{"id":138308,"date":"2025-04-17T09:00:00","date_gmt":"2025-04-17T16:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=138308"},"modified":"2025-04-17T08:14:50","modified_gmt":"2025-04-17T15:14:50","slug":"microsofts-secure-by-design-journey-one-year-of-success","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/","title":{"rendered":"Microsoft&#8217;s Secure by Design journey: One year of success"},"content":{"rendered":"\n<p>Cybersecurity is one of the top risks facing businesses. Organizations are struggling to navigate the ever-evolving cyberthreat landscape in which 600 million identity attacks are carried out daily.<sup>1<\/sup> The median time for a cyberattacker to access private data from phishing is 1 hour and 12 minutes, and nation-state cyberattacks are on the rise.<sup>2<\/sup> Organizations also face unprecedented complexity, making security jobs harder\u201457% of organizations are using more than 40 security tools, which requires significant resourcing and effort to integrate workflows and data.<sup>3<\/sup> These challenges are magnified by the global security talent shortage organizations are facing and there are more than 4 million security jobs unfilled worldwide, rising insider risks, and the rapidly evolving regulatory landscape today.<sup>4<\/sup> These cybersecurity challenges can not only increase significant business disruptions, they can also create devastating economic damages\u2014the cost of cybercrime is expected to grow at 15% year over year, reaching $15.6 trillion by 2029.<sup>5<\/sup>\u00a0<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-1 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button has-custom-width wp-block-button__width-75 btn-primary\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/www.microsoft.com\/trust-center\/security\/secure-future-initiative\">Get the latest Secure Future Initiative updates<\/a><\/div>\n<\/div>\n\n\n\n<p>In November 2023, to address the evolution of the digital and regulatory landscape, and the unprecedented changes in the cyberthreat landscape, we announced the <a href=\"https:\/\/www.microsoft.com\/trust-center\/security\/secure-future-initiative\">Microsoft Secure Future Initiative<\/a>. The Secure Future Initiative (SFI)\u00a0is\u00a0a\u00a0multiyear\u00a0effort\u00a0to\u00a0revolutionize the way we design, build, test, and operate our products and services, to achieve the highest security standards. SFI is our commitment to improve Microsoft\u2019s security posture, thereby improving the security posture of all our customers, and to work with governments and industry to improve the security posture of the entire ecosystem.<\/p>\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/Picture3.webp\" alt=\"A circular diagram listing current and emerging threats, including technical debt, insider threat, cyber criminals, conflicting regulatory requirements, supply chain and ecosystem, and nation-state actors.\" class=\"wp-image-138521 webp-format\" srcset=\"\" data-orig-src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/Picture3.webp\"><\/figure>\n\n\n\n<p>Last year, the Cybersecurity and Infrastructure Security Agency (CISA), through its <a href=\"https:\/\/www.cisa.gov\/securebydesign\/pledge\" target=\"_blank\" rel=\"noreferrer noopener\">&#8220;Secure by Design&#8221; pledge<\/a>, called on the technology industry to prioritize security at every stage of product development and deployment. This approach of embedding cybersecurity in digital delivery from the outset is also reflected in the United Kingdom\u2019s Government&#8217;s Cyber Security Strategy as well as in the Australian Cyber Security Centre (ACSC)\u2019s \u201cEssential Eight\u201d mitigation strategies to protect against cyberthreats. Throughout this blog post, the term \u201cSecure by Design\u201d encompasses both \u201csecure by design\u201d and \u201csecure by default.\u201d<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-2 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button has-custom-width wp-block-button__width-75 btn-primary\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/www.cisa.gov\/securebydesign\/pledge\">Read CISA&#8217;s Secure by Design pledge<\/a><\/div>\n<\/div>\n\n\n\n<p>Microsoft committed to work towards key goals across a spectrum of <a href=\"https:\/\/www.cisa.gov\/resources-tools\/resources\/secure-by-design\" target=\"_blank\" rel=\"noreferrer noopener\">Secure by Design principles<\/a> advocated by numerous government agencies around the world. These goals aim to enhance security outcomes for customers by embedding robust cybersecurity practices throughout the product lifecycle. We continue to take our learnings, feed them back into our security standards, and operationalize these learnings as paved paths that can enable secure design and operations at scale. Our SFI updates provide examples of Microsoft\u2019s progress in implementing secure by design, secure by default, and secure in operations principles, and provide best practices based on Microsoft\u2019s own experience, demonstrating our dedication to improving security for customers.