NewsBlogsVideosCommunity

Security

Navigate Microsoft’s comprehensive security landscape. From identity management to threat protection, discover the tools and practices that keep your organization secure.

News Latest Microsoft security news and product updates.
Blogs Curated blog posts about Microsoft security solutions and best practices.
Videos Educational videos covering Microsoft security services and tutorials.
Community Community discussions about Microsoft security from Reddit and other platforms.

Latest of everything

Why Human Oversight Remains Essential in an AI-Driven DevOps LandscapeAlan Shimel discusses the critical need for human oversight in AI-driven DevOps environments, emphasizing collaboration models and the risks of unchecked automation.
DevOps Blog 2025-08-18
What is GitHub Secret Protection? | GitHub ExplainedIn this GitHub video, developers will learn from the GitHub team about secret protection features, including real-time scanning on every push and Copilot-assisted non-standard password detection.
GitHub YouTube 2025-08-17
Step-by-Step Guide for Migrating Windows Server 2012 R2 Domain Controllers to Server 2022Saad_Farooq presents a detailed scope for migrating Active Directory from Windows Server 2012 R2 to Server 2022, discussing domain controller upgrades, FSMO transfer, certificate authority, and DHCP migration in a...
Microsoft Tech Community 2025-08-17
September 2025: Microsoft Hero Event Calendarsaeid-dahl shares the September 2025 Microsoft Hero event calendar, highlighting multiple expert sessions on Azure, AI, and security topics for developers and IT professionals.
Microsoft Tech Community 2025-08-16
Microsoft Security Exposure Management Ninja TrainingYuriDiogenes compiles a comprehensive set of resources and structured learning modules to guide users from foundational knowledge to advanced implementation of Microsoft Security Exposure Management (MSEM).
Microsoft Tech Community 2025-08-15
Microsoft Defender Experts Ninja Hub: Resources for XDR and Threat Huntinghenryyan compiles a wealth of resources in the Microsoft Defender Experts Ninja Hub, offering technical guides, videos, podcasts, and blogs for professionals seeking to implement and optimize Defender Experts XDR...
Microsoft Tech Community 2025-08-15
GitHub Actions Policy Adds Blocking and SHA Pinning for Enhanced SecurityAllison outlines recent improvements to GitHub Actions policies, focusing on blocking vulnerable actions and enforcing SHA pinning to enhance repository and workflow security.
The GitHub Blog 2025-08-15
Using Entra ID Authentication with Arc-Enabled SQL Server in a .NET Windows Forms Applicationjpigott details how developers can use Microsoft Entra ID authentication with Arc-enabled SQL Server in a .NET Windows Forms application, focusing on token management, secure connections, and MSAL integration.
Microsoft Tech Community 2025-08-15
Gpresult-Like Tool for Intune Policy TroubleshootingJonas Ohmsen presents a PowerShell module called IntuneDebug aimed at simplifying Microsoft Intune policy troubleshooting for Windows devices, with step-by-step usage details and reporting techniques.
Microsoft Tech Community 2025-08-15
Expanding Global Reach and Enhanced Observability with Oracle Database@Azurebhbandam, co-authoring with Jeni Mattson, outlines new global regions and advanced monitoring capabilities for Oracle Database@Azure, showcasing how Azure Monitor and Microsoft Sentinel enhance operational visibility and security for enterprise...
Microsoft Tech Community 2025-08-15
CodeQL Expands Support for Kotlin and Improves Static Analysis AccuracyAllison reports on recent updates to CodeQL, featuring expanded Kotlin support, enhanced Rust analysis, and improved query accuracy for JavaScript and React, ensuring better static analysis and security scanning for...
The GitHub Blog 2025-08-14
Investigating Microsoft 365 Copilot Activity with Sentinel, Defender XDR, and Purview DSPM for AI SecuritySafeena Begum Lepakshi details how to leverage Microsoft Sentinel, Defender XDR, and Purview’s DSPM for AI to investigate and secure Microsoft 365 Copilot activities, providing actionable steps for security operations...
