NewsBlogsVideosCommunity

Security

Navigate Microsoft's comprehensive security landscape. From identity management to threat protection, discover the tools and practices that keep your organization secure.
News Latest Microsoft security news and product updates.
Blogs Curated blogs about Microsoft security solutions and best practices.
Videos Educational videos covering Microsoft security services and tutorials.
Community Community discussions about Microsoft security.

Latest of everything

Secure AI Adoption: Key Findings from the 2026 Microsoft Data Security Indexstclarke reviews the 2026 Microsoft Data Security Index, discussing generative AI’s impact on enterprise security, best practices for secure AI adoption, and how Microsoft’s security solutions address new data protection...
Microsoft News 2026-01-29
Kubernetes Leadership Urges Migration from Ingress NGINX Due to Security Risks and DeprecationTim Anderson outlines the Kubernetes committees’ warnings and technical reasons for the urgent migration from Ingress NGINX, detailing project deprecation, security issues, and community response.
DevClass 2026-01-29
Introducing Workspace-Level IP Firewall Rules in Microsoft Fabric (Preview)Microsoft Fabric Blog showcases the preview of workspace-level IP firewall rules, letting admins enforce IP-based inbound restrictions for enhanced and granular workspace security.
Microsoft Fabric Blog 2026-01-29
From Ingress to Gateway API: Migrating Kubernetes Edge in Azure with Application Gateway for ContainersJack Stromberg delivers a hands-on walkthrough for AKS operators transitioning from Ingress NGINX to the Gateway API using Azure Application Gateway for Containers. Practical migration steps, security posture, and tooling...
Microsoft Tech Community 2026-01-29
Inside the GitHub Secure Open Source Fund: Leveling Up OSS SecurityGitHub, with guest host Greg Cochran, spotlights maintainers from major open source projects and explores how the GitHub Secure Open Source Fund and tools like Copilot are advancing open source...
GitHub YouTube 2026-01-28
Automatic Passkey Rollout Update for Microsoft Entra IDJohn Savill’s Technical Training reviews the latest updates on automatic passkey rollout in Microsoft Entra ID, highlighting benefits, security enhancements, and what’s changing for authentication.
John Savill's Technical Training 2026-01-28
Managing Fabric Identities Limits: Tenant Control and GovernanceMicrosoft Fabric Blog details how tenant admins can now manage the maximum number of Fabric identities, with options for custom limits and programmatic control. Authored by Microsoft Fabric Blog.
Microsoft Fabric Blog 2026-01-28
How Microsoft is Empowering Frontier Transformation with Intelligence + Truststclarke shares how Microsoft’s evolving cloud and AI platforms such as Agent 365, Fabric, and Foundry IQ are empowering customers to build governed, scalable agent-based solutions—blending innovation with observability, security,...
Microsoft News 2026-01-28
2026 Microsoft Security Excellence Awards: Honoring Leaders in AI-Powered CybersecurityMaria Thomson reports on the winners of the 2026 Microsoft Security Excellence Awards, celebrating leading partners and individuals elevating innovation in AI-powered cybersecurity with Microsoft technologies.
Microsoft Security Blog 2026-01-27
Enterprise Adoption Guide: Microsoft Dev Boxsauravtyagi delivers an in-depth, actionable guide on successfully adopting Microsoft Dev Box in enterprise contexts, detailing strategies for architecture, security, operational rollout, and maximizing ROI for development teams.
Microsoft Tech Community 2026-01-27
Microsoft Fabric January 2026 Feature SummaryMicrosoft Fabric Blog presents a comprehensive overview of the January 2026 feature update, detailing enhancements in AI support, developer tooling, security, data engineering, and integration within the Microsoft Fabric platform....
Microsoft Fabric Blog 2026-01-27
Azure Arc for SQL Server: Executive Summary for Enterprise ClientsNaufalPrawironegoro provides enterprises with a step-by-step summary for implementing Azure Arc with SQL Server, focusing on hybrid and multicloud infrastructure management, compliance, and security.
Microsoft Tech Community 2026-01-27
Security Strategies for Safeguarding Governmental DataTim Langan, Deputy CISO for Government and Trust at Microsoft, explores strategies for government cyber defense, emphasizing proactive measures, cross-team collaboration, and secure development practices.
Microsoft Security Blog 2026-01-26
Building a TOTP Authenticator App on Azure Functions and Azure Key VaultStephenMS shows how to build a secure TOTP authenticator app using Azure Functions and Azure Key Vault, covering secure secret storage, API endpoints, and cloud-native best practices in authentication.