<\/p>\n\n\n\n<p>Keep reading to learn about the initiatives Microsoft has undertaken over the past 18 months to support secure by design objectives as part of our SFI initiative. It is organized around our SFI principles to provide our customers and partners with an understanding of the robust security measures we are implementing to safeguard their digital environments.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"enhancing-security-with-multifactor-authentication-and-default-password-management\">Enhancing security with multifactor authentication and default password management<\/h2>\n\n\n\n<p>Phishing-resistant multifactor authentication provides the most robust defense against password-based cyberattacks, including credential stuffing and password theft. This includes promoting multifactor authentication among customers, implementing it as a default requirement for access, and participating in efforts to establish long-term standards in authentication.<\/p>\n\n\n\n<p>In October 2024, Microsoft <a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/announcing-mandatory-multi-factor-authentication-for-azure-sign-in\/\" target=\"_blank\" rel=\"noreferrer noopener\">implemented mandatory multifactor authentication<\/a> for the Microsoft Azure portal, Microsoft Entra admin center, and Microsoft Intune admin center. Since then, Microsoft has worked with our customers to reduce extensions and rapidly advance multifactor authentication adoption. A key achievement is our progress in eliminating passwords across products. Microsoft has introduced <a href=\"https:\/\/techcommunity.microsoft.com\/blog\/microsoft-entra-blog\/new-user-experience-for-consumer-authentication\/3822035\" target=\"_blank\" rel=\"noreferrer noopener\">enhancements to streamline authentication<\/a> and improve sign-in experiences, emphasizing usability and security. Users can now remove passwords from their accounts and use passkeys instead, addressing vulnerabilities and preventing unauthorized access. <\/p>\n\n\n\n<p>On March 26, 2025, Microsoft launched a new sign-in experience for more than 1 billion users. By the end of April 2025, most Microsoft account users will see updated sign-in and sign-up user experience flows for web and mobile apps. This new user experience is optimized for a passwordless and passkey-first experience. Microsoft is also updating the account sign-in logic to make passkey the default sign-in choice whenever possible.<\/p>\n\n\n\n<p>Additional examples of Microsoft improving authentication and how customers can learn from Microsoft\u2019s approach and solutions include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Microsoft recommendations for organizations to get started deploying <a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/authentication\/how-to-plan-prerequisites-phishing-resistant-passwordless-authentication\" target=\"_blank\" rel=\"noreferrer noopener\">phishing-resistant passwordless authentication<\/a> using Microsoft Entra ID.<\/li>\n\n\n\n<li>Security defaults make it easier to help protect against identity-related cyberattacks like password spray, replay, and phishing common in today&#8217;s environments. Learn more about <a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/fundamentals\/security-defaults\" target=\"_blank\" rel=\"noreferrer noopener\">preconfigured security settings<\/a> available in Microsoft Entra ID.<\/li>\n\n\n\n<li>Microsoft\u2019s <a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity\/conditional-access\/overview\" target=\"_blank\" rel=\"noreferrer noopener\">Conditional Access<\/a> uses identity-driven signals as part of access control decisions.<\/li>\n\n\n\n<li>To help prevent phishing, Microsoft added additional hardening to Windows Hello, which is the multifactor authentication solution built-in to Windows. Windows Hello has also been extended to support passkeys, which are an industry standard, and which we continue to evolve. With Hello and passkeys, on Windows, it means much of the web can be protected with multifactor authentication, and people no longer need to choose between a simple sign-in and a safe sign-in.\u00a0<\/li>\n\n\n\n<li>Learn how Microsoft is advancing <a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/verified-id\/decentralized-identifier-overview\" target=\"_blank\" rel=\"noreferrer noopener\">decentralized identity standards and verifiable credentials<\/a>.