, and threat intelligence, will cover new attack scenarios like disabling malicious OAuth apps and will significantly broaden compromised user disruption, such as leaked credentials, stuffing, and guessing.
• Microsoft Sentinel launches SOC Optimizations to provide tailored guidance to help manage costs, increase the value of data ingested, and improve coverage against common attack techniques.

Expanded Microsoft Copilot for Security integrations

When it comes to supporting security teams and relieving complexity, Microsoft Copilot for Security offers a great advantage. Greater integration of Copilot across the Microsoft security portfolio and beyond provides richer embedded experiences and Copilot capabilities from familiar and trusted products. We are proud to announce new Microsoft Copilot for Security integrations, including Purview, new partner plugins, Azure Firewall, and Azure Web Application Firewall. These integrations provide your security teams with real-time guidance, deeper investigative insights, and expanded access to data from across your environment.  

Security for the era of AI

An end-to-end security platform will be a determining factor in every organization’s transformation and will play a critical role in the durability of AI-powered innovation. Organizations that focus on securing AI and invest in using AI to strengthen security will be the lasting leaders in their industries and markets. Microsoft is committed to empowering these industry and market leaders with security solutions that can help them achieve more. We bring together four critical advantages: large-scale data and threat intelligence; the most complete end-to-end platform; industry leading, responsible AI; and tools to help you secure and govern AI.

With the general availability of Copilot for Security, Microsoft has delivered on our promise to put industry-leading generative AI into the hands of IT and security professionals of all levels of experience. Now, with today’s release of new capabilities in Defender for Cloud and Microsoft Purview, we are also delivering on our commitment to empower IT and security teams with the tools they need to take advantage of AI safely, responsibly, and securely.

Lastly and importantly, security is a team sport. We look forward to working together with the industry and our partners on advancing cyber security for all. 

I do hope you’ll connect with us at RSAC this week, where we will be demonstrating our comprehensive security portfolio and how it helps you protect your environment from every angle to prepare for and confidently adopt and deploy AI. 

Learn more

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post New capabilities to help you secure your AI transformation appeared first on Microsoft Security Blog.

Recently at Microsoft Secure, we shared our latest innovations for securing and governing AI and announced the generative AI solution for cyberdefenders: Microsoft Copilot for Security. We’re excited to talk with you about how to bring these innovations to life in your organization at the RSA Conference (RSAC), May 6 to 9, 2024, in San Francisco.

At the conference, we’ll demonstrate how to secure and govern AI and benefit from end-to-end protection with solutions across the Microsoft Security portfolio, including Microsoft Copilot for Security. We’ll show you how we help security teams build their skills faster to protect their organizations.

Join us a day early, on Sunday, May 5, 2024, at Microsoft Pre-Day to kick-off RSA Conference 2024, and hear directly from our Microsoft Security Business leaders, including Vasu Jakkal, Corporate Vice President, Microsoft Security Business, and Charlie Bell, Executive Vice President, Microsoft Security. Plus, view live demos at a variety of Microsoft sessions happening throughout the conference in breakout rooms and at our booth #6044N.

Microsoft Pre-Day: Hear from Microsoft Security product leaders

Start the conference on a high note by joining us for the Microsoft Pre-Day at the Microsoft Security Hub beginning at 4:00 PM PT on Sunday, May 5, 2024. For chief information security officers (CISOs) and cybersecurity professionals, we invite you to dive deeper into the latest AI announcements, learn about new product capabilities, and gain peace of mind of how to secure AI as you introduce the technology into your organization.

Vasu Jakkal and other Microsoft leaders will share our perspectives on topics like AI-powered security, innovations in end-to-end protection, and solutions to secure AI. We’ll also be joined by Microsoft customers who will share how they have been successful in their security evolution.

Pre-Day will continue with a Q&A session with Vasu Jakkal, Charlie Bell, and other leaders. They’ll reflect on the latest developments in cybersecurity, AI, and how the global community of cyber professionals can work together for a more secure future.

The conclusion of Pre-Day will be an evening reception at 6:00 PM PT, where you will have an opportunity to network with other professionals over drinks and appetizers.

Microsoft keynote and sessions: Get valuable insights and inspiration

Once the RSA Conference begins, you’ll have several opportunities to attend demos and connect one-on-one with Microsoft product experts. Mark your calendar on Tuesday, May 7, 2024, to visit our keynote in the official conference line up from 3:40 PM PT to 4:00 PM PT at Moscone West. Vasu Jakkal will share insights on how AI is evolving, its impact on the threat landscape, and what every organization should do to keep it safe.

