Microsoft

In today’s rapidly evolving digital world, security requires a global community of defenders working together as a team to build a safer world for all. That’s why we’re thrilled to recognize the extraordinary individuals and organizations who have gone above and beyond in the fight against cyberthreats with the 2025 Microsoft Security Excellence Awards.

In San Francisco, California, on Monday, April 28, 2025, we gathered our cybersecurity superheroes―Microsoft Intelligent Security Association (MISA) member finalists and winners. Together with Microsoft leadership, we celebrated the innovative defenders who are leading the charge against cybercriminals to ensure people and organizations can thrive.

“Congratulations to this year’s Microsoft Security Excellence Awards winners, and to all the incredible nominees,” said Vasu Jakkal, Corporate Vice President, Microsoft Security Business. “Our partners are the frontline defenders in an ever-changing cybersecurity landscape, working tirelessly to protect organizations and individuals from emerging cyberthreats. Their innovation and commitment are instrumental in advancing security worldwide. Together, we’re strengthening defenses and shaping the future of security.”

Discover the Microsoft Intelligent Security Association Celebrating the superheroes of cybersecurity

The past year has been a testament to the power of collaboration. From deploying AI-powered threat intelligence to fortifying Zero Trust strategies, our partners have continued to raise the bar. Together, we’re stronger, smarter, and more resilient in the face of growing cyberthreats.

The Microsoft Security Excellence Awards honor outstanding contributions across several categories. This year’s finalists and winners have demonstrated not only technical excellence but also a firm commitment to strengthening security for the organizations that rely on them. They’re the best of the best—pushing boundaries and embracing cutting-edge security technologies.

After a review of all the award nominations, our review panel created a shortlist of five nominees per category, with winners determined by votes from Microsoft and MISA members. Congratulations to you all!

Security Trailblazer

Partners that have delivered innovative solutions or services that leverage the full Microsoft range of security products and have proven to be outstanding leaders in accelerating customers’ efforts to mitigate cybersecurity threats.

• BlueVoyant—Winner
• Darktrace
• HCLTech
• Kocho
• Wortell

Data Security and Compliance Trailblazer

Partners that deliver innovative solutions or services and are distinguished leaders in developing outcomes that provide a comprehensive approach to securing customer data with the Microsoft Purview platform.

• Avanade—Winner
• eShare
• Lighthouse
• Protiviti
• Quorum Cyber

Identity Trailblazer

Partners that are leaders in the identity space and have driven identity-related initiatives and delivered innovative solutions or services with Microsoft Entra ID.

• PwC—Winner
• IDmelon
• Kloudynet
• Oxford Computer Group
• Patriot Consulting

Endpoint Management Trailblazer

Partners that have proven expertise in helping customers modernize their endpoint and device management posture while enabling organizations to reduce costs.

• Bridewell—Winner
• Cloud4C
• Devicie
• InSpark
• Shanghai Flyingnets Information Technology Co., LTD.

Security Customer Champion

Partners that go above and beyond to drive customer impact and that have a proven track record of customer obsession and success.

• EY—Winner
• 1Password
• Cyclotron
• Epiq
• Threatscape

Security Changemaker

Individuals within partner organizations who have made a remarkable security contribution to the company or the larger security community.

• Micah Heaton, Executive Director, BlueVoyant—Winner
• Federico Charosky, Chief Executive Officer, Quorum Cyber
• Femke Cornelissen, Chief Copilot, Wortell
• Harman Kaur, Vice President (VP) of Artificial Intelligence, Tanium
• Sharon Ko, VP of Product Management, Armor

Diversity in Security

Partners that have demonstrated a significant commitment to enhancing diversity, equity, and inclusion to better serve security customers and foster change in the industry.

• LTIMindtree Ltd—Winner
• BUI
• Jamf
• Orange Cyberdefense
• Silverfort

Security ISV of the Year

Independent software vendors (ISVs) that are all-around powerhouses and have innovative security solutions that integrate with a MISA-qualifying security product and demonstrate differentiated value and excellent customer experiences.

• Netskope—Winner
• ContraForce
• Delinea
• Kovrr
• Tanium

Security MSSP of the Year   

Managed security service providers (MSSPs) that are all-around powerhouses with strong integration between Microsoft products and ongoing managed security services and drive new security workloads, pipeline, usage, and consumption.       

