Navigate Microsoft's comprehensive security landscape. From identity management to threat protection, discover the tools and practices that keep your organization secure.
News
Latest Microsoft security news and product updates.
Blogs
Curated blogs about Microsoft security solutions and best practices.
Videos
Educational videos covering Microsoft security services and tutorials.
Community
Community discussions about Microsoft security.
Latest of everything
Azure File Sync: Azure Arc Integration, Additional Regions, and Secure Syncinggrace_kim details new Azure File Sync capabilities, focusing on Azure Arc integration, regional expansion, and secure onboarding with managed identities—key for IT and DevOps teams modernizing enterprise file services.
Microsoft Tech Community
2026-01-16
Public Preview: User Delegation SAS for Azure Tables, Files, and Queuesellievail announces the public preview of user delegation SAS for Azure Tables, Files, and Queues, highlighting new security features for delegated access via Entra ID and Azure RBAC.
Microsoft Tech Community
2026-01-16
GitHub Secret Scanning: Automatic Extended Metadata Checks for SecurityAllison reports on GitHub’s upcoming automatic enablement of extended metadata checks in secret scanning, bringing improved context to security alerts for more effective remediation.
The GitHub Blog
2026-01-15
When Protections Outlive Their Purpose: Managing Defense Systems at Scale on GitHubThomas Kjær Aabo shares lessons from GitHub’s experience with long-lived emergency defense rules, highlighting the importance of continuous lifecycle management and observability in large-scale platform security.
GitHub Engineering Blog
2026-01-15
Vibe Coded Applications Full of Security BlundersTim Anderson reports on Tenzai’s research led by Ori David, highlighting how applications built with ‘vibe coding’ using AI agents like Claude and Codex tend to be insecure due to...
DevClass
2026-01-15
Community-powered Security with AI: Launching the GitHub Security Lab Taskflow AgentKevin Backhouse presents the GitHub Security Lab Taskflow Agent—an open source AI-powered framework enabling collaborative, automated security research on GitHub.
The GitHub Blog
2026-01-14
Microsoft Named a Leader in IDC MarketScape for Unified AI Governance PlatformsHerain Oberoi and Don Scott share Microsoft’s recognition as a Leader in the IDC MarketScape for Unified AI Governance Platforms, highlighting practical governance, security, and responsible AI strategies for enterprises....
Microsoft Security Blog
2026-01-14
Microsoft Disrupts Global RedVDS Cybercrime-as-a-Service Platform Enabling Massive Fraudstclarke’s article covers Microsoft’s disruption of RedVDS, a cybercrime subscription service fueling large-scale fraud with disposable virtual machines and AI tools. It discusses technical methods, real-world impact, and efforts by...
Microsoft News
2026-01-14
Code Signing Windows Apps Easier and More Secure with Azure Artifact SigningTim Anderson delivers a detailed analysis of Azure Artifact Signing, Microsoft’s new service to streamline and secure code signing for Windows applications, addressing modern security requirements and developer workflows.
DevClass
2026-01-14
Encrypting Properties with System.Text.Json and a TypeInfoResolver Modifier (Part 1)Steve Gordon explains how to use System.Text.Json’s TypeInfoResolver modifier for property-level encryption in C#, outlining a practical approach to securing sensitive data that paves the way for future integration with...
Steve Gordon's Blog
2026-01-14
Inside RedVDS: Investigating How a Criminal VDS Provider Empowered Global CyberattacksMicrosoft Threat Intelligence, led by its Digital Crimes Unit, exposes the RedVDS criminal infrastructure that enabled widespread cyberattacks. The report by Microsoft Threat Intelligence offers technical insights, tracked malware tools,...
Microsoft Security Blog
2026-01-14
Cross-Region Zero Trust: Secure Power Platform Connectivity to Azure PaaS Without Public ExposureIdit_Bnaya presents a hands-on walkthrough for connecting Power Platform to Azure PaaS services across regions with strict Zero Trust principles, focusing on private network links, managed identity, custom orchestration, and...
Microsoft Tech Community
2026-01-13
Protect Sensitive Data with Azure AI Language PII RedactionMicrosoft Developer explains how Azure AI Language PII Redaction helps protect sensitive data by detecting and redacting personally identifiable information in text, documents, and transcripts.