While there is a lot of hype around AI, most security professionals are taking a risk-averse approach. This means that employees will find workarounds to use generative AI. Join Brian Fielder, Vice President of Security Engineering at Microsoft, who will talk about Microsoft’s approach to securing and governing AI.  You will walk away with practical guidance on governing AI, how to ensure data privacy, and compliance.

Check out one or all of our Microsoft Security sessions included in the RSA Conference agenda. Here are just a few you won’t want to miss:

• “Hiding in Plain Sight: Hunting Volt Typhoon Cyber Actors.” Monday, May 6, 2024, 2:20 PM PT to 3:10 PM PT. Explore how the private sector and United States government work together to identify activity of the Volt Typhoon cyberthreat. Get lessons learned from Volt Typhoon’s tactics, techniques, and procedures, and how network defenders can best defend themselves. Kelly Bissell, Deputy CISO and CVP, Security Services, Microsoft; Cynthia Kaiser, Deputy Assistant Director, FBI; Morgan Adamski, Chief NSA Cybersecurity Collaboration Center, DOD; and Andrew Scott, Associate Director for China Operations, CISA; will share insights.
• “AI Safety: Where’s the Puck Headed?” Wednesday, May 8, 2024, 9:40 AM PT to 10:30 AM PT. Hear from a panel of experts—Ram Shankar Siva Kumar Data Cowboy, Microsoft; Vijay Bolina, CISO, Head of Cybersecurity Research, Google DeepMind; Rumman Chowdhury, Responsible AI Fellow, Berkman Klein Center, Harvard University; Dan Hendrycks, Founder, Center for AI Safety; and Daniel Rohrer, Vice President of Software Product Security—Architecture and Research, NVIDIA—on what AI safety means, why it rose to prominence, and what this means for the future of AI and cybersecurity.
• “From Attribution to Accountability: Upholding International Rules Online.” Wednesday, May 8, 2024, 1:15 PM PT to 2:05 PM PT. Get insights from a panel of litigation experts on how governments and the private sector can improve their public attribution efforts and ensure they are working cooperatively to advance respect for international rules online. The panel will include Amy Hogan-Burney, Associate Counsel and General Manager, Cybersecurity Policy and Protection, Microsoft; Megan Stifel, Chief Strategy Officer, Institute for Security and Technology; Liesyl Franz, Deputy Assistant Secretary for International Cyberspace Security, United States Department of State; Jonathan Horowitz, Legal Advisor, International Committee of the Red Cross; and William Middleton of the Foreign, Cyber Director, Foreign, Commonwealth and Development Office.

You can also stop by our Security Hub, located at The Palace Hotel, at any time to view an additional lineup of sessions well worth exploring, highlighting a few:

• “A Year of Microsoft Copilot for Security.” Monday, May 6, 2024,10:30 AM PT to 11:30 AM PT. Join us as we reflect on 12 months of learning from early customers, listen to their real-world experiences, dive into research on how Copilot for Security can elevate productivity with optimized security and catch a sneak peek into the future of generative AI in security. 
• “Threat intelligence trends and insights breakfast panel.”: Tuesday, May 7, 2024, 8:00 AM PT to 9:00 AM PT. Attend an exclusive briefing featuring experts from the Microsoft Threat Intelligence team, who analyze 78 trillion signals daily to uncover emerging threats. They will share insights and guidance on nation-state actors, cybercrime takedowns, fraud and social engineering, and cyber influence operations. 
• AI Safety lunch and fireside chat: Tuesday, May 7, 2024, 12:00 PM PT to 1:30 PM PT. Join Sarah Bird, Chief Product Officer of Responsible AI, and Bret Arsenault, Chief Cybersecurity Advisor, where we’ll address CISOs’ top AI concerns, the importance of responsible AI, and Microsoft’s commitment to AI safety. Walk away with practical guidance on implementing AI safely in your organization. 
• “Zero Trust for AI Security Leaders session.” Tuesday, May 7, 2024, 2:30 PM PT to 3:15 PM PT. Gain a deeper understanding of the five top risks inherent to generative AI and how Zero Trust for AI can help your organization deploy and use AI securely. You will walk away from this session with a Zero Trust for AI framework and a copy of the book signed by the author and presenter Mark Simos.

