What’s New in Microsoft Cybersecurity

 

 

Comprehensive Security Platform
Microsoft is creating a total security platform that covers all the critical points in the cloud-first, mobile-first world we are in. This platform integrates different security features through products such as Azure, Windows, Office 365 or SQL Server, among others, to better protect identities, applications, data, devices and infrastructures.

Here are some of the improvements are now included:

1. A higher degree of commercial security in Windows 10 and Surface. Windows 10, Surface Pro 3, Surface Pro 4, and Surface Book have been added to the NSA’s list of commercial solutions for CSfC classified programs. Surface also enables enterprises to appropriate, modify, block and control hardware configuration, security, and operating system behaviors through Surface Enterprise Management Mode (SEMM).

2. Microsoft’s SQL platform continues to lead the market with advanced security features for the data. The company has announced that Azure SQL Database Threat Detection will be available starting in April.

3. The general availability of Enterprise Threat Detection has also been announced, a management service that provides companies with the latest detection capabilities for cyber attacks.

4. New features for Azure Security Center and Operations Management Suite, to help organizations protect, erase, and respond to sophisticated threats through cloud resources and data centers.

5. Intelligence That Works. Office 365 Secure Score is a new scanning tool that helps IT professionals evaluate the strength of their current security settings in Office 365. Office 365 Threat Intelligence is available as a “private preview”. A preview of Office 365 Advanced Data Governance, which applies machine learning to help customers find and remove unnecessary data that may be causing risks, has also been made publicly available.

Cyber “warfare” and hackback by private companies is a hot discussion topic for its potential to fight cybercrime and promote cybersecurity. In the shadow of this provocative discussion, Microsoft has led a concerted, sustained fight against cybercriminals by using traditional legal theories and court actions to dismantle criminal networks known as botnets. This article brings focus to the role of the private sector in cybersecurity in light of the aggressive civil actions by Microsoft to address a thorny and seemingly intractable global problem. A botnet is a network of computers infected with unauthorized code that is controlled from a distance by malicious actors. The extent of botnet activity is staggering, and botnets have been called the plague of the Internet. The general public is more commonly aware of the damaging results of botnet activity rather than its operation, intrusion, or infection capabilities. Botnet activity may result in a website being unavailable due to a denial-of-service (DoS) attack, identity theft can occur because the botnet collects passwords from individual users, and bank accounts may be emptied related to botnet activity. Spam, fraud, spyware, and data breaches are all the result of botnet activity. Technical remedies for stopping botnet attacks and damages are ongoing, but technical solutions alone are inadequate. Law enforcement is active in tracking down criminal activities of botnets, yet the number and sophistication of the attackers overwhelm it. In a new development, multiple civil lawsuits by Microsoft have created the legal precedent for suing botnet operators and using existing law to dismantle botnets and decrease their global reach. This article reviews the threats created by botnets and describes the evolution of legal and technical strategies to address botnet proliferation. The distinctive aspects of each of the cases brought by Microsoft are described and analyzed and the complex questions surrounding a botnet takedown are identified. Discussion of the details of the lawsuits are important, because over a relatively short period of time, government and private sector roles have evolved considerably in the search for a methodology to deal effectively with botnets.

 

 

 

The unprecedented scale and sophistication of modern cyberthreats, combined with the rapidly disappearing IT perimeter, means that while preventing an attack from becoming a breach is ideal, it is no longer realistic.

Microsoft proactively monitors the threat landscape for those emerging threats, to help better protect our customers. This involves observing the activities of targeted activity groups across billion of machines, which are often the first ones to introduce new exploits and techniques that are later used by other attackers.

 

 

 

 

Windows 10 has the protection you need, built-in.

Windows Defender ATP is built-in to Windows 10, and provides a comprehensive post-breach solution to help security teams identify suspicious threats on your network that pre-breach solutions might miss. Windows 10 and Windows Defender Advanced Threat Protection give you the future of cybersecurity NOW.

Leave a Reply

Your email address will not be published. Required fields are marked *

*