Microsoft security overhaul offers blueprint for SecOps | TechTarget

23, nearly a year after Microsoft kicked off the initiative in response to a scathing report from the U.S. Department of Homeland Security's Cyber Safety Review Board about a "cascade of security failures" that led to a breach of email systems affecting 22 organizations, including the federal government. The SFI progress report highlights broad changes to Microsoft security programs from identity and access management to secrets management, network and software supply chain security as well as bringing production systems up to date with zero-trust security practices. In this episode of IT Ops Query Season 2: The State of SecOps, Melinda Marks, cybersecurity practice director for TechTarget's Enterprise Strategy Group, discusses key takeaways from Microsoft's first Secure Future Initiative (SFI) progress report. Much of the first SFI progress report details how Microsoft inventoried its IT infrastructure, rooted out and cut off access to unused accounts and legacy resources, and brought hundreds of thousands of resources secured using an outdated API up to date. The good news is that evolving cloud security tools that tie together various aspects of cloud and app security into a single view of the application lifecycle can potentially help this collaboration, according to Marks. Better late than never: Microsoft lags major cloud competitors in making security a top priority. As with Microsoft, SecOps practices at many enterprises must evolve in an age of regulatory scrutiny to become more efficient and collaborative while maintaining visibility and control, Marks said. Microsoft security was found wanting by the federal government last year. Microsoft has more than 1.5 billion users, including more than 300 million paid subscribers to Microsoft 365, 100 million developers using GitHub and millions of users of its Azure cloud services.

This Cyber News was published on www.techtarget.com. Publication date: Thu, 03 Oct 2024 19:13:05 +0000


Cyber News related to Microsoft security overhaul offers blueprint for SecOps | TechTarget

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Microsoft security overhaul offers blueprint for SecOps | TechTarget - 23, nearly a year after Microsoft kicked off the initiative in response to a scathing report from the U.S. Department of Homeland Security's Cyber Safety Review Board about a "cascade of security failures" that led to a breach of email systems ...
2 months ago Techtarget.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
1 year ago Microsoft.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
Best Network Security Providers for Healthcare - The exponential growth of Electronic Health records, telemedicine, and interconnected medical devices creates a complex healthcare ecosystem demanding robust network security. Network security providers specializing in healthcare offer a ...
7 months ago Cybersecuritynews.com
Meet the new CloudGuard: Risk Management in Action - Security teams need to plan the measures taken to reduce the harmful effects of a CVE, to ensure that the applications they are managing remain secure while business availability is not affected, and developers can continue with their day-to-day ...
1 year ago Blog.checkpoint.com
Building Core Capabilities to Modernize SecOps for Cloud - In our first post, we highlighted the top ways the cloud impacts security operations, but we stayed at a high level and largely avoided getting into specific mechanics. Diving a little deeper, some additional characteristics of the cloud directly ...
11 months ago Securityboulevard.com
Microsoft SFI progress report elicits cautious optimism | TechTarget - "After a year, it looks like Microsoft has made some smart and substantive initial progress in elevating security across the whole organization: investment in security-focused head count, inclusion of security into performance reports across the ...
2 months ago Techtarget.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
2 months ago Helpnetsecurity.com
​​Microsoft named as a Leader in three IDC MarketScapes for Modern Endpoint Security 2024 - With these security concerns top of mind, there is no surprise that in the last five years, the Modern Endpoint Security market has nearly tripled in size to defend against emerging, sophisticated, and persistent threats. Microsoft Defender for ...
9 months ago Techcommunity.microsoft.com
New Stellar Cyber Alliance to Deliver Email Security for SecOps Teams - Stellar Cyber, a Double Platinum 'ASTORS' Award Champion in the 2023 Homeland Security Awards Program, and the innovator of Open XDR has entered inao a new partnership with Proofpoint, a leading cybersecurity and compliance company. Through this ...
10 months ago Americansecuritytoday.com
Microsoft is a Leader in the 2024 Gartner® Magic Quadrant™ for Security Information and Event Management​​ - We are pleased to announce that Microsoft has been recognized as a Leader in the Gartner® Magic Quadrant™ for Security Information and Event Management. 1 We believe our position in the Leaders quadrant validates our vision and continued ...
7 months ago Microsoft.com
Generative AI Takes on SIEM - With more vendors adding support for generative AI to their platforms and products, life for security analysts seems to be getting deceptively easier. While adding generative AI capabilities to security information and event management is still in ...
1 year ago Darkreading.com
New Microsoft Incident Response guides help security teams analyze suspicious activity - Today Microsoft Incident Response are proud to introduce two one-page guides to help security teams investigate suspicious activity in Microsoft 365 and Microsoft Entra. These guides contain the artifacts that Microsoft Incident Response hunts for ...
11 months ago Microsoft.com
CVE-2021-2103 - Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated ...
8 months ago
CVE-2021-2104 - Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated ...
8 months ago
CVE-2021-2102 - Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated ...
8 months ago
CVE-2024-20942 - Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: LOV). Supported versions that are affected are 11.5, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker ...
11 months ago
CVE-2024-21046 - Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with ...
8 months ago Tenable.com
CVE-2024-21045 - Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with ...
8 months ago Tenable.com
CVE-2024-21044 - Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with ...
8 months ago Tenable.com
CVE-2024-21043 - Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with ...
8 months ago Tenable.com
CVE-2024-21042 - Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with ...
8 months ago Tenable.com
CVE-2024-21041 - Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with ...
8 months ago Tenable.com
CVE-2024-21040 - Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle E-Business Suite (component: LOV). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with ...
8 months ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)