<\/li>\n\n\n\n<li>Following <a href=\"https:\/\/github.blog\/security\/supply-chain-security\/securing-millions-of-developers-through-2fa\/\">GitHub\u2019s April 2024 update<\/a> on a year of progress in pushing multifactor authentication adoption, further cohorts requiring multifactor authentication enablement have been rolled out in the past year. This effort continues to drive multifactor authentication utilization with almost 50% of contributing GitHub users having multifactor authentication enabled. Of those, more than 38% of users have two or more methods of two-factor authentication enabled and more than 3.6 million users have a passkey enabled on their account. Additionally, GitHub has pushed for best practices in multifactor authentication methods, and in November 2024 shipped enhancements to the <a href=\"https:\/\/github.blog\/changelog\/2024-11-21-enhanced-2fa-management-for-orgs-and-enterprises-public-preview\/\" target=\"_blank\" rel=\"noreferrer noopener\">management of multifactor authentication settings<\/a> for organizations and enterprises that allow the restriction of insecure methods of multifactor authentication such as text messaging.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"reducing-entire-classes-of-vulnerabilities\">Reducing entire classes of vulnerabilities<\/h2>\n\n\n\n<p>Most exploited vulnerabilities today stem from types that can often be mitigated on a large scale, such as SQL injection, cross-site scripting, and memory safety language vulnerabilities. Governments aim to reduce these by encouraging companies to adopt practices like eliminating authorization validation logic mistakes, enabling the use of memory-safe languages, creating secure firmware architectures, and implementing secure administrative protections. The goal is to minimize exploitation risks by addressing systemic vulnerabilities at their root.<\/p>\n\n\n\n<p>Our introduction of mandatory use of the <a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity-platform\/msal-overview\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Authentication Library<\/a> (MSAL) across all Microsoft applications helps ensure that advanced identity defenses, such as token binding, continuous access evaluation, and advanced application attack detections, are consistently implemented. This standardizes secure authentication processes, making it significantly harder for attackers to exploit identity-related vulnerabilities. MSAL enables developers to acquire security tokens from the Microsoft identity platform to authenticate users and access secured web APIs.\u00a0<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-3 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button has-custom-width wp-block-button__width-100 btn-primary\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/learn.microsoft.com\/en-us\/windows\/security\/book\/\" target=\"_blank\" rel=\"noreferrer noopener\">Read the updated Windows Security book and stay secure with Windows<\/a><\/div>\n<\/div>\n\n\n\n<p>Microsoft is also committed to adopting memory-safe languages, such as Rust, for developing new products and transitioning existing ones. This approach addresses common vulnerabilities related to memory safety. Microsoft is investing heavily into safe language to enhance the safety of our code, and we are applying this new approach to our security platform and other key areas like Microsoft Surface and Pluton security firmware.\u00a0\u00a0\u00a0<\/p>\n\n\n\n<p>In Windows 11, we\u2019ve applied a secure by design strategy from the very first line of code. We have established a Hardware Security Baseline, which helps to ensure every Windows 11 PC has consistent hardware security forming a secure foundation. <a href=\"https:\/\/blogs.windows.com\/windowsexperience\/2024\/11\/19\/windows-security-and-resiliency-protecting-your-business\/\" target=\"_blank\" rel=\"noreferrer noopener\">Windows 11<\/a> has secure by default settings and stronger controls for what apps and drivers are allowed to run. This is important as unverified apps and drivers lead to malware and script attacks. And most malware and ransomware apps are unsigned, which means they can be authored and distributed without being provably safe. For consumers and smaller organizations, <a href=\"https:\/\/learn.microsoft.com\/en-us\/windows\/apps\/develop\/smart-app-control\/overview\" target=\"_blank\" rel=\"noreferrer noopener\">Smart App Control<\/a><strong> <\/strong>is a new feature that uses cloud AI to enable millions of known safe apps to run, regardless of where you got them. For larger organizations,<strong> <\/strong>IT admins can layer on <a href=\"https:\/\/learn.microsoft.com\/en-us\/windows\/security\/application-security\/application-control\/app-control-for-business\/deployment\/appcontrol-deployment-guide\" target=\"_blank\" rel=\"noreferrer noopener\">App Control for Business policies<\/a> and\u00a0deploy them using Intune.