AI innovations for a more secure future unveiled at Microsoft Ignite
Company delivers advances in AI and posture management, unprecedented bug bounty program, and updates on its Secure Future Initiative.
Join the new Microsoft Security experience at Microsoft Ignite 2023
Join Microsoft Security at Microsoft Ignite 2023 for the latest security insights, hands-on skilling, product innovations, in-person networking, and more.
New security features in Windows 11 protect users and empower IT
Windows 11 is designed to simplify security with features from the chip to the cloud that are on by default. Since its launch, we’ve seen a 58 percent reduction in security. Learn more about the new features.
New Microsoft security tools to protect families and businesses
Today, Microsoft announced several major innovations to empower people across work and life and redefine how we live and work with AI.
Microsoft 365 Defender demonstrates 100 percent protection coverage in the 2023 MITRE Engenuity ATT&CK® Evaluations: EnterpriseÂ
​For the fifth consecutive year, Microsoft 365 Defender demonstrated leading extended detection and response (XDR) capabilities in the independent MITRE Engenuity ATT&CK® Evaluations: Enterprise. The attack used during the test highlights the importance of a unified XDR platform and showcases Microsoft 365 Defender as a leading solution, enabled by next-gen protection, industry-first capabilities like automatic attack disruption, and more.
Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
Forrester names Microsoft a Leader in the 2023 Zero Trust Platform Providers Waveâ„¢ report
Microsoft is proud to be recognized as a Leader in The Forrester Waveâ„¢: Zero Trust Platform Providers, Q3 2023 report.
Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets
Since February 2023, Microsoft has observed a high volume of password spray attacks attributed to Peach Sandstorm, an Iranian nation-state group. In a small number of cases, Peach Sandstorm successfully authenticated to an account and used a combination of publicly available and custom tools for persistence, lateral movement, and exfiltration.
Uncursing the ncurses: Memory corruption vulnerabilities found in library
A set of memory corruption vulnerabilities in the ncurses library could have allowed attackers to chain the vulnerabilities to elevate privileges and run code in the targeted program's context or perform other malicious actions.
Malware distributor Storm-0324 facilitates ransomware access
The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors.
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
Cloud storage security: What’s new in the threat matrix
We’re announcing the release of a second version of our threat matrix for storage services, a structured tool that assists in identifying and analyzing potential security threats on data stored in cloud storage services.
Navigating privacy in a data-driven world with Microsoft Priva
As the world becomes more data-driven and the privacy landscape continues to evolve, the need to take a proactive privacy approach increases. Here's how Microsoft Priva can help.
Flax Typhoon using legitimate software to quietly access Taiwanese organizations
China-based actor Flax Typhoon is exploiting known vulnerabilities for public-facing servers, legitimate VPN software, and open-source malware to gain access to Taiwanese organizations, but not taking further action.
How the Microsoft Incident Response team helps customers remediate threats
Microsoft Incident Response is a global team comprised of cybersecurity experts with deep, highly specialized knowledge in breach detection, response, and recovery.