• Quorum Cyber—Winner
• baseVISION AG
• glueckkanja AG
• Performanta
• Transparity

Meet the award presenters

This year’s awards were presented by Microsoft executives who recognize and support the critical role our partners play in cybersecurity:

Security Trailblazer: Andrew Conway, Vice President, Security Business and Marketing

Data Security and Compliance Trailblazer: Herain Oberoi, General Manager, Data Security, Governance, Compliance, Privacy Business and Marketing

Identity Trailblazer: Irina Nechaeva, General Manager, Identity and Network Access

Endpoint Management Trailblazer: Talal Alqinawi, Senior Director, Product Marketing Intune

Security Customer Champion: Nicole Ford, Vice President, Customer Security Officer

Security Changemaker: Vasu Jakkal, Corporate Vice President, Security Business

Diversity in Security: Dorothy Li, Corporate Vice President Security Copilot, Ecosystem and Marketplace

Security ISV of the Year: Steve Dispensa, Corporate Vice President Security Business Development

Security MSSP of the Year: Alym Rayani, Vice President Security GTM

Looking ahead: Stronger together

Congratulations again to this year’s winners and many thanks to all who were able to join us for a special evening celebrating our cybersecurity superheroes. Their dedication and expertise help us all move forward in our shared mission to build a safer, more secure world for everyone.

For anyone attending RSAC Conference from April 28 to May 1, 2025, be sure to stop by the Microsoft Booth 5744 North Expo where MISA members will be showcasing their solutions at our MISA demo station and the Microsoft Theater. Don’t miss these informative sessions:

• Wortell—Unified SecOps: Defending Critical Infrastructure with Microsoft Defender. Tuesday, April 29, 2025, 3:00 PM PT to 3:20 PM PT.
• Contraforce—Be Fast as Lightning: Automate Microsoft Defender XDR and Microsoft Sentinel Service Delivery. Tuesday, April 29, 2025, 3:30 PM PT to 3:50 PM PT.
• Microsoft Security—Unlocking Opportunities: A Guide to Partnering with Microsoft. Wednesday, April 30, 2025, 11:30 AM PT to 11:50 AM PT.
• EY—EY Security Copilot Powered Solutions. Wednesday, April 30, 2025, 12:00 PM PT to 12:20 PM PT.
• Netskope—Simplifying Data Security for the Modern Network with Microsoft Purview and Netskope One. Wednesday, April 30, 2025, 5:30 PM PT to 5:50 PM PT.
• Oxford Computer Group—Creating Bespoke Identity Governance Solutions with Microsoft Entra Suite. Thursday, May 1, 2025, 11:30 AM PT to 11:50 AM PT.

Learn more

Learn more about the Microsoft Intelligent Security Association.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Microsoft announces the 2025 Security Excellence Awards winners appeared first on Microsoft Security Blog.

In today’s rapidly evolving digital world, security requires a global community of defenders working together as a team to build a safer world for all. That’s why we’re thrilled to recognize the extraordinary individuals and organizations who have gone above and beyond in the fight against cyberthreats with the 2025 Microsoft Security Excellence Awards.

In San Francisco, California, on Monday, April 28, 2025, we gathered our cybersecurity superheroes―Microsoft Intelligent Security Association (MISA) member finalists and winners. Together with Microsoft leadership, we celebrated the innovative defenders who are leading the charge against cybercriminals to ensure people and organizations can thrive.

“Congratulations to this year’s Microsoft Security Excellence Awards winners, and to all the incredible nominees,” said Vasu Jakkal, Corporate Vice President, Microsoft Security Business. “Our partners are the frontline defenders in an ever-changing cybersecurity landscape, working tirelessly to protect organizations and individuals from emerging cyberthreats. Their innovation and commitment are instrumental in advancing security worldwide. Together, we’re strengthening defenses and shaping the future of security.”

Discover the Microsoft Intelligent Security Association Celebrating the superheroes of cybersecurity

The past year has been a testament to the power of collaboration. From deploying AI-powered threat intelligence to fortifying Zero Trust strategies, our partners have continued to raise the bar. Together, we’re stronger, smarter, and more resilient in the face of growing cyberthreats.

