We’re excited to launch Microsoft Secure Future Initiative (SFI) patterns and practices: a new library of actionable guidance designed to help organizations implement security measures at scale. This launch marks the next step in our journey to make our SFI learnings practical for our customers, partners, and broader[…]
Read MoreDefender Experts now offers 24/7, expert-driven protection for cloud workloads, beginning with hybrid and multicloud servers in Microsoft Defender for Cloud. Additionally, third-party network signals can be used in Microsoft Defender Experts for XDR to enhance incidents for faster and more accurate detection and response. Co-authors: Henry Yan,[…]
Read More
Microsoft Dataverse continues to evolve as a foundational platform for building intelligent, secure, and scalable business solutions. We are excited to announce the public preview of Prompt Columns, a new way to embed generative AI directly into your Dataverse tables. This capability will enable dynamic business logic, context-aware[…]
Read More
In today’s AI-first world, identity and network access are the first touchpoints for enforcing least privilege and protecting against sophisticated, identity-based attacks—but for many organizations, that defense is fragmented. Siloed teams and disconnected tools create security gaps, operational inefficiencies, and a poor user experience. The Microsoft Entra Suite[…]
Read More
In today’s fast-evolving landscape, where businesses balance on-premises systems and cloud resources, identity-based cyberthreats are growing more frequent and sophisticated. The question isn’t whether an identity attack will occur—but when. The numbers are staggering: In 2024 Microsoft saw an average of more than 7,000 password attacks happen per[…]
Read More
Microsoft Threat Intelligence has uncovered a cyberespionage campaign by the Russian state actor we track as Secret Blizzard that has been targeting embassies located in Moscow using an adversary-in-the-middle (AiTM) position to deploy their custom ApolloShadow malware. ApolloShadow has the capability to install a trusted root certificate to[…]
Read More
As AI agents evolve from on-demand assistants to autonomous agents, CIOs are entering a new era of governance. Traditional governance models designed for low-code apps and automation can be reused and evolved to meet increasing demands from more capable agents, with growing industry regulations. This expanded power brings[…]
Read More
We are excited to announce the return of the Power Platform Community Conference (PPCC), taking place in Las Vegas from October 28–30, 2025. Now in its fourth year, this conference is recognized by many in the community as the leading event for low-code enthusiasts, IT leaders, developers, and[…]
Read More
Securing websites can be daunting, especially if you don’t have a background in web security. From configuring headers to monitoring web traffic anomalies, staying on top of priorities can feel overwhelming. The Security Agent (public preview) in Power Pages simplifies this process by offering AI-driven recommendations, automated scans,[…]
Read More
Microsoft Threat Intelligence has discovered a macOS vulnerability that could allow attackers to steal private data of files normally protected by Transparency, Consent, and Control (TCC), such as files in the Downloads folder, as well as caches utilized by Apple Intelligence. While similar to prior TCC bypasses like[…]
Read More