Microsoft Developer YouTube
2026-01-13
How Microsoft Unifies Privacy and Security to Build TrustTerrell Cox, Vice President for Microsoft Security and Deputy CISO for Privacy and Policy, details Microsoft’s integrated strategy for privacy and security, offering insights into global regulatory compliance and technical...
Microsoft Security Blog
2026-01-13
GitHub Introduces Fine-Grained artifact_metadata Permission for Enhanced API Access ControlAllison presents GitHub’s new artifact_metadata permission, which enhances security and refines API access control for artifact metadata. Developers and DevOps teams must transition workflows by February 2026.
The GitHub Blog
2026-01-13
Static Egress Gateway in AKS: The Native Way to Control Multiple Outbound IPspjlewis demonstrates how to manage multiple outbound egress IPs natively in Azure Kubernetes Service using the Static Egress Gateway feature, providing clear, actionable implementation steps and security-focused considerations.
Microsoft Tech Community
2026-01-13
Granular Controls for App Access Requests in GitHub Organizations Now AvailableAllison explains new options for controlling who can request apps in GitHub organizations, enhancing security and governance for administrators managing enterprise workflows.
The GitHub Blog
2026-01-12
Secure Unique Default Hostnames Now GA for Functions and Logic AppsYutangLin outlines the GA release of Secure Unique Default Hostnames for Azure Functions and Logic Apps, highlighting key security enhancements and practical guidance for Azure cloud developers.
Microsoft Tech Community
2026-01-12
What Quantum Safe Is and Why We Need It to Stay SecureJohn Savill’s Technical Training walks through the urgent need for quantum-safe cryptography, examining how classical and quantum computing impact security and highlighting actionable steps for organizations and individuals.
John Savill's Technical Training
2026-01-12
Gain Even More Trust and Compliance with OneLake Diagnostics ImmutabilityMicrosoft Fabric Blog highlights new immutable diagnostic logs for OneLake diagnostics, enabling organizations to achieve stronger compliance and security. Authored by the Microsoft Fabric team, this post outlines technical implementation...
Microsoft Fabric Blog
2026-01-12
Identity Bindings: Simplifying Multi-Cluster Managed Identity in AKSsamcogan explains the new Identity Bindings feature in AKS, showing how it resolves the scaling and automation issues found in older Managed Identity models by using RBAC-driven authorization within Kubernetes...
Microsoft Tech Community
2026-01-12
Oracle Database@Azure Expands to West Europe and Brazil SoutheastSparshAgrawat announces the expansion of Oracle Database@Azure into the West Europe (Netherlands) and Brazil Southeast Azure regions, detailing new opportunities for AI-driven workloads, migration, compliance, and technical integration between Oracle...
Microsoft Tech Community
2026-01-08
Major Innovations in Microsoft Fabric Data Warehousing: 2025 OverviewMicrosoft Developer presents an in-depth 2025 roundup on Microsoft Fabric Data Warehousing innovations. Discover insights on clustering, security, migration, and administration enhancements from leading experts.
Microsoft Developer YouTube
2026-01-07
Introducing New Proactive Services from Microsoft Incident Response to Boost Cyber ResilienceAndrew Rapp explores how Microsoft’s new proactive Incident Response services help organizations strengthen their cyber defenses, prevent threats, and increase resilience before incidents occur.
Microsoft Security Blog
2026-01-07
Azure CycleCloud Workspace for Slurm 2025.12.01: Monitoring, Security, and HPC Enhancementsxpillons introduces key improvements in the Azure CycleCloud Workspace for Slurm 2025.12.01 release, highlighting new monitoring capabilities, security enhancements via Entra ID SSO, and expanded platform support for HPC deployments....
Microsoft Tech Community
2026-01-07
Building scalable, cost-effective real-time multiplayer games with Azure Web PubSubkevinguo shares how a game studio leveraged Azure Web PubSub to reimagine real-time multiplayer architectures, focusing on scalability, reliability, and cost-effective delivery at global scale.
