Security
Navigate Microsoft’s comprehensive security landscape. From identity management to threat protection, discover the tools and practices that keep your organization secure.
News
Latest Microsoft security news and product updates.
Blogs
Curated blog posts about Microsoft security solutions and best practices.
Videos
Educational videos covering Microsoft security services and tutorials.
Community
Community discussions about Microsoft security.
Latest of everything
Open Source Benchmarking Tool to Measure AI for Cybersecuritystclarke highlights Microsoft’s release of an open source benchmarking tool designed to assess AI performance in cybersecurity scenarios, focusing on the reasoning and defense capabilities of modern AI solutions.
Microsoft News
2025-10-16
VS Code Marketplace Secret Leaks Highlight Risks in Extensions and AI ConfigurationsJeff Burt provides an in-depth report on Wiz’s investigation into a major secrets leak in VS Code extension marketplaces, exposing critical risks for Microsoft developers and AI tool users.
DevOps Blog
2025-10-15
Hardening Customer Support Tools Against Cyberattacks: Microsoft’s ApproachRaji Dani, Microsoft’s Deputy CISO, shares actionable insights on securing customer support systems, focusing on identity management, least-privilege principles, and proactive monitoring, with adaptable guidance suitable for any organization’s security...
Microsoft Security Blog
2025-10-15
Survey Reveals Rapid AI Adoption to Strengthen DevSecOps PracticesMike Vizard summarizes a Fastly survey showing rapid AI adoption for DevSecOps, detailing the integration level, trust factors, and challenges as organizations automate application security.
DevOps Blog
2025-10-15
Customer-Managed Keys for Microsoft Fabric Workspaces Now Generally AvailableMicrosoft Fabric Blog announces the general availability of customer-managed keys for Fabric workspaces, giving administrators enhanced encryption control. This update allows organizations to secure their data at rest using Azure...
Microsoft Fabric Blog
2025-10-15
Customer-Managed Keys Now Available for Fabric Warehouse and SQL Analytics EndpointMicrosoft Fabric Blog details the introduction of Customer-Managed Keys for Fabric Warehouse and SQL Analytics Endpoint, empowering organizations to enhance security and compliance through Azure Key Vault integration.
Microsoft Fabric Blog
2025-10-15
How Microsoft is Addressing Digital Sovereignty in SwitzerlandThomas Maurer details how Microsoft is helping Swiss organizations achieve digital sovereignty, highlighting cloud region options, compliance features, and secure multi-cloud management for technical stakeholders.
Thomas Maurer's Blog
2025-10-15
.NET and .NET Framework October 2025 Servicing Updates: Security Fixes and Release DetailsTara Overfield and Victor Israel-Bolarinwa provide a thorough overview of the October 2025 .NET and .NET Framework servicing updates, highlighting key security patches and release details.
Microsoft .NET Blog
2025-10-15
Windows 10 Extended Security Updates for Azure Virtual Desktopivaylo_ivanov explains how Azure Virtual Desktop customers can handle Windows 10’s end of support and leverage Extended Security Updates (ESU) for ongoing security and compliance in session host environments.
Microsoft Tech Community
2025-10-15
Open Source Friday: Archestra – Secure Platform for Enterprise Agents with MCPGitHub presents a session on Archestra, guiding viewers through securely deploying and orchestrating enterprise AI agents with MCP. The video demonstrates security strategies and collaborative development using open-source tools.
GitHub YouTube
2025-10-14
CodeQL Adds Rust and Build-Free C/C++ Scanning in General AvailabilityAllison details GitHub’s release of CodeQL support for Rust and build-free C/C++ scanning, enabling faster, more accessible security analysis for developers.
The GitHub Blog
2025-10-14
Oracle Database@Azure Advances at Oracle AI World 2025: Integration, AI, and Security EnhancementsKalyanKaki explores significant enhancements to Oracle Database@Azure announced at Oracle AI World 2025, focusing on AI-driven data integration, new security capabilities, automation tools, and expanded global availability.
Microsoft Tech Community
2025-10-14
New Features and Global Expansion for Oracle Database@Azure: Unlocking Hybrid Data and AI InnovationBrett Tanzer explores the latest Oracle Database@Azure updates, featuring global region expansion, advanced AI-ready and security features, deep Microsoft integrations, and new migration resources for enterprise innovation.
The Azure Blog
2025-10-14
GitHub Enterprise Server 3.18 Release OverviewAllison reviews the key updates in GitHub Enterprise Server 3.18, highlighting new tools for deployment, monitoring, security, and project management for enterprise teams.
The GitHub Blog
2025-10-14
Announcing the .NET Security GroupJamshed Damkewala details the launch of the .NET Security Group, where organizations can work directly with Microsoft to distribute .NET security patches and receive early CVE information.
