3 key tenets to help with security management

  This post is authored by Berk Veral, Director, Product Marketing, Enterprise Cybersecurity Group. Across industries, as attack methods have become more sophisticated and complex, organizations have been responding by deploying more security solutions, which in turn has tremendously increased the complexity of security management. Today, organizations must manage distributed resources across many environments, and given the constantly evolving threats, this means there are more attack surfaces that need to be … Read more »

New IIS functionality to help identify weak TLS usage

This post is authored by Andrew Marshall, Principal Security Program Manager, TwC Security, Yanbing Shi, Software Engineer, Internet Information Services Team, and Sourabh Shirhatti, Program Manager, Internet Information Services Team. As a follow-up to our announcement regarding TLS 1.2 support at Microsoft, we are announcing new functionality in Windows Server 2012R2 and Windows Server 2016 to increase your awareness of clients connecting to your services with weak security protocols or cipher … Read more »

Microsoft’s perspective on cyber resilience

This post is authored by Ann Johnson, Vice President, Enterprise Cybersecurity Group. In the wake of recent ransomware outbreaks, I wanted to understand how impacted firms have evolved their thinking on cyber resilience planning and implementation. I asked the Detection and Response Team at Microsoft, who help our customers proactively and in real time to respond and recover from cyberattacks, to share their experiences. I’ve included below a few anonymized … Read more »

Microsoft Security Intelligence Report Volume 22 is now available

The latest volume of the Microsoft Security Intelligence Report is now available for free download at www.microsoft.com/sir. This new volume of the report includes threat data from the first quarter of 2017. The report also provides specific threat data for over 100 countries/regions. As mentioned in a recent blog, using the tremendous breadth and depth of signal and intelligence from our various cloud and on-premises solutions deployed globally, we investigate … Read more »

The world of eroding privacy: tips on how to stay secure

At the intersection of limes, teenagers, and privacy This post is authored by Ann Johnson, Vice President, Enterprise Cybersecurity Group. We will come to limes later in this blog, and they are relevant. But let me begin with one defining statement: I am the parent of a teenager, and the year is 2017. As the parent of an age group that is best described as unpredictable on good days, one … Read more »

Top 5 best practices to automate security operations

This post is authored by Jonathan Trull, Worldwide Executive Cybersecurity Advisor, Enterprise Cybersecurity Group. And by Vidhi Agarwal, Senior Security Program Manager, Microsoft Security Response Center (MSRC).  Within the information security community, one of the emerging areas of focus and investment is the concept of security automation and orchestration. Although the topic is not necessarily new, it has taken on increased importance due to several industry trends. Before diving into the … Read more »

5 Reasons why Microsoft should be your cybersecurity ally

When you think about cybersecurity, does Microsoft come to mind? Probably not. Here are 5 reasons why enterprises should consider partnering with Microsoft on cybersecurity: 1. Strong Commitment to Cybersecurity Significant security investments. Microsoft invests over $1 billion annually on security. Microsoft has invested significantly towards building security into our core technologies like Windows, Office, and Azure, and in making strategic acquisitions of security technologies that enhance the investments customers … Read more »

TLS 1.2 Support added to Windows Server 2008

This post is authored by Arden White, Senior Program Manager, Windows Servicing and Delivery. As a follow-up to our announcement regarding TLS 1.2 support at Microsoft we are announcing that support for TLS1.1/TLS 1.2 on Windows Server 2008 is now available for download as of July 18th, 2017. We’re offering this support in recognition that our customers have a strong demand for support for these newer protocols in their environment … Read more »

A commitment to security and transparency at Microsoft Inspire 2017

Microsoft Inspire (formerly Worldwide Partner Conference) gathered 16,000 attendees from around the world last week in Washington DC. At the event, Microsoft reaffirmed its commitment to its partners and its mission to “empower people to be more productive”. To kick off an exciting week, CEO Satya Nadella made five major announcements during the first vision keynote, including the introduction of Microsoft 365. Commitment to security and transparency During the vision … Read more »

Holistic security strategy: how greater integration improves detection and response time

Today’s attackers have moved beyond “smash and grab” tactics to more sophisticated methods intended to maintain a long-term presence. These evolving threats complicate detection efforts as many organizations have variety of point solutions that make it difficult to effectively detect advanced threats and attack campaigns. Piecemeal approaches create challenges and might hamper security. Each new solution deploys unique vendor-specific dashboards, consoles, and logs that don’t always integrate well. Because of … Read more »