\u00a0\u00a0<\/p>\n\n\n\n<p>With Windows powering business critical solutions across a wide variety of customers, we are committed to helping ensure that Windows remains the most secure and reliable platform. At Microsoft Ignite in 2024, we announced the <a href=\"https:\/\/blogs.windows.com\/windowsexperience\/2024\/11\/19\/windows-security-and-resiliency-protecting-your-business\/\" target=\"_blank\" rel=\"noreferrer noopener\">Windows Resilience Initiative<\/a> focused on enhancing the security and resilience of the Windows operating system. This involves implementing advanced security features, improving threat detection and response capabilities, and to help ensure that Windows can withstand and recover from cyberattacks. As part of the Windows Resilience Initiative,\u00a0we are working to protect against common cyberattacks in addition to strengthening identity protection mentioned above.\u00a0\u00a0<\/p>\n\n\n\n<p>As part of this we are addressing the long-standing challenge of overprivileged users and applications, which create significant risk. Yet many people do not want to give up admin control of their PC. To help strike the balance of admin privileges and security we are introducing <a href=\"https:\/\/techcommunity.microsoft.com\/blog\/windows-itpro-blog\/administrator-protection-on-windows-11\/4303482\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>Administrator protection<\/strong><\/a><strong> <\/strong>(currently in Windows Insiders). Admin protection gives you the protection of standard user permissions by <strong>default<\/strong>, and when needed you can securely authorize a just-in-time system change using Windows Hello. Once the process has completed, the temporary admin token is destroyed. This means admin privileges do not persist.\u00a0 Admin protection will be disruptive to cyberattackers, as they no longer have elevated privileges by default, which will help organizations\u202fensure they remain in control of Windows.\u00a0<\/p>\n\n\n\n<p>We are also collaborating with endpoint security partners to adopt safe deployment practices. This means all security product updates will be gradual, minimizing deployment risks and monitoring to help ensure any negative impact is kept to a minimum. Additionally, we are developing new Windows capabilities that allow security product developers to build their products outside of kernel mode, reducing the impact to Windows in the event of a security product crash.\u00a0<\/p>\n\n\n\n<p>Another key development is our <a href=\"https:\/\/microsoft.design\/articles\/secure-by-design-a-ux-toolkit\/\" target=\"_blank\" rel=\"noreferrer noopener\">secure by design user experience (UX) toolkit<\/a>. Human error causes the majority of security breaches. The UX toolkit helps build more secure software and improve user security experiences. This toolkit represents a new way of thinking\u2014where design and security aren\u2019t siloed but are working together from the very beginning. Adopted internally and shared externally, the toolkit helps other software organizations in enhancing their security practices.<\/p>\n\n\n\n<p>Other activities Microsoft has worked on to eliminate classes of vulnerabilities include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Continued support to enable developers to use the memory safe language <a href=\"https:\/\/learn.microsoft.com\/en-us\/windows\/dev-environment\/rust\/rust-for-windows\" target=\"_blank\" rel=\"noreferrer noopener\">Rust on Windows<\/a>.<\/li>\n\n\n\n<li>Taking steps to mitigate <a href=\"https:\/\/msrc.microsoft.com\/blog\/2024\/12\/mitigating-ntlm-relay-attacks-by-default\/\" target=\"_blank\" rel=\"noreferrer noopener\">Windows NT LAN (NTLM) Relay Attacks<\/a> by default against Exchange Service, Active Directory Certificate Services and Lightweight Directory Access Protocol (LDAP).<\/li>\n\n\n\n<li><a href=\"https:\/\/techcommunity.microsoft.com\/blog\/networkingblog\/announcing-zero-trust-dns-private-preview\/4110366\" target=\"_blank\" rel=\"noreferrer noopener\">Zero Trust Domain Name System (DNS) preview expanded<\/a> to include Windows 11 enterprise customers. This feature helps lock down devices to only access-approved network destinations.<\/li>\n\n\n\n<li>Surface embedded firmware products use of a <a href=\"https:\/\/techcommunity.microsoft.com\/blog\/surfaceitpro\/how-surface-embedded-firmware-has-evolved-over-10-years\/4154219\" target=\"_blank\" rel=\"noreferrer noopener\">common firmware architecture<\/a>.<\/li>\n\n\n\n<li>Launch of the <a href=\"https:\/\/learn.microsoft.com\/en-us\/windows-365\/link\/security-overview\" target=\"_blank\" rel=\"noreferrer noopener\">Windows 365 Link<\/a>, which is the first Cloud PC device for Windows 365. Windows 365 Link eliminates local data and apps and has no local admin users and provides employees a way to more securely stream their Windows 365 Cloud PC.