Microsoft Tech Community 2025-08-14
Announcing Public Preview of the Terraform MSGraph Provider and Microsoft Terraform VSCode Extensionstevenjma introduces the public preview of the Terraform MSGraph provider and the official Microsoft Terraform VSCode extension, empowering practitioners to automate Microsoft cloud resource management and streamline Infrastructure-as-Code workflows.
Microsoft Tech Community 2025-08-14
How Microsoft Defender Experts Uses AI to Cut Through the NoiseShailyGoel explains how Microsoft Defender Experts integrates AI to filter security noise and focus incident response, using expert-trained classification models within Microsoft’s managed XDR services.
Microsoft Tech Community 2025-08-14
Troubleshooting OAuth2 API Token Retrieval with ADF Web ActivityAzureNewbie1 explains their attempts to obtain an OAuth2 access token for the iLevel API using Azure Data Factory, highlighting issues with client_id/client_secret usage and missing Authorization headers.
Microsoft Tech Community 2025-08-14
How Microsoft Defender Uses AI to Detect Exposed Credentials in Identity SystemsTal_Guetta explores how Microsoft Defender for Identity leverages AI-driven intelligence to detect and mitigate exposed credentials in Active Directory, offering proactive security posture management for organizations.
Microsoft Tech Community 2025-08-14
The Future of Web Development with ASP.NET Core & Blazor in .NET 10In this video, the .NET team showcases new features coming to ASP.NET Core and Blazor in .NET 10. Learn from dotnet about building secure, AI-powered web applications and advancing your...
DotNet YouTube 2025-08-14
Queensland Government Enhances Cybersecurity for Vulnerable Communities with Microsoft 365 E5stclarke outlines the Queensland Government’s journey in transforming its cybersecurity posture by consolidating tools under Microsoft 365 E5, deploying Defender and Sentinel, and aligning with modern security practices for greater...
Microsoft News 2025-08-14
Sentry Integrates MCP Server Monitoring into APM Platform for AI WorkflowsMike Vizard outlines the technical and operational impact of Sentry’s new MCP server monitoring tool, emphasizing its importance for DevOps and AI engineering teams tasked with building, debugging, and securing...
DevOps Blog 2025-08-14
Most Organizations Face Breaches Caused by Vulnerable Code, Survey FindsMike Vizard analyzes survey findings about the widespread impact of vulnerable code on organizational security, including the challenge of AI-generated code, adoption of security tools, and the ongoing evolution of...
DevOps Blog 2025-08-14
API Gateway Pattern in Azure: Managing APIs and Routing Requests to MicroservicesDellenny provides a hands-on guide to implementing the API Gateway pattern on Azure using API Management, explaining how to route, secure, and monitor requests to microservices for robust and maintainable...
Dellenny's Blog 2025-08-14
Eclipse Foundation Publishes Toolkit to Simplify CRA ComplianceMike Vizard examines how the Eclipse Foundation’s OCCTET project enables organizations to address EU Cyber Resilience Act compliance, highlighting input from Microsoft and GitHub.
DevOps Blog 2025-08-14
Troubleshooting S/MIME Setup in Exchange Online and M365: OWA and Outlook Certificate IssuesJChristiansen provides a hands-on report documenting their S/MIME deployment experience with Exchange Online, Intune, and mixed Windows/macOS endpoints, focusing on certificate publishing and troubleshooting Outlook/OWA trust issues.
Microsoft Tech Community 2025-08-14
Red-teaming a RAG Application with Azure AI Evaluation SDKPamela Fox investigates how the Azure AI Evaluation SDK enables automated red-teaming for LLM-powered RAG apps, examining real attack scenarios and showing practical ways to evaluate and strengthen AI security....
Microsoft Tech Community 2025-08-14
GitHub Enterprise Importer Incident and IP Range Update: July 2025 Availability ReportJakub Oleksy reports on the July 2025 service disruption affecting GitHub Enterprise Importer, focusing on incident details, infrastructure changes, updated IP allow list requirements for Azure and other cloud migrations,...
