Microsoft Support & Discussions
Free PC Help Forum microsoft products support and discussions. If you need help with Microsoft Windows, Windows Server software, Microsoft 365, Microsoft Azure or any other Microsoft product you can post here. If you want to discuss Microsoft and their line of products you can do that here also.
82,445 topics in this forum
-
Further enhancing security from Microsoft, not just for Microsoft
by Guest Todd VanderArk- 0 replies
- 0 views
Legacy infrastructure. Bolted-on security solutions. Application sprawl. Multi-cloud environments. Company data stored across devices and apps. IT and security resource constraints. Uncertainty of where and when the next attack or leak will come, including from the inside. These are just a few of the things that keep our customers up at night. When security is only as strong as your weakest link and your environments continue to expand, there’s little room for error. The challenge is real: in this incredibly complex world, you must prevent every attack, every time. Attackers must only land their exploit once. They have the upper hand. To get that control back, we must …
-
Microsoft announces new innovations in security, compliance, and identity at Ignite
by Guest Todd VanderArk- 0 replies
- 0 views
Today, at the Microsoft Ignite Conference, we’re announcing new innovations designed to help customers across their security, compliance, and identity needs. With so much going on at Ignite this week, I want to highlight the top 10 announcements: Azure Sentinel—We’re introducing new connectors in Azure Sentinel to help security analysts collect data from a variety of sources, including Zscaler, Barracuda, and Citrix. In addition, we’re releasing new hunting queries and machine learning-based detections to assist analysts in prioritizing the most important events. Insider Risk Management in Microsoft 365—We’re announcing a new insider risk management solution in Micro…
-
Improve security with a Zero Trust access model
by Guest Todd VanderArk- 0 replies
- 0 views
Zero Trust is a security model that I believe can begin to turn the tide in the cybersecurity battles. Traditional perimeter-based network security has proved insufficient because it assumes that if a user is inside the corporate perimeter, they can be trusted. We’ve learned that this isn’t true. Bad actors use methods like password spray and phishing to take advantage of a workforce that must remember too many usernames and passwords. Once behind the corporate firewall, a malicious user can often move freely, gaining higher privileges and access to sensitive data. We simply can’t trust users based on a network as the control plane. The good news is that there is a sol…
-
Gartner names Microsoft a Leader in the 2019 Cloud Access Security Broker (CASB) Magic Quadrant
by Guest Todd VanderArk- 0 replies
- 0 views
In Gartner’s third annual Magic Quadrant for Cloud Access Security Brokers (CASB), Microsoft was named a Leader based on its completeness of vision and ability to execute in the CASB market. Microsoft was also identified as strongest in execution. Gartner led the industry when they defined the term CASB in 2012. We believe their report points out a key fact for the market, that Microsoft currently has the largest customer base of all participating vendors. We believe that this, along with being ranked as a Leader, reflects our continued commitment to building the best possible solution for our customers and our goal to find innovative ways of helping them better protec…
-
Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise
by Guest Eric Avena- 0 replies
- 0 views
Microsoft Threat Experts is the managed threat hunting service within Microsoft Defender Advanced Threat Protection (ATP) that includes two capabilities: targeted attack notifications and experts on demand. Today, we are extremely excited to share that experts on demand is now generally available and gives customers direct access to real-life Microsoft threat analysts to help with their security investigations. With experts on demand, Microsoft Defender ATP customers can engage directly with Microsoft security analysts to get guidance and insights needed to better understand, prevent, and respond to complex threats in their environments. This capability was shaped t…
-
IoT security will set innovation free: Azure Sphere general availability scheduled for February 2020
by Guest Todd VanderArk- 0 replies
- 0 views
Today, at the IoT Solutions World Congress, we announced that Azure Sphere will be generally available in February of 2020. General availability will mark our readiness to fulfill our security promise at scale, and to put the power of Microsoft’s expertise to work for our customers every day—by delivering over a decade of ongoing security improvements and OS updates delivered directly to each device. Since we first introduced Azure Sphere in 2018, the IoT landscape has quickly expanded. Today, there are more connected things than people in the world: 14.2 billion in 2019, according to Gartner, and this number is expected to hit 20 billion by 2020. Although this number …
-
Time for day 2 of briefings at BlueHat Seattle!
by Guest MSRC Team- 0 replies
- 1 view
We hope you enjoyed the first day of our BlueHat briefings and the Bytes of BlueHat reception in our glamping tent (complete with toasted marshmallows). Yesterday, we learned a lot about how XboxOne hardware security has advanced the state of hardware security elsewhere, we heard some surprising correlations between vuln severity, age, and time to … Time for day 2 of briefings at BlueHat Seattle! Read More » The post Time for day 2 of briefings at BlueHat Seattle! appeared first on Microsoft Security Response Center. Continue reading...