<\/li>\n\n\n\n<li>GitHub released <a href=\"https:\/\/github.blog\/changelog\/2024-12-17-find-and-fix-actions-workflows-vulnerabilities-with-codeql-public-preview\/\" target=\"_blank\" rel=\"noreferrer noopener\">CodeQL support for GitHub Actions workflow files<\/a>. This new static analysis capability identifies common continuous integration and continuous delivery (CI\/CD) flaws both in existing code bases and before they are introduced to help eliminate this class of vulnerabilities. Using this new feature, the <a href=\"https:\/\/github.blog\/security\/application-security\/how-to-secure-your-github-actions-workflows-with-codeql\/\" target=\"_blank\" rel=\"noreferrer noopener\">GitHub Security Lab<\/a> was able to help secure more than 75 GitHub Actions workflows in open source projects, disclosing more than 90 different vulnerabilities.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"boosting-patch-application-rates\">Boosting patch application rates<\/h2>\n\n\n\n<p>Timely and effective patch management is necessary for cybersecurity, as this is how we can reduce the window of opportunity for malicious actors to exploit software flaws.<\/p>\n\n\n\n<p>Microsoft has made measurable increases in the installation of security patches, which we achieved by enabling automatic installation of software patches when possible and enabling this functionality by default, as well as by offering widespread support for these patches.<\/p>\n\n\n\n<p>Microsoft continues to roll out major security updates on the second Tuesday of each month, known as Patch Tuesday. This regular schedule ensures that all systems receive timely updates to address critical vulnerabilities, thereby reducing the risk of exploitation by cyberattackers.<\/p>\n\n\n\n<p>Building on this foundation, Microsoft has made significant strides in improving the update process with Windows 11. By reducing the number of required system restarts from 12 to four per year through the use of Hotpatch updates, we have further streamlined operations and encouraged organizations to remain compliant with patching requirements.<\/p>\n\n\n\n<p>Other examples of our efforts in to boost patch and security update rates include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/techcommunity.microsoft.com\/blog\/windows-itpro-blog\/hotpatch-for-windows-client-now-available\/4399808\" target=\"_blank\" rel=\"noreferrer noopener\">Windows Hotpatch<\/a>: Announced at Microsoft Ignite 2024, this provides a 60% reduction in time to adopt security updates, assisted by applying updates seamlessly without system restarts.<\/li>\n\n\n\n<li>Microsoft has emphasized the importance of clearly communicating the expected lifespan of products at the time of sale and investing in provisioning capabilities to ease customer transitions to supported versions when products reach the end of their lifecycle. This strategy ensures that customers are well-informed and can smoothly adapt to new technologies.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"adopting-a-vulnerability-disclosure-policy-vdp-and-common-vulnerabilities-and-exposures-cve\">Adopting a Vulnerability Disclosure Policy (VDP) and Common Vulnerabilities and Exposures (CVE)&nbsp;<\/h2>\n\n\n\n<p>Coordinated vulnerability disclosure, a practice Microsoft adopted more than a decade ago, benefits both security researchers and software manufacturers by enabling collaboration to enhance product security. A VDP that authorizes public testing of products, commits to refraining from legal action against those who follow the VDP in good faith, provides a clear channel for reporting vulnerabilities, and permits public disclosure of vulnerabilities according to coordinated vulnerability disclosure best practices and international standards makes a real difference for cybersecurity. Additionally, manufacturers can demonstrate transparency by including accurate Common Weakness Enumeration (CWE) and Common Platform Enumeration (CPE) fields in every CVE record for the manufacturer\u2019s products.<\/p>\n\n\n\n<p><a href=\"https:\/\/msrc.microsoft.com\/blog\/2024\/04\/toward-greater-transparency-adopting-the-cwe-standard-for-microsoft-cves\/\" target=\"_blank\" rel=\"noreferrer noopener\">Our adoption of the CWE<\/a> and CPE standards in every CVE record for its products is an important achievement. This transparency facilitates accurate and detailed information about vulnerabilities, facilitating timely and effective remediation. By issuing CVEs promptly for all critical or high-impact vulnerabilities, Microsoft demonstrates its commitment to maintaining a secure environment and protecting its customers from potential cyberthreats.<\/p>\n\n\n\n<p>Another notable highlight is the <a href=\"https:\/\/msrc.microsoft.com\/blog\/2024\/11\/toward-greater-transparency-publishing-machine-readable-csaf-files\/\" target=\"_blank\" rel=\"noreferrer noopener\">publication of a machine-readable CSAF files<\/a>, which provide a clear channel for reporting vulnerabilities and authorizes public testing of Microsoft products. This fosters collaboration between security researchers and software manufacturers, enabling the identification and mitigation of vulnerabilities in a coordinated manner.