Microsoft .NET Blog
2025-10-14
ExCyTIn-Bench: Benchmarking AI Performance in Cybersecurity InvestigationsAnand Mudgerikar presents ExCyTIn-Bench, Microsoft’s open-source framework for evaluating AI systems in complex cybersecurity investigations, combining Azure SOC simulations and Sentinel logs for advanced, actionable model benchmarking.
Microsoft Security Blog
2025-10-14
Modernizing Authentication for Legacy Visual Studio ClientsAngel Wong outlines key security improvements and modernization efforts for legacy Visual Studio client authentication, urging developers to upgrade to supported tools to ensure continued secure access.
Microsoft DevOps Blog
2025-10-14
Dependabot Alerts API Deprecates Offset-Based Pagination ParametersAllison explains GitHub’s transition to cursor-based pagination for Dependabot alerts REST API endpoints, highlighting changes and implications for developers working with supply chain security.
The GitHub Blog
2025-10-14
Establishing Visibility and Governance for Your Software Supply ChainParth Patel explores modern strategies to secure software supply chains through asset visibility, governance practices, and automation, highlighting best practices such as using SBOMs, enforcing policies, and leveraging runtime analysis....
DevOps Blog
2025-10-14
Why 'Shift Left' Alone Isn't Enough: Embedding Security Across Software DeliveryJulian Browne examines the limitations of ‘shift left’ as a security mantra, advocating instead for embedding security continuously across the software delivery lifecycle for real-world resilience.
DevOps Blog
2025-10-14
Microsoft Advances Open-Source Infrastructure for Frontier-Scale AIRani Borkar and Saurabh Dighe report on Microsoft’s work driving open-source standards for AI infrastructure, covering power, cooling, security, sustainability, and large-scale operations in partnership with the Open Compute Project...
The Azure Blog
2025-10-14
Next Generation HXU: Doubling Cooling Power for the AI Eraandy_reg introduces Microsoft’s next-generation HXU, a heat exchanger unit that doubles cooling capacity for AI-ready datacenters, with features ensuring reliability, scalability, and cyber resilience.
Microsoft Tech Community
2025-10-14
Caliptra 2.1: Advancing Open-Source Silicon Root of Trust for Data ProtectionBryankel presents Caliptra 2.1, Microsoft’s open-source silicon Root of Trust subsystem, detailing its quantum-resilient cryptography and integration with Azure’s security architecture, aiming to advance industry-wide device security.
Microsoft Tech Community
2025-10-14
Building a Security-First Culture at Microsoft: Strategies and Best Practicesstclarke reports on how Microsoft embeds security at every organizational level, detailing practices from training and engineering to leadership accountability under the Secure Future Initiative. Key learning resources and actionable...
Microsoft News
2025-10-13
Gain End-to-End Visibility into Data Activity Using OneLake DiagnosticsMicrosoft Fabric Blog introduces the general availability of OneLake diagnostics, empowering organizations with comprehensive visibility into data activity and governance across Fabric workspaces. Authored by the Microsoft Fabric Blog team....
Microsoft Fabric Blog
2025-10-13
Extending Outbound Access Protection to Fabric Warehouse and SQL Analytics EndpointMicrosoft Fabric Blog explains how Outbound Access Protection is now available for Fabric Warehouse and SQL Analytics Endpoint, enabling organizations to secure analytics workloads by restricting outbound connections to only...
Microsoft Fabric Blog
2025-10-13
Efficient End-to-End Encryption for Git Services: Enhancing DevOps SecurityTom Smith delves into the latest research on securing Git repositories with efficient end-to-end encryption, outlining benefits and challenges for DevOps teams seeking stronger repository protection.
DevOps Blog
2025-10-13
Building an Azure Enterprise-Scale Landing Zone: Foundation for Cloud GovernanceDellenny explains how to establish a robust, future-ready Azure foundation with Enterprise-Scale Landing Zones, highlighting essential practices and tools for security, governance, and scalable cloud operations.
Dellenny's Blog
2025-10-12
Replicating VMware Workloads to Azure with Azure Site Recovery for Disaster RecoveryADEDAYO1880 seeks guidance on replicating VMware workloads to Azure using Azure Site Recovery, covering database replication, application server strategies, security integration, backup practices, and DR tests.
Microsoft Tech Community
2025-10-11
Announcing Resource-Scope Query for Azure Monitor WorkspacesTyler_Kight announces the public preview of resource-scope query for Azure Monitor Workspaces, detailing how it streamlines observability, access controls, and aligns metric querying with Azure-native experiences.
Microsoft Tech Community
2025-10-10
CodeQL 2.23.2 Adds Rust Security Detections and Enhanced Language SupportAllison reports on the CodeQL 2.23.2 release, detailing important new security queries for Rust, advanced data flow tracking, and improvements to code scanning accuracy across multiple languages.
The GitHub Blog
2025-10-10