Microsoft Tech Community
2026-01-07
Spoofed Phishing Emails Exploiting Routing and Protection MisconfigurationsMicrosoft Threat Intelligence investigates an uptick in phishing campaigns abusing complex mail routing and misconfigured spoof protections, detailing detection, real-world attack methods, and robust mitigation guidance.
Microsoft Security Blog
2026-01-06
Identifying Missed Alerts in Azure Kubernetes Deployments with SRE Agentdchelupati describes how gaps in Azure Monitor alert coverage became apparent during a Redis credential rotation in an AKS application, and how Azure SRE Agent and GitHub MCP integration accelerated...
Microsoft Tech Community
2026-01-06
Introducing the Microsoft Defender Experts Suite: Expert-Led Integrated Security ServicesAarti Borkar and Andrew Conway present the Microsoft Defender Experts Suite, detailing how these expert-led services empower security teams to defend against sophisticated cyberthreats and enhance operational resilience.
Microsoft Security Blog
2026-01-06
Armchair Architects: Patterns and Best Practices for Multi-Agent AI OrchestrationMicrosoft Developer brings together Uli, Eric, and David—Armchair Architects—to explore multi-agent orchestration in enterprise environments, covering patterns, frameworks, and security practices for building secure and scalable AI agent solutions.
Microsoft Developer YouTube
2026-01-06
Immersive Developer Learning with Visual Studio, .NET, Azure, and GitHub Copilot: VS Live! 2026 PreviewJim Harrer discusses the major focus areas of developer growth in 2026, emphasizing immersive events like VS Live! that feature Visual Studio 2026, .NET, Azure, and GitHub Copilot. The post...
Microsoft VisualStudio Blog
2026-01-05
Enhanced Security Governance in Microsoft Fabric: Admin Report Now in OneLake Catalog Govern TabThe Microsoft Fabric Blog explains how Fabric admins can now access enhanced security and compliance insights directly in the OneLake Catalog’s Govern tab. This update, authored by the Microsoft Fabric...
Microsoft Fabric Blog
2026-01-05
Troubleshooting gMSA Configuration Errors During Microsoft Cloud Sync InstallationCheesePizza details repeated gMSA-related errors hindering Cloud Sync setup for group writeback, sharing extensive troubleshooting and seeking advice for resolving Active Directory permission issues.
Microsoft Tech Community
2026-01-02
How SRE Agent Closes the Developer Loop: Debugging and Fixing Azure Cloud App Failures with AIdchelupati demonstrates how Azure SRE Agent, in combination with Copilot and GitHub Coding Agent, enables developers to debug, document, and automatically fix complex infrastructure bugs in Azure app deployments using...
Microsoft Tech Community
2025-12-30
Why Bugs Survive Continuous Fuzzing: Lessons from OSS-Fuzz ResearchAntonio Morales of the GitHub Security Lab delves into why bugs can persist in projects that undergo continuous fuzzing, highlighting case studies and offering a five-step workflow for better vulnerability...
The GitHub Blog
2025-12-29
Account Recovery in Microsoft Entra ID Using Government IDs and Third-Party Identity VerificationJohn Savill’s Technical Training examines Microsoft’s new Entra ID account recovery process using government-issued IDs and third-party verification, providing practical guidance and an architectural overview for Azure security practitioners.
John Savill's Technical Training
2025-12-29
Improved Dependency Submission for GitHub ActionsJesse Houwing addresses a visibility gap in GitHub Actions security when actions are pinned by SHA. The post details a workflow extension ensuring vulnerabilities are properly surfaced in the Dependency...
Jesse Houwing's Blog
2025-12-27
Securely Managing Database Connection Strings in Azure Databricks with Key Vaultbhramesh demonstrates how to use Azure Key Vault to securely retrieve database connection strings in Databricks notebooks, focusing on reducing vulnerabilities and improving workflow security.
Microsoft Tech Community
2025-12-24
Strengthening Supply Chain Security for Developers and MaintainersMadison Oliver shares practical security strategies for developers and maintainers to defend against supply chain attacks, with a focus on securing GitHub and npm workflows.