Microsoft Tech Community 2026-01-26
Securing Microsoft Copilot Studio AI Agents with Defender Runtime ProtectionThe Microsoft Defender Security Research Team shares in-depth guidance on securing Microsoft Copilot Studio AI agents at runtime, demonstrating how Defender’s real-time protection thwarts malicious prompt injections and data exfiltration...
Microsoft Security Blog 2026-01-23
How to Connect Azure SRE Agent to Azure MCPdbandaru presents a practical guide on connecting the Azure SRE Agent to Azure MCP, with step-by-step instructions for secure configuration, managed identity, and automation best practices.
Microsoft Tech Community 2026-01-23
Advanced Container Apps Networking: VNet Integration and Centralized Firewall Traffic LoggingOmid Vahedv explores how to route Azure Container Apps traffic through a centralized firewall for advanced filtering, inspection, and compliance, guiding readers through deployment and configuration best practices.
Microsoft Tech Community 2026-01-23
Securely Scaling Spark Data Engineering in Microsoft FabricIn this Data Exposed episode, Anna Hoffman and Santhosh Kumar Ravindran show how data engineers can secure and scale Spark workloads in Microsoft Fabric, harnessing features like Managed Private Endpoints...
Microsoft Developer YouTube 2026-01-22
Windows 365 for Agents: Enabling Secure AI Cloud PCsstclarke brings an in-depth look at Windows 365 for Agents, highlighting how Microsoft is evolving Cloud PC technology to securely support enterprise AI automation and agent-driven workflows.
Microsoft News 2026-01-22
Microsoft Security Success Stories: Integrating Security for AI TransformationSteve Dispensa shares how Ford, Icertis, and TriNet transformed their security operations using Microsoft Security’s integrated platform, combining Zero Trust, automation, and AI for resilience and innovation.
Microsoft Security Blog 2026-01-22
Abusing VS Code tasks.json: Security Risks from Malicious Repository ConfigurationsTim Anderson highlights how attackers weaponize VS Code’s tasks.json configuration to execute malicious code, detailing the risks for developers and the security implications.
DevClass 2026-01-22
Granular REST APIs for OneLake Security Management in Microsoft FabricMicrosoft Fabric Blog introduces granular REST APIs for OneLake security role management, empowering developers and platform teams with precise, automation-friendly controls for security and governance.
Microsoft Fabric Blog 2026-01-22
Understand How Purview Secures and Governs Your Entire Data EstateMicrosoft Developer presents an overview of how Microsoft Purview provides unified data security and governance, highlighting practical features and best practices to secure and manage organizational data.
Microsoft Developer YouTube 2026-01-22
Resurgence of Multi‑Stage AiTM Phishing and BEC Campaign Abusing SharePointMicrosoft Defender Security Research Team investigates a sophisticated AiTM phishing and BEC attack campaign leveraging SharePoint, providing in-depth insights, detection analytics, and actionable defense strategies for security practitioners.
Microsoft Security Blog 2026-01-22
Simplifying Image Signing with Notary Project and Artifact Signing (GA)YiZha shares how integrating the Notary Project with Azure Artifact Signing (GA) improves the image signing process in cloud-native applications, simplifying secure deployment workflows for teams.
Microsoft Tech Community 2026-01-22
Securing AI Agents in the Cloud: Microsoft Defender's ApproachThe Microsoft Defender Security Research Team examines security challenges arising from autonomous AI agents and demonstrates how Microsoft Defender helps secure these systems. Key strategies and posture management capabilities for...
Microsoft Security Blog 2026-01-21
Azure Verified Modules for Platform Landing Zone with Bicep Now Generally Availableztrocinski announces the general availability of Azure Verified Modules for Platform Landing Zone with Bicep, detailing its architecture, developer experience improvements, and migration plans for classic ALZ-Bicep users.
Microsoft Tech Community 2026-01-21
CodeQL 2.23.9 Release: Deprecation Notice and Update DetailsAllison reports on the release of CodeQL 2.23.9, highlighting essential information for GitHub code scanning users, including a deprecation notice for certain Kotlin versions.
The GitHub Blog 2026-01-20
Automating Security Vulnerability Triage with GitHub Security Lab Taskflow AgentMan Yue Mo demonstrates how the GitHub Security Lab Taskflow Agent, leveraging LLMs and open source taskflows, streamlines security vulnerability triage for GitHub Actions and JavaScript projects, making the process...