The GitHub Blog 2025-08-13
GitHub MCP Server Enhances Secret Scanning and Push Protection for Public RepositoriesAllison introduces major enhancements in secret scanning and push protection for the GitHub MCP server, explaining how these features help secure public repository workflows against credential leaks and prompt injection...
The GitHub Blog 2025-08-13
Connect with the Security Community at Microsoft Ignite 2025stclarke highlights Microsoft Ignite 2025, an event tailored for security professionals and leaders to explore AI-powered security innovations, network with peers, and participate in hands-on labs and certification opportunities.
Microsoft News 2025-08-13
BitUnlocker: Leveraging Windows Recovery to Extract BitLocker SecretsAlon Leviev, along with Netanel Ben Simon from Microsoft’s STORM research team, details their investigation into newly discovered attack surfaces in Windows Recovery Environment impacting BitLocker. The post guides readers...
Microsoft Tech Community 2025-08-13
From Traditional Security to AI-Driven Cyber Resilience: Microsoft’s Approach to Securing AILouAdesida reviews Microsoft’s expanded security approach for AI, explaining how tools like Defender, Entra, and Purview are used to protect AI systems, data, and identities across modern organizations.
Microsoft Tech Community 2025-08-13
The Right Kind of AI for Infrastructure as CodeIan Amit explores how AI can be effectively applied to Infrastructure as Code, highlighting crucial gaps in current cloud security tools and explaining what attributes make AI truly valuable for...
DevOps Blog 2025-08-13
Azure Linux with OS Guard: Enhancing Container Host Security with Code Integrity and Open Source TransparencySudhanva presents a comprehensive overview of Azure Linux with OS Guard, highlighting Microsoft’s advancements in secure, immutable container hosting and the collaborative open source approach underlying these innovations.
Microsoft Tech Community 2025-08-13
Azure DevOps Improves OAuth Client Secret Security: Secrets Now Shown Only OnceAngel Wong announces an important change to how Azure DevOps handles OAuth client secrets, introducing a ‘show-once’ system to improve security and retiring the existing secret retrieval API.
Microsoft DevBlog 2025-08-13
Encryption in Microsoft Teams: How Microsoft Secures Collaboration and CommunicationWillDixon presents an in-depth guide on how Microsoft Teams uses encryption—including standard and end-to-end options—to secure sensitive data and support compliance for business communication.
Microsoft Tech Community 2025-08-13
SonarSource Research Highlights Security Risks in LLM-Generated CodeMike Vizard summarizes SonarSource’s research into AI-generated code, highlighting both the strengths and serious security pitfalls of relying on LLMs such as GPT-4o, Claude Sonnet 4, and others.
DevOps Blog 2025-08-13
SonarSource Highlights Security Risks and Code Quality Issues in LLM-Generated CodeMike Vizard summarizes SonarSource’s analysis of LLM-generated code, revealing frequent security vulnerabilities and long-term code quality issues. The article urges DevOps teams to be vigilant when leveraging AI coding tools....
DevOps Blog 2025-08-13
Microsoft Finland: Monthly Community Series for Software Companies – 2025 ConferencesEetu Roponen and Microsoft Finland present a monthly community series for software companies, sharing actionable insights and examples on leveraging Microsoft Azure, AI, agent technologies, and partner programs for growth...
Microsoft Tech Community 2025-08-13
Transactable Partner Solutions: Apptividad and CoreView in Azure MarketplaceLuxmi_Nagaraj highlights two transact-capable partner offers in Azure Marketplace, detailing Apptividad’s biometric onboarding solution and CoreView’s governance platform for Microsoft 365 environments.
Microsoft Tech Community 2025-08-13
Practical Data Protection in Microsoft 365: Sensitivity Labels, DLP, and Conditional Access for Small BusinessesDellenny breaks down how small businesses can protect data in Microsoft 365 using sensitivity labels, DLP, and conditional access, providing clear steps and real-life analogies.
