Cloud security posture management (CSPM) is being redefined as two forces collide: Cloud environments are becoming more interconnected—spanning workloads, identities, data, APIs, and development pipelines—while security […]
The Deputy CISO blog series is where Microsoft Deputy Chief Information Security Officers (CISOs) share their thoughts on what is most important in their respective domains. In this series, […]
Cloud security is shifting from visibility to contextual risk reduction, extending into the applications, APIs, and workloads where attacks actually occur. Because modern workloads are built […]
The quantum-safe timeline has changed For years, planning for post-quantum cryptography (PQC) was framed as a future problem: important, inevitable, but distant. That perspective is evolving […]
As organizations scale AI and agents across environments, security teams need protection that covers every surface. The Microsoft vision is simple: security should be ambient and […]
In this article From reading to acting Attack pattern: MCP tool poisoning in a finance workflow Mitigation and protection guidance References Learn more As enterprise deployments […]
In this article Extension overview Key indicators of malicious behavior Dynamic analysis findings Mitigation and protection guidance References Learn more Microsoft Threat Intelligence has identified a […]
In this article Attack chain overview Mitigation and protection guidance References Learn more Microsoft Threat Intelligence has identified an active multi-stage intrusion campaign targeting organizations in […]
The endpoint management category is being redefined in real time. Organizations no longer need tools that only inventory devices or enforce configuration policies; they need a […]
Cloud security is shifting from visibility to context-aware risk reduction, helping security teams understand which exposures matter most, prioritize what can be exploited, and reduce risk […]
In this article The role of infostealers: From credential theft to intrusion StealC: Infostealer for rent Amadey: Malware-as-a-service for delivery of infostealers Defending against StealC and […]