-
-
- FPCH Admin
- 0 replies
- 1 view
We hope you enjoyed the first day of our BlueHat briefings and the Bytes of BlueHat reception in our glamping tent (complete with toasted marshmallows). Yesterday, we learned a lot about how XboxOne hardware security has advanced the state of hardware security elsewhere, we heard some surprising correlations between vuln severity, age, and time to fix, and we saw applications for machine learning for malware detection—as well as some of the attack surface for machine learning and how to protect it.
Last reply by Cloaked, -
-
Welcome to the second stage of BlueHat!
by Guest MSRC Team- 0 replies
- 1 view
We’ve finished two incredible days of security trainings at the Living Computer Museum in Seattle. Now it’s time for the second part of BlueHat: the briefings at ShowBox SoDo. We’ve got a big day planned, so head on down. Please join us for breakfast (we have doughnuts! and bacon! and cereal!) when the doors open … Welcome to the second stage of BlueHat! Read More » The post Welcome to the second stage of BlueHat! appeared first on Microsoft Security Response Center. Continue reading...
-
-
- FPCH Admin
- 0 replies
- 1 view
We’ve finished two incredible days of security trainings at the Living Computer Museum in Seattle. Now it’s time for the second part of BlueHat: the briefings at ShowBox SoDo. We’ve got a big day planned, so head on down. Please join us for breakfast (we have doughnuts! and bacon! and cereal!
Last reply by Cloaked, -
-
Traditional perimeter-based network defense is obsolete—transform to a Zero Trust model
by Guest Todd VanderArk- 0 replies
- 0 views
Digital transformation has made the traditional perimeter-based network defense obsolete. Your employees and partners expect to be able to collaborate and access organizational resources from anywhere, on virtually any device, without impacting their productivity. Customers expect personalized experiences that demonstrate you understand them and can adapt quickly to their evolving interests. Companies need to be able to move with agility, adapting quickly to changing market conditions and take advantage of new opportunities. Companies embracing this change are thriving, leaving those who don’t in their wake. As organizations drive their digital transformation efforts, …
-
Microsoft Identity Bounty Improvements
by Guest MSRC Team- 0 replies
- 0 views
Sharing the latest updates to the Microsoft Identity Bounty Program The post Microsoft Identity Bounty Improvements appeared first on Microsoft Security Response Center. Continue reading...
-
-
- FPCH Admin
- 0 replies
- 1 view
Microsoft is continually improving our existing bounty programs. Today we’re happy to share the latest updates to the Microsoft Identity Bounty. Originally launched in July 2018, the Microsoft Identity bounty program has helped build a partnership with the security research community to improve the security of customer and enterprise identity solutions across Azure, Windows, and OpenID standards.
Last reply by Cloaked, -
-
Microsoft and partners design new device security requirements to protect against targeted firmware attacks
by Guest Eric Avena- 0 replies
- 0 views
Recent developments in security research and real-world attacks demonstrate that as more protections are proactively built into the OS and in connected services, attackers are looking for other avenues of exploitation with firmware emerging as a top target. In the last three years alone, NIST’s National Vulnerability Database has shown nearly a five-fold increase in the number of firmware vulnerabilities discovered. To combat threats specifically targeted at the firmware and operating system levels, we’re announcing a new initiative we’ve been working on with partners to design what we call Secured-core PCs. These devices, created in partnership with our PC manufacturi…
-
Introducing the ElectionGuard Bounty program
by Guest MSRC Team- 0 replies
- 0 views
Announcing the new ElectionGuard Bounty program The post Introducing the ElectionGuard Bounty program appeared first on Microsoft Security Response Center. Continue reading...
-
Best practices for adding layered security to Azure security with Check Point’s CloudGuard IaaS
by Guest Todd VanderArk- 0 replies
- 0 views
The cloud is changing the way we build and deploy applications. Most enterprises will benefit from the cloud’s many advantages through hybrid, multi, or standalone cloud architectures. A recent report showed that 42 percent of companies have a multi-cloud deployment strategy. The advantages of the cloud include flexibility, converting large upfront infrastructure investments to smaller monthly bills (for example, the CAPEX to OPEX shift), agility, scalability, the capability to run applications and workloads at high speed, as well as high levels of reliability and availability. However, cloud security is often an afterthought in this process. Some worry that it may …
-
-
- FPCH Admin
- 0 replies
- 1 view
Today we are launching the [ElectionGuard Bounty program](«http://www.microsoft.com/msrc/bounty-electionguard> >). In May 2019, we announced the release of ElectionGuard, a free open-source SDK to make voting more secure, transparent, and accessible. ElectionGuard enables end-to-end verification of elections, open results to third-party organizations for secure validation, and allows individual voters to confirm their votes were correctly counted.
