Since the Secure Future Initiative (SFI) began, we’ve dedicated the equivalent of 34,000 full-time engineers to SFI—making it the largest cybersecurity engineering effort in history. And now, we’re sharing key updates and milestones from the first SFI Progress Report.
When you try to view or edit your credit card details or other sensitive information in your Microsoft account, you might need to enter a security code first, to make sure that only you can get in to your account. But you can designate a computer or other device as a trusted device. On trusted […]
You’ve probably already read Brian Krebs article A Time to Patch III: Apple, but if you haven’t, I encourage you to read it and read the various responses he received – the responses run the gamut of Linux advocates (“You do understand that Mac OS X is not a version of Linux, and is not […]
Once again, my effort to explore common misperceptions (more recently exploring unpatched statistics) has brought out some of the common objections from those that don’t necessarily like the results. Very rarely do I get comments that can find a substantive problem with the analysis – instead the arguments tend to be detailed variations of “your comparison […]
The era of IT departments mandating specific hardware, operating systems, or technologies is quickly eroding. In its place a new culture is growing where employees are granted more autonomy—and given more responsibility—for their own technology. If you’ve been to enough parties you’re probably familiar with the term BYOB—a common acronym of the phrase “bring your […]
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
During my first 7 years at Microsoft, I spent most of my time working on security features such as access control, authentication, cryptography and so on. The next 12 years were spent in product groups and the Security Development Lifecycle (SDL) team working on software design, development and testing practices across the company in order […]
<p>This article in our <a href="/b/security/archive/2012/07/31/microsoft-s-free-security-tools-series-introduction.aspx">series</a> focused on Microsoft’s free security tools is on a tool called <strong>Portqry</strong>. This tool is a TCP/IP connectivity test tool, port scanner, and local port monitor. Portqry is useful for troubleshooting networking issues as well as verifying network security related configurations. Because of this broad functionality, I have heard some Information Technology (IT) Professionals refer to this tool as a “Swiss army knife” of tools.</p>
<p>In July, we kicked off a blog series focused on "<a href="/b/security/archive/2012/07/31/microsoft-s-free-security-tools-series-introduction.aspx">Microsoft's Free Security Tools</a>." The series highlights free security tools that Microsoft provides to help make IT professionals' and developers' lives easier. A good tool can save a lot of work and time for those people responsible for developing and managing software. In the series we discuss many of the benefits each tool can provide and include step by step guidance on how to use each. Below is a summary of the tools covered in the series and a brief overview of each.</p>
<p>This article in our <a href="/b/security/archive/2012/07/31/microsoft-s-free-security-tools-series-introduction.aspx">series</a> on Microsoft’s free security tools is focused on a tool called the <a href="http://approjects.co.za/?big=en-us/download/details.aspx?id=7558">Microsoft Baseline Security Analyzer</a> (MBSA). Many years ago before Windows Update was available, servicing software was much more painful than it is today. Microsoft released security updates weekly, and there were few deployment technologies available to help determine which systems needed which updates. I wrote an <a href="/b/security/archive/2012/03/26/trustworthy-computing-learning-about-threats-for-over-10-years-part-6.aspx">article on this topic</a> if you are interested in a walk down memory lane. For those IT administrators that lived through those days, the MBSA was a godsend. Today, 10 years later, the MBSA is still a free security tool that many, many IT Professionals use to help manage the security of their environments. </p>
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
<p>Many of the IT Professionals that contact our customer service and support group have common questions related to security incidents and are seeking guidance on how to mitigate threats from determined adversaries. Given the level of interest in this information and common scenarios that exist amongst different organizations, we are publishing a multi-part series which will detail common security incidents organizations face and provide recommended mitigations based on guidance from our Security Support team. </p> <p>It is important to note that each phase has one or more technical and, more importantly, administrative controls that could have been used to block or slow down the attack. These mitigations are listed after each phase. Each mitigation addresses specific behaviors and attack vectors that have been seen previously in multiple security incidents. <a href="/b/security/archive/2013/12/18/enterprise-threat-encounters-scenarios-and-recommendations-part-1.aspx">Read more.</a></p>
Read about the latest updates to our Microsoft Security Experts product offerings.