The Microsoft Security Excellence Awards honor outstanding contributions across several categories. This year’s finalists and winners have demonstrated not only technical excellence but also a firm commitment to strengthening security for the organizations that rely on them. They’re the best of the best—pushing boundaries and embracing cutting-edge security technologies.

After a review of all the award nominations, our review panel created a shortlist of five nominees per category, with winners determined by votes from Microsoft and MISA members. Congratulations to you all!

Security Trailblazer

Partners that have delivered innovative solutions or services that leverage the full Microsoft range of security products and have proven to be outstanding leaders in accelerating customers’ efforts to mitigate cybersecurity threats.

• BlueVoyant—Winner
• Darktrace
• HCLTech
• Kocho
• Wortell

Data Security and Compliance Trailblazer

Partners that deliver innovative solutions or services and are distinguished leaders in developing outcomes that provide a comprehensive approach to securing customer data with the Microsoft Purview platform.

• Avanade—Winner
• eShare
• Lighthouse
• Protiviti
• Quorum Cyber

Identity Trailblazer

Partners that are leaders in the identity space and have driven identity-related initiatives and delivered innovative solutions or services with Microsoft Entra ID.

• PwC—Winner
• IDmelon
• Kloudynet
• Oxford Computer Group
• Patriot Consulting

Endpoint Management Trailblazer

Partners that have proven expertise in helping customers modernize their endpoint and device management posture while enabling organizations to reduce costs.

• Bridewell—Winner
• Cloud4C
• Devicie
• InSpark
• Shanghai Flyingnets Information Technology Co., LTD.

Security Customer Champion

Partners that go above and beyond to drive customer impact and that have a proven track record of customer obsession and success.

• EY—Winner
• 1Password
• Cyclotron
• Epiq
• Threatscape

Security Changemaker

Individuals within partner organizations who have made a remarkable security contribution to the company or the larger security community.

• Micah Heaton, Executive Director, BlueVoyant—Winner
• Federico Charosky, Chief Executive Officer, Quorum Cyber
• Femke Cornelissen, Chief Copilot, Wortell
• Harman Kaur, Vice President (VP) of Artificial Intelligence, Tanium
• Sharon Ko, VP of Product Management, Armor

Diversity in Security

Partners that have demonstrated a significant commitment to enhancing diversity, equity, and inclusion to better serve security customers and foster change in the industry.

• LTIMindtree Ltd—Winner
• BUI
• Jamf
• Orange Cyberdefense
• Silverfort

Security ISV of the Year

Independent software vendors (ISVs) that are all-around powerhouses and have innovative security solutions that integrate with a MISA-qualifying security product and demonstrate differentiated value and excellent customer experiences.

• Netskope—Winner
• ContraForce
• Delinea
• Kovrr
• Tanium

Security MSSP of the Year   

Managed security service providers (MSSPs) that are all-around powerhouses with strong integration between Microsoft products and ongoing managed security services and drive new security workloads, pipeline, usage, and consumption.       

• Quorum Cyber—Winner
• baseVISION AG
• glueckkanja AG
• Performanta
• Transparity

Meet the award presenters

This year’s awards were presented by Microsoft executives who recognize and support the critical role our partners play in cybersecurity:

Security Trailblazer: Andrew Conway, Vice President, Security Business and Marketing

Data Security and Compliance Trailblazer: Herain Oberoi, General Manager, Data Security, Governance, Compliance, Privacy Business and Marketing

Identity Trailblazer: Irina Nechaeva, General Manager, Identity and Network Access

Endpoint Management Trailblazer: Talal Alqinawi, Senior Director, Product Marketing Intune

Security Customer Champion: Nicole Ford, Vice President, Customer Security Officer

Security Changemaker: Vasu Jakkal, Corporate Vice President, Security Business

Diversity in Security: Dorothy Li, Corporate Vice President Security Copilot, Ecosystem and Marketplace

Security ISV of the Year: Steve Dispensa, Corporate Vice President Security Business Development

Security MSSP of the Year: Alym Rayani, Vice President Security GTM

Looking ahead: Stronger together

Congratulations again to this year’s winners and many thanks to all who were able to join us for a special evening celebrating our cybersecurity superheroes. Their dedication and expertise help us all move forward in our shared mission to build a safer, more secure world for everyone.