Dellenny's Blog 2025-08-13
Secure Integration of Microsoft 365 with Slack, Trello, and Google ServicesDellenny explains how technical teams can securely integrate Microsoft 365 with SaaS tools like Slack, Trello, and Google Services, offering actionable advice to maintain security while enabling collaboration.
Dellenny's Blog 2025-08-13
Security Update Available for SQL Server 2022 RTM GDRHarveyMoraSQL announces the release of a security update for SQL Server 2022 RTM GDR, providing download links, vulnerability details, and essential update guidance for database administrators and security professionals.
Microsoft Tech Community 2025-08-12
Security Update Available for SQL Server 2019 RTM GDRHarveyMoraSQL announces the release of a security update for SQL Server 2019 RTM GDR, detailing the vulnerabilities addressed and providing links to official guidance and downloads.
Microsoft Tech Community 2025-08-12
Secret Scanning Expands Support: 12 New Token Validators Added to GitHubAllison reports on GitHub’s secret scanning improvements, highlighting expanded support for 12 new token types and enhanced credential validity checks to bolster repository security.
The GitHub Blog 2025-08-12
August 2025 Exchange Server Security Updates ReleasedThe_Exchange_Team explains the August 2025 Security Updates for Exchange Server, offering guidance on installation, new AMSI features, update paths, and security best practices for on-premises and hybrid Exchange environments.
Microsoft Tech Community 2025-08-12
How Dow Uses Microsoft Security Copilot and AI to Transform Cybersecurity Operationsstclarke explores how Mario Ferket and Dow have integrated Microsoft Security Copilot and AI into their cybersecurity operations, improving automation, threat detection, and analyst mentorship.
Microsoft News 2025-08-12
Azure PostgreSQL Extended Support: Stay Secure at Every Upgrade Stageandreatapia presents a detailed breakdown of Azure Database for PostgreSQL Extended Support, explaining how organizations can keep databases secure when older PostgreSQL versions reach end-of-life.
Microsoft Tech Community 2025-08-12
Secret Validity Checks Launch in GitHub Advanced Security for Azure DevOpsMichael Omokoh introduces the secret validity checks feature in GitHub Advanced Security for Azure DevOps, showing how developers and security teams can now prioritize remediation of live secrets and stay...
Microsoft DevBlog 2025-08-12
General Availability: Platform SSO for macOS with Microsoft Entra IDVeena Soman from Microsoft announces the General Availability of Platform SSO for macOS with Microsoft Entra ID, outlining security features and deployment strategies for organizations.
Microsoft Tech Community 2025-08-12
Microsoft Recognized as a Leader in the 2025 Gartner Magic Quadrant for Container ManagementSean McKenna reports on Microsoft’s continued leadership in the 2025 Gartner Magic Quadrant for Container Management. The post highlights innovations in Azure’s container portfolio, developer and operational tooling, AI workloads,...
The Azure Blog 2025-08-12
Continuous Access Evaluation (CAE) Brings Real-Time Security to Azure DevOpsAngel Wong introduces support for Continuous Access Evaluation (CAE) on Azure DevOps, discussing its impact on real-time security and the implications for developers using Microsoft Entra ID.
Microsoft DevBlog 2025-08-12
New Offerings in Azure Marketplace: July 23-31, 2025Luxmi_Nagaraj summarizes 201 new solutions now available in Azure Marketplace, with highlights spanning AI, analytics, security, backup, and cloud operations for Microsoft Azure practitioners.
Microsoft Tech Community 2025-08-12
Malware Scanning Now Available for Azure Government Secret and Top-Secret Cloudsalsteele details the general availability of malware scanning in Microsoft Defender for Storage for Azure Government Secret and Top-Secret Clouds, focusing on how this new feature helps public sector organizations...
Microsoft Tech Community 2025-08-12
Mitigating CVE-2025-53786: Hybrid Exchange Server Privilege Escalation with MDVMMotiBani explores the high-impact CVE-2025-53786 privilege escalation vulnerability in hybrid Exchange Server deployments. The article guides administrators on detection and mitigation using MDVM and modern hybrid trust practices.
Microsoft Tech Community 2025-08-12