The GitHub Blog
2025-12-24
Granular Controls for GitHub App Requests Now in Public PreviewAllison details new organizational controls for GitHub and OAuth app requests, giving admins more flexibility and security through graduated policy options for managing third-party app access.
The GitHub Blog
2025-12-22
The Download: React2Shell Vulnerability, GPT 5.2 in GitHub Copilot, and Open Source NewsHosted by Christina Warren, this GitHub video covers Anthropic’s acquisition of Bun, the transition of MCP to the Linux Foundation, the React2Shell security vulnerability, the arrival of GPT 5.2 in...
GitHub YouTube
2025-12-21
Require Reviews for Dependabot Alert Dismissal with Delegated Alert Dismissal in GitHubAllison outlines the new delegated alert dismissal feature for Dependabot in GitHub, enabling required reviews before dismissing alerts to improve security governance and compliance.
The GitHub Blog
2025-12-19
Work Item Linking for GitHub Advanced Security Alerts in Azure DevOps Now AvailableLaura Jiang announces the general availability of work item linking for GitHub Advanced Security alerts in Azure DevOps, simplifying security tracking and resolution in engineering teams.
Microsoft DevOps Blog
2025-12-19
Azure Update - 19th December 2025: Service Improvements, AI, and Security NewsJohn Savill presents the Azure Update for December 19th, 2025, covering recent Azure features, security enhancements, and new AI developments. This video, infused with holiday spirit, guides you through key...
John Savill's Technical Training
2025-12-19
Building and Deploying MCP Servers with Python and AzurePamela Fox presents a detailed series on building, deploying, and securing MCP servers with Python and Azure, covering FastMCP, cloud deployment, and authentication using Microsoft Entra.
Microsoft Tech Community
2025-12-19
What's New in Microsoft Foundry: Agents, Models, and Enterprise-Grade AI (October–November 2025)Jenn Cockrell outlines the latest Microsoft Foundry enhancements, introducing powerful agent frameworks, model support, developer tools, and enterprise security features—all designed to accelerate AI innovation in the enterprise.
Microsoft AI Foundry Blog
2025-12-19
Azure Front Door: Hardening Configuration Resiliency After October OutagesAbhishek Tiwari and the Azure Networking team examine the October Azure Front Door outages, sharing lessons learned and detailing the robust technical safeguards and architecture changes now in place.
Microsoft Tech Community
2025-12-19
Azure Networking 2025: Powering Cloud Innovation and AI at Global ScaleSudha_Mahajan delivers a comprehensive overview of Azure Networking’s 2025 advancements, highlighting how Microsoft’s innovations in networking and security empower AI workloads, hybrid connectivity, and cloud-native resiliency.
Microsoft Tech Community
2025-12-19
CodeQL 2.23.7 and 2.23.8 Released: Enhanced Security Queries for Go and RustAllison details the latest CodeQL 2.23.7 and 2.23.8 releases, adding new security queries for Go and Rust, and highlighting broader improvements across languages for users of GitHub Code Scanning and...
The GitHub Blog
2025-12-19
GitHub Advanced Security Trials Expanded for Enterprise CustomersAllison reports on the broader availability of GitHub Advanced Security self-serve trials for Enterprise customers, highlighting new eligibility rules and features for code and secret protection.
The GitHub Blog
2025-12-18
GitHub Enterprise Cloud Data Residency Now Available in JapanAllison announces the general availability of GitHub Enterprise Cloud data residency in Japan, enabling organizations to store code within Japanese data centers on Microsoft Azure, supporting compliance and regional requirements....
The GitHub Blog
2025-12-18
Why Unified, AI-Ready Security Platforms Outperform Patchwork SolutionsScott Woodgate shares how a unified, AI-powered security platform from Microsoft—combining Defender, Sentinel, and Security Copilot—transforms organizational defense and boosts efficiency, as detailed in their new e-book.
Microsoft Security Blog
2025-12-18
Run Spark Job Definitions in Pipelines with Service Principal or Workspace IdentityMicrosoft Fabric Blog details how to securely orchestrate Spark job definitions in Data Factory pipelines using Service Principal or Workspace Identity authentication, providing developers with best practices for automation and...
Microsoft Fabric Blog
2025-12-18