For anyone attending RSAC Conference from April 28 to May 1, 2025, be sure to stop by the Microsoft Booth 5744 North Expo where MISA members will be showcasing their solutions at our MISA demo station and the Microsoft Theater. Don’t miss these informative sessions:

• Wortell—Unified SecOps: Defending Critical Infrastructure with Microsoft Defender. Tuesday, April 29, 2025, 3:00 PM PT to 3:20 PM PT.
• Contraforce—Be Fast as Lightning: Automate Microsoft Defender XDR and Microsoft Sentinel Service Delivery. Tuesday, April 29, 2025, 3:30 PM PT to 3:50 PM PT.
• Microsoft Security—Unlocking Opportunities: A Guide to Partnering with Microsoft. Wednesday, April 30, 2025, 11:30 AM PT to 11:50 AM PT.
• EY—EY Security Copilot Powered Solutions. Wednesday, April 30, 2025, 12:00 PM PT to 12:20 PM PT.
• Netskope—Simplifying Data Security for the Modern Network with Microsoft Purview and Netskope One. Wednesday, April 30, 2025, 5:30 PM PT to 5:50 PM PT.
• Oxford Computer Group—Creating Bespoke Identity Governance Solutions with Microsoft Entra Suite. Thursday, May 1, 2025, 11:30 AM PT to 11:50 AM PT.

Learn more

Learn more about the Microsoft Intelligent Security Association.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Microsoft announces the 2025 Security Excellence Awards winners appeared first on Microsoft Security Blog.

In healthcare, patient trust often begins at the frontline with people who deliver care, respond to questions, and manage crucial in-the-moment decisions. Increasingly, those experiences are shaped by the tools frontline workers use. When devices are secure, responsive, and tailored to clinical workflows, they enable faster, more informed, and more compassionate care.

For chief technology officers (CTOs), this raises important questions: How can frontline devices enhance productivity and responsiveness? And just as critically, how can organizations ensure those devices are secure, compliant, and ready to go at a moment’s notice?

Healthcare isn’t alone in these challenges. Industries like retail, where frontline teams also engage directly with the public in fast-paced, high-stakes environments, face similar pressures around device management, security, and scalability. This blog focuses on how modern endpoint management supports care and delivery at the frontline, with parallel insights drawn from the retail world to highlight shared strategies and solutions.

Learn how Microsoft Intune can help your organization securely manage frontline devices.

Why endpoint management matters at the frontline

Every frontline interaction is a potential brand moment that impacts trust and outcomes. A poor experience can ripple quickly, but the right tools in the hands of frontline staff can lead to faster, more personalized service. To deliver those experiences at scale, CTOs should consider three foundational principles for frontline device strategy:

1. Recognize that many devices are shared. With shift-based work, secure and seamless sign-on backed by a Zero Trust approach helps provide the right person access to the right tools, without delay.
2. Use a cloud-native approach to manage all devices. Whether company-issued or bring-your-own device (BYOD), cross-platform management keeps devices are up-to-date and ready to go, reducing setup times and support tickets.
3. Embrace innovations like Microsoft Copilot and Microsoft 365. AI-powered tools and Cloud PCs help organizations scale faster, enhance security, and give workers access to the latest experiences, without disruption.

Now let’s explore what this looks like in practice, starting with healthcare.

Healthcare in focus: Modern management for care delivery

In healthcare, frontline workers rely on shared devices that must be secure, personalized, and compliant. Microsoft Intune has helped hospitals like Milton Keynes University Hospital implement endpoint management for shared tablets used in nurse stations—tools that support real-time monitoring and communication.

Because staff rotate across shifts, easy sign-in is essential, and devices must only receive updates during defined maintenance windows. These shared tablets also require network restrictions and strict access controls to meet security standards without interrupting care.

Intune also supports iPad OS and configuration, helping frontline staff access patient information quickly and securely at the bedside, reducing friction and improving the overall care experience.

