Security
Navigate Microsoft’s comprehensive security landscape. From identity management to threat protection, discover the tools and practices that keep your organization secure.
News
Latest Microsoft security news and product updates.
Blogs
Curated blog posts about Microsoft security solutions and best practices.
Videos
Educational videos covering Microsoft security services and tutorials.
Community
Community discussions about Microsoft security.
Latest of everything
Azure Weekly Update – 29th August 2025John Savill presents a detailed weekly Azure update, highlighting new infrastructure, security, and AI features, and enhancements for developers and administrators across Microsoft’s cloud platform.
John Savill's Technical Training
2025-08-29
Surge in DevOps Platform Incidents: 2025 Mid-Year Analysis of GitHub, Azure DevOps, and Jira DisruptionsAlan Shimel analyzes the 2025 surge in disruptions and security incidents across DevOps platforms such as GitHub and Azure DevOps, summarizing impacts on resilience, uptime, and developer productivity.
DevOps Blog
2025-08-29
Implementing Siemens Teamcenter Simulation Process Data Management on Azure CycleCloud with SlurmSunita_AZ0708 explains how to implement Siemens Teamcenter SPDM on Azure CycleCloud with Slurm, covering secure multi-tier PLM architecture, simulation job workflow, and dynamic HPC resource management.
Microsoft Tech Community
2025-08-28
How GitHub Copilot Accelerated Secret Protection EngineeringParth Sehgal shares how the GitHub engineering team used GitHub Copilot coding agents to automate and scale secret protection, offering practical lessons for engineering teams.
The GitHub Blog
2025-08-28
Managing Your GitHub Enterprise: Policies, Copilot, and Security SettingsGitHub presents an admin-focused video on managing enterprise, organization, and repository settings, including Copilot and security management. Hosted by GitHub, this resource helps administrators streamline governance.
GitHub YouTube
2025-08-28
AI Coding Assistants Bring Security and Licensing Challenges to Embedded SystemsMike Vizard examines the results of a Black Duck Software survey revealing the rapid integration of AI coding tools into embedded systems development. He discusses the resulting security, license compliance,...
DevOps Blog
2025-08-28
Coding at the Speed of AI: Innovation, Vulnerability, and the GenAI ParadoxJohn Trest discusses how GenAI tools like GitHub Copilot are accelerating coding productivity while raising new security challenges, and provides recommendations for safe integration of AI into software development.
DevOps Blog
2025-08-28
Storm-0501’s Evolving Cloud-Based Ransomware Tactics: Microsoft Analysisstclarke provides an in-depth analysis of recent Storm-0501 attacks leveraging cloud-based ransomware techniques to compromise hybrid Microsoft environments, with actionable recommendations for security professionals.
Microsoft News
2025-08-27
Microsoft Defender Leads Modern Endpoint Security Market for Third Consecutive YearRob Lefferts reports on Microsoft Defender’s continued leadership in endpoint security, emphasizing market share growth, cross-platform capabilities, and AI-powered threat disruption.
Microsoft Security Blog
2025-08-27
Agent Factory: Top 5 Agent Observability Best Practices for Reliable AIYina Arenas shares best practices for implementing observability in AI agents, covering lifecycle evaluation, monitoring, security, and governance with Azure AI Foundry Observability.
The Azure Blog
2025-08-27
Enabling Healthcare Compliance with Microsoft Purview DLP Policies in FabricMicrosoft Fabric Blog presents a thorough overview of using Purview DLP policies to safeguard healthcare data, outlining compliance strategies and actionable steps for security administrators.
Microsoft Fabric Blog
2025-08-27
Qwiet AI Expands Microsoft DevOps and GitHub Integration for Code Vulnerability RemediationMike Vizard discusses Qwiet AI’s expanded support for Microsoft DevOps tools, focusing on AI-powered detection and automated remediation of security vulnerabilities in code.
DevOps Blog
2025-08-27
Staying on Top of Shadow AIAlexander Williams examines the increasingly common issue of shadow AI, offering DevOps and security professionals actionable strategies for managing unsanctioned AI use in organizations.
DevOps Blog
2025-08-27
Service Mesh Architecture Pattern in Azure: Managing Microservices Communication, Security, and ObservabilityDellenny discusses how Service Mesh architectures on Azure, using options like Istio and Open Service Mesh, streamline microservices communication, enhance security, and expand observability for cloud-native applications.
Dellenny's Blog
2025-08-27
GitHub Introduces Free Secret Risk Assessment Tool for OrganizationsAllison presents GitHub’s new secret risk assessment tool, enabling organizational admins to detect and analyze secret leaks across their repositories. This feature enhances security practices and supports actionable improvements.