Last reply by Cloaked, -
-
Announcing the Security Researcher Quarterly Leaderboard
by Guest MSRC Team- 0 replies
- 0 views
Right before Black Hat USA 2019, we announced our new researcher recognition program, and at Black Hat we announced the top researchers from the previous twelve months. Since it’s easier to track your progress with regular updates than with just an annual report, we are excited to announce the MSRC Q3 2019 Security Researcher Leaderboard, … Announcing the Security Researcher Quarterly Leaderboard Read More » The post Announcing the Security Researcher Quarterly Leaderboard appeared first on Microsoft Security Response Center. Continue reading...
-
-
- FPCH Admin
- 0 replies
- 1 view
Right before Black Hat USA 2019, we announced our new researcher recognition program, and at Black Hat we announced the top researchers from the previous twelve months. Since it’s easier to track your progress with regular updates than with just an annual report, we are excited to
Last reply by Cloaked, -
-
All you need to know about Windows Server at Ignite 2019
by Guest Microsoft Windows Server Team- 0 replies
- 0 views
Ready, set, go! The Windows Server team is ready to make sure you are set up for success at Microsoft Ignite 2019. Our experts are busy preparing technical content for breakout sessions, theater sessions and hands-on-workshops. Youll find the schedule to plan your attendance below. We might even challenge you to a game of bowling or cornhole, if youre up for it! Thats right, youve guessed it, aside from all the great product and feature updates at the conference, were also going to have an awesome customer appreciation party on Tuesday evening, November 5, 2019. Visit the Windows Server booths to find out how to register. So, what else is going on with Windows Serve…
-
An intern’s experience with Rust
by Guest MSRC Team- 0 replies
- 0 views
Over the course of my internship at the Microsoft Security Response Center (MSRC), I worked on the safe systems programming languages (SSPL) team to promote safer languages for systems programming where runtime overhead is important, as outlined in this blog. My job was to port a security critical network processing agent into Rust to eliminate … An intern’s experience with Rust Read More » The post An intern’s experience with Rust appeared first on Microsoft Security Response Center. Continue reading...
-
Top 6 email security best practices to protect against phishing attacks and business email compromise
by Guest Eric Avena- 0 replies
- 0 views
Most cyberattacks start over email—a user is tricked into opening a malicious attachment, or into clicking a malicious link and divulging credentials, or into responding with confidential data. Attackers dupe victims by using carefully crafted emails to build a false sense of trust and/or urgency. And they use a variety of techniques to do this—spoofing trusted domains or brands, impersonating known users, using previously compromised contacts to launch campaigns and/or using compelling but malicious content in the email. In the context of an organization or business, every user is a target and, if compromised, a conduit for a potential breach that could prove very costly…
-
Guarding against supply chain attacks—Part 1: The big picture
by Guest Todd VanderArk- 0 replies
- 0 views
Every day, somewhere in the world, governments, businesses, educational organizations, and individuals are hacked. Precious data is stolen or held for ransom, and the wheels of “business-as-usual” grind to a halt. These criminal acts are expected to cost more than $2 trillion in 2019, a four-fold increase in just four years. The seeds that bloom into these business disasters are often planted in both hardware and software systems created in various steps of your supply chain, propagated by bad actors and out-of-date business practices. These compromises in the safety and integrity of your supply chain can threaten the success of your business, no matter the size of you…
-
-
- FPCH Admin
- 0 replies
- 1 view
Over the course of my internship at the Microsoft Security Response Center (MSRC), I worked on the safe systems programming languages (SSPL) team to promote safer languages for systems programming where runtime overhead is important, as outlined in this blog. My job was to port a security critical network processing agent into Rust to eliminate the memory safety bugs that had plagued it.
Last reply by Cloaked, -
-
Microsoft’s 4 principals for an effective security operations center
by Guest Todd VanderArk- 0 replies
- 0 views
The Microsoft Cyber Defense Operations Center (CDOC) fields trillions of security signals every day. How do we identify and respond to the right threats? One thing that won’t surprise you: we leverage artificial intelligence (AI), machine learning, and automation to narrow the focus. But technology is not enough. Our people, culture, and process are just as critical. You may not have trillions of signals to manage, but I bet you will still get a lot of value from a behind-the-scenes look at the CDOC. Even the small companies that I’ve worked with have improved the effectiveness of their security operations centers (SOCs) based on learnings from Microsoft. Watch the …