With AI-powered tools like Microsoft Copilot in Intune, healthcare IT teams can proactively identify issues, troubleshoot devices, and maintain compliance, all while reducing operational burden. As new AI agent capabilities emerge, they’ll enable even faster remediation of vulnerabilities, protecting sensitive patient data in an evolving cyberthreat landscape.

And with Windows 365 Frontline, healthcare organizations can provide scalable, secure access to virtual desktops for rotating clinical staff, delivering performance without the need to deploy and manage a physical device for every user.

Retail in focus: Elevating service and speed on the store floor

In retail environments, every frontline interaction is a brand opportunity, and device performance can make or break that moment.

At the National Retail Federation (NRF) conference in January 2025, companies like IKEA and Levi’s showcased how giving employees access to personalized devices helps them visualize products with customers and provide more tailored service.

Retail staff often rely on shared devices across shifts, so it’s critical that sign-in is fast, interfaces are familiar, and access is secure but streamlined. Temporary session PINs and pre-configured apps let employees start working, and serving customers, immediately.

At Schwarz Group (which includes 575,000 employees across 13,900 stores in 32 countries, including the Lidl and Kaufland retail brands) Intune supports staging and managing tens of thousands of employee devices. IT can remotely provision new devices with pre-defined configurations, eliminating time-consuming setups and ensuring tools are ready before the employee even logs in.

Retailers can also take advantage of Windows 365 Cloud PCs and Windows 365 Frontline to give employees secure access to key tools across locations and shifts, while simplifying management and keeping costs down.

Streamline and secure your device ecosystem with Microsoft Intune A better frontline experience leads to better outcomes

Whether it’s a customer shopping in store or a patient receiving care, the frontline experience shapes how people perceive your organization. When frontline tools are secure, responsive, and tailored to the user, staff can serve with confidence—and people feel the difference.

Now is the time to reassess your endpoint strategy. For healthcare organizations, secure, cloud-native device management can be one of the most powerful levers for improving patient outcomes and operational efficiency. And for industries with similar frontline demands, like retail, the same principles can deliver meaningful gains in speed, security, and customer satisfaction.

Explore how other leading organizations are benefiting from modern, cloud-native endpoint management. For more, check out Intune’s recent “From the frontlines” blog for retail or for healthcare, or other examples of Intune customer stories.

Learn more

Learn more about Microsoft Intune.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Faster, more personalized service begins at the frontline with Microsoft Intune appeared first on Microsoft Security Blog.

In healthcare, patient trust often begins at the frontline with people who deliver care, respond to questions, and manage crucial in-the-moment decisions. Increasingly, those experiences are shaped by the tools frontline workers use. When devices are secure, responsive, and tailored to clinical workflows, they enable faster, more informed, and more compassionate care.

For chief technology officers (CTOs), this raises important questions: How can frontline devices enhance productivity and responsiveness? And just as critically, how can organizations ensure those devices are secure, compliant, and ready to go at a moment’s notice?

Healthcare isn’t alone in these challenges. Industries like retail, where frontline teams also engage directly with the public in fast-paced, high-stakes environments, face similar pressures around device management, security, and scalability. This blog focuses on how modern endpoint management supports care and delivery at the frontline, with parallel insights drawn from the retail world to highlight shared strategies and solutions.

Learn how Microsoft Intune can help your organization securely manage frontline devices.

Microsoft Intune

Secure and manage every device from one place.

Learn more Why endpoint management matters at the frontline

Every frontline interaction is a potential brand moment that impacts trust and outcomes. A poor experience can ripple quickly, but the right tools in the hands of frontline staff can lead to faster, more personalized service. To deliver those experiences at scale, CTOs should consider three foundational principles for frontline device strategy:

1. Recognize that many devices are shared. With shift-based work, secure and seamless sign-on backed by a Zero Trust approach helps provide the right person access to the right tools, without delay.
2. Use a cloud-native approach to manage all devices. Whether company-issued or bring-your-own device (BYOD), cross-platform management keeps devices are up-to-date and ready to go, reducing setup times and support tickets.
3. Embrace innovations like Microsoft Copilot and Microsoft 365. AI-powered tools and Cloud PCs help organizations scale faster, enhance security, and give workers access to the latest experiences, without disruption.