<\/p>\n\n\n\n<p>Other activities Microsoft has worked on to adopt VDP and CVE include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Microsoft has <a href=\"https:\/\/msrc.microsoft.com\/blog\/2024\/11\/toward-greater-transparency-publishing-machine-readable-csaf-files\/\" target=\"_blank\" rel=\"noreferrer noopener\">published a security.txt file<\/a> with links to different aspects of our VDP CVE related blogs generally.<\/li>\n\n\n\n<li>Microsoft is now issuing <a href=\"https:\/\/msrc.microsoft.com\/blog\/2024\/06\/toward-greater-transparency-unveiling-cloud-service-cves\/\" target=\"_blank\" rel=\"noreferrer noopener\">CVEs for critical cloud service vulnerabilities<\/a>, regardless of whether customers need to install a patch or to take other actions to protect themselves.<\/li>\n\n\n\n<li>Microsoft has begun to <a href=\"https:\/\/msrc.microsoft.com\/blog\/2024\/04\/toward-greater-transparency-adopting-the-cwe-standard-for-microsoft-cves\/\" target=\"_blank\" rel=\"noreferrer noopener\">publish root cause data for Microsoft CVEs<\/a> using the CWE industry standard. By adopting CWE, more effective community discussion about discovering and mitigating weaknesses in existing software and hardware can be facilitated.<\/li>\n\n\n\n<li>Microsoft added a <a href=\"https:\/\/msrc.microsoft.com\/blog\/2024\/11\/toward-greater-transparency-publishing-machine-readable-csaf-files\/\" target=\"_blank\" rel=\"noreferrer noopener\">new standard machine-readable format<\/a>, called Common Security Advisory Framework (CSAF), to all Microsoft CVE information to help customer accelerate CVE response and remediation.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"empowering-customers-to-detect-and-document-intrusions\">Empowering customers to detect and document intrusions<\/h2>\n\n\n\n<p>Organizations should do more to detect cybersecurity incidents and understand their impact. To ensure they can do that, manufacturers should provide artifacts and evidence-gathering tools, like audit logs.<\/p>\n\n\n\n<p>An example of Microsoft\u2019s commitment in this area is our implementation of robust sensors and logs, enhancing detection of cyberthreats. This initiative provides customers with actionable insights into potential intrusions, enabling swift responses and risk mitigation.<\/p>\n\n\n\n<p>Other activities Microsoft has worked on to empower customers to detect and document inclusions include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2023\/10\/18\/expanding-audit-logging-and-retention-within-microsoft-purview-for-increased-security-visibility\/\">Microsoft Purview has expanded<\/a> its audit logging and retention periods, among other security enhancements, to increase security visibility and incident response capabilities for cloud-based services.<\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/copilot\/security\/using-promptbooks\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Security Copilot<\/a> offers prebuilt promptbooks to automate security-related tasks, such as incident investigations, user analysis, and threat intelligence assessments, enhancing efficiency and accuracy in cybersecurity operations.<\/li>\n\n\n\n<li>Microsoft has provided detailed guidance on implementing the <a href=\"https:\/\/learn.microsoft.com\/en-us\/security\/zero-trust\/dod-zero-trust-strategy-intro\" target=\"_blank\" rel=\"noreferrer noopener\">United States Department of Defense (DoD) Zero Trust Strategy<\/a>, with activities categorized into target and advanced phases to achieve full Zero Trust adoption by 2032.<\/li>\n\n\n\n<li><a href=\"https:\/\/www.cisa.gov\/resources-tools\/resources\/microsoft-expanded-cloud-logs-implementation-playbook\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft\u2019s Expanded Cloud Logs Implementation Playbook<\/a> provides detailed guidance on operationalizing new logging capabilities in Microsoft Purview Audit (Standard).<\/li>\n\n\n\n<li>Microsoft has published a whitepaper on <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/01\/13\/3-takeaways-from-red-teaming-100-generative-ai-products\/\">lessons learned from red teaming more than 100 generative AI products<\/a> at Microsoft. The whitepaper highlights the importance of understanding AI systems, breaking them without computing gradients, and the necessity of human involvement in AI red teaming, among other topics.