The GitHub Blog 2026-01-20
4 Priorities for AI-Powered Identity and Network Access Security in 2026stclarke highlights the 2026 priorities for security teams, sharing actionable guidance on AI-powered identity protection, agent management, and unified access strategies using Microsoft Entra and Defender.
Microsoft News 2026-01-20
Strengthen Your Supply Chain with GitHub Artifact Traceability and SLSA Build Level 3Allison details new ways developers can use GitHub’s artifact metadata APIs to link and analyze build artifacts, improving supply chain security and enabling production-aware alerting—with built-in integrations for Microsoft Defender...
The GitHub Blog 2026-01-20
Manage OneLake Security for Mirrored Databases in Microsoft FabricMicrosoft Fabric Blog explains how OneLake now allows fine-grained data access roles for Mirrored Databases. This upgrade helps organizations define roles at the table or folder level, enabling secure, efficient...
Microsoft Fabric Blog 2026-01-20
Migrating Application Credentials to Azure Key Vault with GitHub Copilot App Modernizationayangupta presents a comprehensive walkthrough on using GitHub Copilot app modernization to migrate application secrets and credentials to Azure Key Vault, automating secure code changes and improving cloud security.
Microsoft Tech Community 2026-01-20
Modernizing Applications by Migrating Code to Managed Identity with GitHub Copilot App ModernizationAuthored by ayangupta, this guide demonstrates how GitHub Copilot App Modernization assists developers in migrating applications to use Azure Managed Identity, automating code and configuration changes while improving security and...
Microsoft Tech Community 2026-01-20
Proactive Cloud Ops with SRE Agent: Scheduled Checks for Azure Optimizationdchelupati walks through setting up the Azure SRE Agent for proactive cloud operations, demonstrating how to automate cloud optimization across cost, security, and performance using continuous checks and integrations with...
Microsoft Tech Community 2026-01-19
Implementing Microsoft Entra On-Behalf-Of (OBO) Flow in Python MCP Servers with FastMCPPamela Fox provides an in-depth walkthrough on enabling delegated access in Python MCP servers using Microsoft Entra with the on-behalf-of flow. This technical article guides developers through secure integration steps...
Microsoft Tech Community 2026-01-19
Managing External Sharing in Microsoft 365 Without ChaosJohn Edward presents a clear and practical walkthrough for IT administrators and technical leads on managing external sharing in Microsoft 365, with a strong emphasis on balancing collaboration and security....
Dellenny's Blog 2026-01-18
Inside Octoverse 2025: Vibe Coding, Agentic AI, and Shifting Developer TrendsGitHub hosts Andrea and Kedasha chat with Jeff Luszcz in this insightful episode, unraveling the core findings from the Octoverse 2025 report. Learn how AI, Copilot, and new coding trends...
GitHub YouTube 2026-01-17
Azure File Sync: Azure Arc Integration, Additional Regions, and Secure Syncinggrace_kim details new Azure File Sync capabilities, focusing on Azure Arc integration, regional expansion, and secure onboarding with managed identities—key for IT and DevOps teams modernizing enterprise file services.
Microsoft Tech Community 2026-01-16
Public Preview: User Delegation SAS for Azure Tables, Files, and Queuesellievail announces the public preview of user delegation SAS for Azure Tables, Files, and Queues, highlighting new security features for delegated access via Entra ID and Azure RBAC.
Microsoft Tech Community 2026-01-16
GitHub Secret Scanning: Automatic Extended Metadata Checks for SecurityAllison reports on GitHub’s upcoming automatic enablement of extended metadata checks in secret scanning, bringing improved context to security alerts for more effective remediation.
The GitHub Blog 2026-01-15
When Protections Outlive Their Purpose: Managing Defense Systems at Scale on GitHubThomas Kjær Aabo shares lessons from GitHub’s experience with long-lived emergency defense rules, highlighting the importance of continuous lifecycle management and observability in large-scale platform security.
GitHub Engineering Blog 2026-01-15
Vibe Coded Applications Full of Security BlundersTim Anderson reports on Tenzai’s research led by Ori David, highlighting how applications built with ‘vibe coding’ using AI agents like Claude and Codex tend to be insecure due to...
DevClass 2026-01-15
Community-powered Security with AI: Launching the GitHub Security Lab Taskflow AgentKevin Backhouse presents the GitHub Security Lab Taskflow Agent—an open source AI-powered framework enabling collaborative, automated security research on GitHub.