Now let’s explore what this looks like in practice, starting with healthcare.

Healthcare in focus: Modern management for care delivery

In healthcare, frontline workers rely on shared devices that must be secure, personalized, and compliant. Microsoft Intune has helped hospitals like Milton Keynes University Hospital implement endpoint management for shared tablets used in nurse stations—tools that support real-time monitoring and communication.

Because staff rotate across shifts, easy sign-in is essential, and devices must only receive updates during defined maintenance windows. These shared tablets also require network restrictions and strict access controls to meet security standards without interrupting care.

Intune also supports iPad OS and configuration, helping frontline staff access patient information quickly and securely at the bedside, reducing friction and improving the overall care experience.

With AI-powered tools like Microsoft Copilot in Intune, healthcare IT teams can proactively identify issues, troubleshoot devices, and maintain compliance, all while reducing operational burden. As new AI agent capabilities emerge, they’ll enable even faster remediation of vulnerabilities, protecting sensitive patient data in an evolving cyberthreat landscape.

And with Windows 365 Frontline, healthcare organizations can provide scalable, secure access to virtual desktops for rotating clinical staff, delivering performance without the need to deploy and manage a physical device for every user.

Retail in focus: Elevating service and speed on the store floor

In retail environments, every frontline interaction is a brand opportunity, and device performance can make or break that moment.

At the National Retail Federation (NRF) conference in January 2025, companies like IKEA and Levi’s showcased how giving employees access to personalized devices helps them visualize products with customers and provide more tailored service.

Retail staff often rely on shared devices across shifts, so it’s critical that sign-in is fast, interfaces are familiar, and access is secure but streamlined. Temporary session PINs and pre-configured apps let employees start working, and serving customers, immediately.

At Schwarz Group (which includes 575,000 employees across 13,900 stores in 32 countries, including the Lidl and Kaufland retail brands) Intune supports staging and managing tens of thousands of employee devices. IT can remotely provision new devices with pre-defined configurations, eliminating time-consuming setups and ensuring tools are ready before the employee even logs in.

Retailers can also take advantage of Windows 365 Cloud PCs and Windows 365 Frontline to give employees secure access to key tools across locations and shifts, while simplifying management and keeping costs down.

Streamline and secure your device ecosystem with Microsoft Intune A better frontline experience leads to better outcomes

Whether it’s a customer shopping in store or a patient receiving care, the frontline experience shapes how people perceive your organization. When frontline tools are secure, responsive, and tailored to the user, staff can serve with confidence—and people feel the difference.

Now is the time to reassess your endpoint strategy. For healthcare organizations, secure, cloud-native device management can be one of the most powerful levers for improving patient outcomes and operational efficiency. And for industries with similar frontline demands, like retail, the same principles can deliver meaningful gains in speed, security, and customer satisfaction.

Explore how other leading organizations are benefiting from modern, cloud-native endpoint management. For more, check out Intune’s recent “From the frontlines” blog for retail or for healthcare, or other examples of Intune customer stories.

Learn more

Learn more about Microsoft Intune.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The post Faster, more personalized service begins at the frontline with Microsoft Intune appeared first on Microsoft Security Blog.

According to the Microsoft 2024 Data Security Index, organizations experience an average of 156 data security incidents annually, and this cyberthreat continues to be a top concern for data security decision-makers.1 A full 82% of security decision-makers believe a comprehensive, fully integrated platform is superior to managing multiple isolated tools. Yet on average, teams are juggling 12 different data security solutions, creating complexity that increases their vulnerability.1

Also, as organizations increasingly turn to generative AI tools, the risk of sensitive data exposure or unauthorized use grows. This shift makes broad visibility into data risks across the digital landscape not only important—but essential. To effectively safeguard data in today’s environment, organizations need a robust and integrated data security strategy, bringing together data and user context across cloud apps, services, devices, AI tools, and more. Achieving this requires a holistic approach—one that unifies people, processes, and technology to protect what matters most.

At Microsoft, we help empower data security leaders to keep their most valuable assets—data—safe, and now we’re publishing Securing your data with Microsoft Purview: A practical handbook. This guide is designed for data security leaders to initiate and enhance data security practices, leveraging the extensive experience of Microsoft subject matter experts (SMEs) and relevant customer insights. The guide aims to help customers efficiently and effectively implement data security with Microsoft Purview, maximizing the solution’s value by focusing on a integrated strategy.