Visit Microsoft Security Hub at The Palace Hotel  

Join us for these sessions and more at the Microsoft Security Hub. Don’t miss out on the opportunity to explore all our sessions and ancillary events, plus you can also engage in a gamified experience dedicated to AI for security and have the chance to win exciting prizes. Additionally, you can schedule meetings with Microsoft experts and delve into the Cyber Threat Intelligence Program’s (CTIP) interactive experience from the Microsoft Digital Crimes Unit (DCU), where you’ll be able to explore the world of the malware sinkhole. The CTIP collects actionable cyberthreat intelligence from its malware disruption operations and uses this data to inform Microsoft products and services. Leveraging unique insights from Microsoft Threat Intelligence, the DCU disrupts cybercriminals’ technical infrastructure through civil legal actions, technical measures, criminal referrals to law enforcement, and public and private partnerships.

Register now to attend a variety of sessions at the Microsoft Security Hub, hosted at the historical Palace Hotel.

Stop by Microsoft Security booth at Moscone North  

The Microsoft booth will be located this year in Moscone North, close to the entrance, and will feature demos of Microsoft Security portfolio, theater presentations, gamified experience focused on Security for AI, and interactive DCU experience. Have some refreshments amidst your busy conference day and get your copy of the books about Zero Trust and Threat Intelligence signed by the authors.  

Drop by the theater at the the Microsoft booth to hear from our experts on the latest news and demos on AI, threat protection, secure access, data governance, cloud security, privacy, Zero Trust, and more. 

Participate in conversations on the future of cybersecurity

While at RSAC, consider participating in other events that will connect you with cybersecurity professionals and spark interesting conversation about the future of cybersecurity and AI.

• CSA AI Summit​: Monday, May 6, 2024, 12:10 PM PT to 12:30 PM PT. Get a front-row seat to Microsoft Security for AI innovations as part of the summit. Led by Microsoft Senior Product Marketing Manager Tina Ying, our session will focus on Security for AI. The CSA AI Summit, from 8:00 AM to 3:00 PM PT on Level 3 of Moscone Center South, will explore the intersection of AI and cloud and offer best practices on how to make the most of the AI revolution. More than 1,100 cybersecurity leaders and professionals are expected to attend the summit.
• Women in Cybersecurity (WiCyS) Meetup: ​Tuesday, May 7, 2024, 6:30 PM PT to 7:30 PM PT. Learn how WiCyS is introducing more women to cybersecurity—and how you can support these endeavors. The meetup will spotlight the achievements of WiCyS, established in 2012 to increase the number of women in cybersecurity roles by giving them mentorships, networking opportunities, and access to training and resources.

Microsoft Partners: Networking opportunity and Security Excellence Awards celebration

The Microsoft Intelligent Security Association (MISA), comprised of independent software vendors (ISV) and managed security service providers (MSSPs) that have integrated their solutions with Microsoft’s security products, will be back at RSAC 2024. MISA will again have a demo station at Microsoft Booth #6044N in Moscone North Expo among other events, including the fifth annual Microsoft Security Excellence Awards (presented by MISA).

MISA’s RSAC 2024 presence will include:

• MISA Demo Station: Stop by Microsoft Booth #6044N Monday, May 6, 2024, to Thursday, May 9, 2024, for demonstrations of Microsoft products.
• Theater sessions: Join one or more of our five theater sessions for valuable insights focused on how MISA members work together with Microsoft to protect customers from cyberthreats. Led by MISA members, these sessions will focus on strategies to protect customers from cyber threats. The sessions will feature expertise from partners Bulletproof, ContraForce, Darktrace, Avanade, Kovrr, and glueckkanja AG.
• Hub sessions: Join MISA members for a one-hour session on top-of-mind security topics in the Microsoft Security Hub.
• Partner awards: MISA members are invited to attend the Microsoft Security Excellence Awards on Monday, May 6, 2024, where winners will be announced in nine security award categories.

Congratulations to the finalists of the 2024 Excellence Awards!

Connect with Microsoft at RSAC

Register today for the Microsoft Security RSAC Pre-Day on May 5, 2024 from 4:00 PM PT to 6:00 PM PT. Explore our sessions, receptions, and other events. Leverage this opportunity to learn and connect. Stop by our booth #6044N to ask questions. Enjoy conversation or simply say hello. Looking forward to seeing you at RSAC!

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Explore Microsoft’s AI innovations at RSA Conference 2024 appeared first on Microsoft Security Blog.