The GitHub Blog 2026-01-14
Microsoft Named a Leader in IDC MarketScape for Unified AI Governance PlatformsHerain Oberoi and Don Scott share Microsoft’s recognition as a Leader in the IDC MarketScape for Unified AI Governance Platforms, highlighting practical governance, security, and responsible AI strategies for enterprises....
Microsoft Security Blog 2026-01-14
Microsoft Disrupts Global RedVDS Cybercrime-as-a-Service Platform Enabling Massive Fraudstclarke’s article covers Microsoft’s disruption of RedVDS, a cybercrime subscription service fueling large-scale fraud with disposable virtual machines and AI tools. It discusses technical methods, real-world impact, and efforts by...
Microsoft News 2026-01-14
Code Signing Windows Apps Easier and More Secure with Azure Artifact SigningTim Anderson delivers a detailed analysis of Azure Artifact Signing, Microsoft’s new service to streamline and secure code signing for Windows applications, addressing modern security requirements and developer workflows.
DevClass 2026-01-14
Encrypting Properties with System.Text.Json and a TypeInfoResolver Modifier (Part 1)Steve Gordon explains how to use System.Text.Json’s TypeInfoResolver modifier for property-level encryption in C#, outlining a practical approach to securing sensitive data that paves the way for future integration with...
Steve Gordon's Blog 2026-01-14
Inside RedVDS: Investigating How a Criminal VDS Provider Empowered Global CyberattacksMicrosoft Threat Intelligence, led by its Digital Crimes Unit, exposes the RedVDS criminal infrastructure that enabled widespread cyberattacks. The report by Microsoft Threat Intelligence offers technical insights, tracked malware tools,...
Microsoft Security Blog 2026-01-14
Cross-Region Zero Trust: Secure Power Platform Connectivity to Azure PaaS Without Public ExposureIdit_Bnaya presents a hands-on walkthrough for connecting Power Platform to Azure PaaS services across regions with strict Zero Trust principles, focusing on private network links, managed identity, custom orchestration, and...
Microsoft Tech Community 2026-01-13
Protect Sensitive Data with Azure AI Language PII RedactionMicrosoft Developer explains how Azure AI Language PII Redaction helps protect sensitive data by detecting and redacting personally identifiable information in text, documents, and transcripts.
Microsoft Developer YouTube 2026-01-13
How Microsoft Unifies Privacy and Security to Build TrustTerrell Cox, Vice President for Microsoft Security and Deputy CISO for Privacy and Policy, details Microsoft’s integrated strategy for privacy and security, offering insights into global regulatory compliance and technical...
Microsoft Security Blog 2026-01-13
GitHub Introduces Fine-Grained artifact_metadata Permission for Enhanced API Access ControlAllison presents GitHub’s new artifact_metadata permission, which enhances security and refines API access control for artifact metadata. Developers and DevOps teams must transition workflows by February 2026.
The GitHub Blog 2026-01-13
Static Egress Gateway in AKS: The Native Way to Control Multiple Outbound IPspjlewis demonstrates how to manage multiple outbound egress IPs natively in Azure Kubernetes Service using the Static Egress Gateway feature, providing clear, actionable implementation steps and security-focused considerations.
Microsoft Tech Community 2026-01-13
Granular Controls for App Access Requests in GitHub Organizations Now AvailableAllison explains new options for controlling who can request apps in GitHub organizations, enhancing security and governance for administrators managing enterprise workflows.
The GitHub Blog 2026-01-12
Secure Unique Default Hostnames Now GA for Functions and Logic AppsYutangLin outlines the GA release of Secure Unique Default Hostnames for Azure Functions and Logic Apps, highlighting key security enhancements and practical guidance for Azure cloud developers.
Microsoft Tech Community 2026-01-12
What Quantum Safe Is and Why We Need It to Stay SecureJohn Savill’s Technical Training walks through the urgent need for quantum-safe cryptography, examining how classical and quantum computing impact security and highlighting actionable steps for organizations and individuals.
John Savill's Technical Training 2026-01-12
Gain Even More Trust and Compliance with OneLake Diagnostics ImmutabilityMicrosoft Fabric Blog highlights new immutable diagnostic logs for OneLake diagnostics, enabling organizations to achieve stronger compliance and security. Authored by the Microsoft Fabric team, this post outlines technical implementation...
Microsoft Fabric Blog 2026-01-12
Identity Bindings: Simplifying Multi-Cluster Managed Identity in AKSsamcogan explains the new Identity Bindings feature in AKS, showing how it resolves the scaling and automation issues found in older Managed Identity models by using RBAC-driven authorization within Kubernetes...