<\/li>\n<\/ul>\n\n\n\n<p>GitHub shipped enhanced capabilities to the GitHub audit log to provide customers with <a href=\"https:\/\/github.blog\/changelog\/2025-01-13-audit-log-streaming-of-api-requests-is-generally-available\/\" target=\"_blank\" rel=\"noreferrer noopener\">increased visibility of API events<\/a> and <a href=\"https:\/\/github.blog\/changelog\/2024-11-21-programmatic-audit-log-configuration-and-multi-endpoint-streaming\/\" target=\"_blank\" rel=\"noreferrer noopener\">features to enable enterprise management, automation, and integration<\/a>.<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-4 wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button has-custom-width wp-block-button__width-75 btn-primary\"><a class=\"wp-block-button__link wp-element-button\">Read the latest SFI updates<\/a><\/div>\n<\/div>\n\n\n\n<p>To learn more about Microsoft Security solutions, visit our&nbsp;<a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\" target=\"_blank\" rel=\"noreferrer noopener\">website.<\/a>&nbsp;Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/blog\/\" target=\"_blank\" rel=\"noreferrer noopener\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (<a href=\"https:\/\/www.linkedin.com\/showcase\/microsoft-security\/\">Microsoft Security<\/a>) and X (<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noreferrer noopener\">@MSFTSecurity<\/a>)&nbsp;for the latest news and updates on cybersecurity.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<p><sup>1<\/sup><a href=\"https:\/\/cdn-dynmedia-1.microsoft.com\/is\/content\/microsoftcorp\/microsoft\/final\/en-us\/microsoft-brand\/documents\/Microsoft%20Digital%20Defense%20Report%202024%20%281%29.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Digital Defense Report 2024<\/a>.<\/p>\n\n\n\n<p><sup>2<\/sup><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/security-insider\/intelligence-reports\/microsoft-digital-defense-report-2022?msockid=3248c14e3bdd62323e09d2f03a67633d\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Digital Defense Report 2022<\/a>.<\/p>\n\n\n\n<p><sup>3<\/sup><a href=\"https:\/\/my.idc.com\/getdoc.jsp?containerId=US51902424\" target=\"_blank\" rel=\"noreferrer noopener\">IDC North America Tools and Vendors Consolidation Survey<\/a>, 2023.<\/p>\n\n\n\n<p><sup>4<\/sup><a href=\"https:\/\/www.isc2.org\/Insights\/2024\/10\/ISC2-2024-Cybersecurity-Workforce-Study\" target=\"_blank\" rel=\"noreferrer noopener\">2024 ISC2 Cybersecurity Workforce Study<\/a>.<\/p>\n\n\n\n<p><sup>5<\/sup><a href=\"https:\/\/www.statista.com\/forecasts\/1280009\/cost-cybercrime-worldwide\" target=\"_blank\" rel=\"noreferrer noopener\">Global cybercrime estimated cost 2029<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Read about the initiatives Microsoft has undertaken over the past 18 months to support secure by design, secure by default, and secure in operations objectives as part of our SFI Initiative.<\/p>\n","protected":false},"author":162,"featured_media":138512,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","footnotes":""},"content-type":[3662],"topic":[3678,4236,3683],"products":[],"threat-intelligence":[],"tags":[],"coauthors":[2133],"class_list":["post-138308","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","content-type-news","topic-multifactor-authentication","topic-secure-future-initiative","topic-security-management","review-flag-1694638265-576","review-flag-1694638271-781","review-flag-1-1694638265-354","review-flag-2-1694638266-864","review-flag-3-1694638266-241","review-flag-4-1694638266-512","review-flag-5-1694638266-171","review-flag-6-1694638266-691","review-flag-dod-1694638267-531","review-flag-idc-1694638272-695","review-flag-integ-1694638263-281","review-flag-new-1694638263-340","review-flag-unite-1694638267-167"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Microsoft&#039;s Secure by Design journey: One year of success | Microsoft Security Blog<\/title>\n<meta name=\"description\" content=\"Read about the initiatives Microsoft has undertaken over the past 18 months to support secure by design, secure by default, and secure in operations objectives as part of our SFI Initiative.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft&#039;s Secure by Design journey: One year of success | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"Read about the initiatives Microsoft has undertaken over the past 18 months to support secure by design, secure by default, and secure in operations objectives as part of our SFI Initiative.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2025-04-17T16:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/UTF-8Blog_SFI-report-banner_Brand_Studio_B-1024x576.