The GitHub Blog
2025-08-26
GitHub Releases Introduce Immutability for Enhanced Supply Chain SecurityAllison reports on GitHub’s rollout of immutable releases in public preview, highlighting new supply chain security measures, tag and asset protection, and cryptographic attestations for artifact verification.
The GitHub Blog
2025-08-26
Introducing Crescent: Microsoft's Cryptographic Library for Privacy-Preserving Digital Identitystclarke explains how Crescent, a cryptographic library from Microsoft Research, provides privacy-preserving features for digital identity systems, preventing tracking and protecting user data with advanced cryptography.
Microsoft News
2025-08-26
Exploring GraphRAG: AI-Powered Graph Search for Security Data AnalysisMicrosoft Developer features Anisha Latchman demonstrating how GraphRAG leverages Azure OpenAI and advanced graph embeddings to transform security data search and analysis in this practical and insightful video.
Microsoft Developer YouTube
2025-08-26
GitHub Secret Scanning Expands with New Validators and Validity ChecksAllison outlines GitHub’s addition of over 10 new validators for secret scanning, including providers like Square and Yandex, to improve credential security for developers.
The GitHub Blog
2025-08-26
Securing and Governing Autonomous AI Agents in the EnterpriseIgor Sakhnov, Corporate Vice President and Deputy CISO for Identity at Microsoft, shares practical advice on securing and governing autonomous AI agents, highlighting new risks and governance strategies in large-scale...
Microsoft Security Blog
2025-08-26
The EU’s Cyber Resilience Act: Redefining Secure Software DevelopmentThabang Mashologu discusses the transformative impact of the EU’s Cyber Resilience Act on software development practices, outlining core security and compliance requirements for DevOps and security teams.
DevOps Blog
2025-08-26
ASP.NET Community Standup: Preventing Login Redirects for APIsIn this ASP.NET Community Standup, Daniel Roth and Stephen Halter discuss the improvements in ASP.NET Core for .NET 10 that eliminate login redirects for API endpoints. Presented by the dotnet...
DotNet YouTube
2025-08-26
Digging Into Security With Kat CosgroveArrested DevOps hosts Kat Cosgrove and Matt Stratton examine the persistent challenges of security in DevOps, blending candid advice and humor on topics from container vulnerabilities to effective patching.
Arrested DevOps
2025-08-25
Safeguarding VS Code Against Prompt Injections: Securing GitHub Copilot ChatMichael Stepankin details prompt injection vulnerabilities in the VS Code Copilot Chat extension, examining how attackers target agent tools and how the GitHub and VS Code teams have responded. The...
The GitHub Blog
2025-08-25
John Willis: The True North of DevOps and DevSecOpsAlan Shimel highlights the impact of John Willis on the DevOps and DevSecOps communities, focusing on foundational frameworks and the cultural shift required for security and collaboration.
DevOps Blog
2025-08-25
Protecting Azure Infrastructure: Defense-in-Depth from Silicon to SystemsAuthored by Mark Russinovich, Omar Khan, and Bryan Kelly, this article examines Microsoft’s holistic approach to securing Azure, covering innovations like Azure Boost, confidential computing, and root-of-trust hardware for end-to-end...
The Azure Blog
2025-08-25
System-Assigned Identity-based Access for Azure Machine Configuration Packages Now Generally Availablemutemwamasheke details the new support for System Assigned Identities to enable secure, private access to configuration packages in Azure Machine Configuration, making it easier to manage and secure VMs and...
Microsoft Tech Community
2025-08-25
Kickstart Conditional Access in Microsoft Entra: Free Starter Pack with Policies & AutomationSoaebRathod shares a practical starter pack for implementing Conditional Access in Microsoft Entra ID, complete with policy templates, PowerShell deployment scripts, and a GitHub Actions workflow for secure, automated rollout....
Microsoft Tech Community
2025-08-23
Enhancing Identity Protection with Azure Entra Security CopilotSoaebRathod highlights the real-world impact of Azure Entra Security Copilot, showing how AI-driven tools can elevate identity protection across Azure environments. Insights cover breach detection, policy recommendations, and incident response....
Microsoft Tech Community
2025-08-23
Microsoft Defender Advanced Protection Tips for Windows 11Dellenny shares advanced tips for configuring Microsoft Defender Antivirus in Windows 11, empowering users to harden their PCs against evolving security threats using built-in protection features.
Dellenny's Blog
2025-08-23