Microsoft Tech Community 2026-01-12
Oracle Database@Azure Expands to West Europe and Brazil SoutheastSparshAgrawat announces the expansion of Oracle Database@Azure into the West Europe (Netherlands) and Brazil Southeast Azure regions, detailing new opportunities for AI-driven workloads, migration, compliance, and technical integration between Oracle...
Microsoft Tech Community 2026-01-08
Major Innovations in Microsoft Fabric Data Warehousing: 2025 OverviewMicrosoft Developer presents an in-depth 2025 roundup on Microsoft Fabric Data Warehousing innovations. Discover insights on clustering, security, migration, and administration enhancements from leading experts.
Microsoft Developer YouTube 2026-01-07
Introducing New Proactive Services from Microsoft Incident Response to Boost Cyber ResilienceAndrew Rapp explores how Microsoft’s new proactive Incident Response services help organizations strengthen their cyber defenses, prevent threats, and increase resilience before incidents occur.
Microsoft Security Blog 2026-01-07
Azure CycleCloud Workspace for Slurm 2025.12.01: Monitoring, Security, and HPC Enhancementsxpillons introduces key improvements in the Azure CycleCloud Workspace for Slurm 2025.12.01 release, highlighting new monitoring capabilities, security enhancements via Entra ID SSO, and expanded platform support for HPC deployments....
Microsoft Tech Community 2026-01-07
Building scalable, cost-effective real-time multiplayer games with Azure Web PubSubkevinguo shares how a game studio leveraged Azure Web PubSub to reimagine real-time multiplayer architectures, focusing on scalability, reliability, and cost-effective delivery at global scale.
Microsoft Tech Community 2026-01-07
Spoofed Phishing Emails Exploiting Routing and Protection MisconfigurationsMicrosoft Threat Intelligence investigates an uptick in phishing campaigns abusing complex mail routing and misconfigured spoof protections, detailing detection, real-world attack methods, and robust mitigation guidance.
Microsoft Security Blog 2026-01-06
Identifying Missed Alerts in Azure Kubernetes Deployments with SRE Agentdchelupati describes how gaps in Azure Monitor alert coverage became apparent during a Redis credential rotation in an AKS application, and how Azure SRE Agent and GitHub MCP integration accelerated...
Microsoft Tech Community 2026-01-06
Introducing the Microsoft Defender Experts Suite: Expert-Led Integrated Security ServicesAarti Borkar and Andrew Conway present the Microsoft Defender Experts Suite, detailing how these expert-led services empower security teams to defend against sophisticated cyberthreats and enhance operational resilience.
Microsoft Security Blog 2026-01-06
Armchair Architects: Patterns and Best Practices for Multi-Agent AI OrchestrationMicrosoft Developer brings together Uli, Eric, and David—Armchair Architects—to explore multi-agent orchestration in enterprise environments, covering patterns, frameworks, and security practices for building secure and scalable AI agent solutions.
Microsoft Developer YouTube 2026-01-06
Immersive Developer Learning with Visual Studio, .NET, Azure, and GitHub Copilot: VS Live! 2026 PreviewJim Harrer discusses the major focus areas of developer growth in 2026, emphasizing immersive events like VS Live! that feature Visual Studio 2026, .NET, Azure, and GitHub Copilot. The post...
Microsoft VisualStudio Blog 2026-01-05
Enhanced Security Governance in Microsoft Fabric: Admin Report Now in OneLake Catalog Govern TabThe Microsoft Fabric Blog explains how Fabric admins can now access enhanced security and compliance insights directly in the OneLake Catalog’s Govern tab. This update, authored by the Microsoft Fabric...
Microsoft Fabric Blog 2026-01-05
Troubleshooting gMSA Configuration Errors During Microsoft Cloud Sync InstallationCheesePizza details repeated gMSA-related errors hindering Cloud Sync setup for group writeback, sharing extensive troubleshooting and seeking advice for resolving Active Directory permission issues.
Microsoft Tech Community 2026-01-02
How SRE Agent Closes the Developer Loop: Debugging and Fixing Azure Cloud App Failures with AIdchelupati demonstrates how Azure SRE Agent, in combination with Copilot and GitHub Coding Agent, enables developers to debug, document, and automatically fix complex infrastructure bugs in Azure app deployments using...
Microsoft Tech Community 2025-12-30