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"576\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Bret Arsenault\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/UTF-8Blog_SFI-report-banner_Brand_Studio_B.png\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Bret Arsenault\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"11 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/bret-arsenault\/\",\"@type\":\"Person\",\"@name\":\"Bret Arsenault\"}],\"headline\":\"Microsoft&#8217;s Secure by Design journey: One year of success\",\"datePublished\":\"2025-04-17T16:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/\"},\"wordCount\":2842,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/UTF-8Blog_SFI-report-banner_Brand_Studio_B.webp\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/\",\"name\":\"Microsoft's Secure by Design journey: One year of success | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/UTF-8Blog_SFI-report-banner_Brand_Studio_B.webp\",\"datePublished\":\"2025-04-17T16:00:00+00:00\",\"description\":\"Read about the initiatives Microsoft has undertaken over the past 18 months to support secure by design, secure by default, and secure in operations objectives as part of our SFI Initiative.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/UTF-8Blog_SFI-report-banner_Brand_Studio_B.webp\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/UTF-8Blog_SFI-report-banner_Brand_Studio_B.webp\",\"width\":3780,\"height\":2125,\"caption\":\"Hands holding a tablet with a screen\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft&#8217;s Secure by Design journey: One year of success\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft's Secure by Design journey: One year of success | Microsoft Security Blog","description":"Read about the initiatives Microsoft has undertaken over the past 18 months to support secure by design, secure by default, and secure in operations objectives as part of our SFI Initiative.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft's Secure by Design journey: One year of success | Microsoft Security Blog","og_description":"Read about the initiatives Microsoft has undertaken over the past 18 months to support secure by design, secure by default, and secure in operations objectives as part of our SFI Initiative.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/","og_site_name":"Microsoft Security Blog","article_published_time":"2025-04-17T16:00:00+00:00","og_image":[{"width":1024,"height":576,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/UTF-8Blog_SFI-report-banner_Brand_Studio_B-1024x576.png","type":"image\/png"}],"author":"Bret Arsenault","twitter_card":"summary_large_image","twitter_image":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/UTF-8Blog_SFI-report-banner_Brand_Studio_B.png","twitter_misc":{"Written by":"Bret Arsenault","Est. reading time":"11 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/bret-arsenault\/","@type":"Person","@name":"Bret Arsenault"}],"headline":"Microsoft&#8217;s Secure by Design journey: One year of success","datePublished":"2025-04-17T16:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/"},"wordCount":2842,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/UTF-8Blog_SFI-report-banner_Brand_Studio_B.webp","inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/","name":"Microsoft's Secure by Design journey: One year of success | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/UTF-8Blog_SFI-report-banner_Brand_Studio_B.webp","datePublished":"2025-04-17T16:00:00+00:00","description":"Read about the initiatives Microsoft has undertaken over the past 18 months to support secure by design, secure by default, and secure in operations objectives as part of our SFI Initiative.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/UTF-8Blog_SFI-report-banner_Brand_Studio_B.webp","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2025\/04\/UTF-8Blog_SFI-report-banner_Brand_Studio_B.webp","width":3780,"height":2125,"caption":"Hands holding a tablet with a screen"},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2025\/04\/17\/microsofts-secure-by-design-journey-one-year-of-success\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft&#8217;s Secure by Design journey: One year of success"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":true,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/138308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/162"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=138308"}],"version-history":[{"count":21,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/138308\/revisions"}],"predecessor-version":[{"id":138525,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/138308\/revisions\/138525"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/138512"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=138308"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=138308"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=138308"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=138308"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=138308"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=138308"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=138308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}