Learn more with Securing your data with Microsoft Purview: A practical handbook Stronger data security begins with a clear plan

Data security is critically important and with the right approach, it doesn’t need to be overly complicated. As in the implementation of any technology, when securing data, proper preparation can help organizations avoid major roadblocks and realize greater efficiency and value going forward. The guide we’re sharing can help data security teams frame their goals and prioritize opportunities that are actionable, attainable, and can lead to quick wins—such as effective initial policies and greater organizational commitment to data security goals.

Every organization faces unique data security challenges and have varying levels of risk tolerance. However, a universal struggle remains: balancing employee productivity with robust data security. This guide walks leaders through several key considerations for creating data security goals that integrate business objectives and compliance needs. It also provides insights on how to collaborate across the organization to understand the full scope of data security requirements and develop a cross-functional team of stakeholders.

Lastly, preparation also includes defining what success will look like for your organization’s data security strategy. The guide helps leaders choose clear metrics for evaluating the effectiveness of their data security deployments with Microsoft Purview and includes examples of success metrics to consider. Additionally, the guide helps organizations focus on resolving their biggest data security risks first, while allowing the flexibility to modify, add, or change success metrics as challenges and maturity level change.

Read the guide: Securing your data with Microsoft Purview Leveraging Microsoft Purview to secure your organization’s data

Once organizations set goals and prioritize data security opportunities, it’s time to assess their environment and implement robust protections to secure their data.

Teams today are under constant pressure to protect sensitive data from leaks, unintentional oversharing, insider cyberthreats and more—all while enabling collaboration and innovation. Businesses need tools to understand where their data is, who’s accessing it, and how it’s being used. With advanced detection and prevention capabilities, companies can identify potential risks before they become incidents—whether it’s an employee sharing confidential information externally or sensitive data being stored in the wrong location. By automating policy enforcement and surfacing actionable insights, companies can reduce human error, strengthen their data security posture, and respond swiftly to emerging cyberthreats, without disrupting everyday workflows.

With Microsoft Purview, organizations can aim to establish a strong data security program by uncovering hidden risks to data throughout its lifecycle, safeguarding against data loss, and mitigating risks from both internal and external security incidents. To successfully leverage these capabilities, the guidance included in the asset walks us through a deeply integrated suite of products, ensuring a cohesive approach to data security.

This practical guide will enable data security teams to get up to speed with Microsoft Purview’s integrated set of solutions and establish a strong data security program from the start. From understanding your organization’s data to developing policies that align with the business and compliance needs of your organization, there are several steps to take to ensure data security programs are better set up for success. This guide is designed to empower data security teams to confidently establish the right strategy to secure their organization’s data, from policy design to implementation, troubleshooting, and continual improvement—providing a comprehensive approach for organizations to prevent data risks.

Discover more with Securing your data with Microsoft Purview: A practical handbook The next steps on your data security journey

Once your organization has deployed Microsoft Purview and navigated the initial steps, you’ll be well poised to go deeper into adjacent opportunities and scenarios to further protect your organization.

From empowering data security teams and deep-content investigation with the application of generative AI, to integrating data security into the Security Operations Center experience, continuing your data security journey with intentionality can lead to enhanced protection and operational efficiency. Looking across the other aspects of data within an organization is also crucial, as data compliance and data governance complement data security—ensuring comprehensive protection and management of data across its lifecycle, while meeting regulatory requirements and unlocking value creation from data.

Securing your organization’s data is not just about implementing the right tools, but also about fostering a culture of security awareness and collaboration. By leveraging Microsoft Purview and following the best practices outlined in this guide, you can create a robust data security strategy that protects your valuable assets and supports your business objectives. Remember, data security is a continuous journey, and with the right approach, you can navigate it successfully.

Download Securing your data with Microsoft Purview: A practical handbook and set up your organization for a successful implementation today.

To learn more about our latest data security innovations, check out the Microsoft Secure announcement blog for more news across Microsoft Purview.

Learn more with Microsoft Security

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

1Microsoft 2024 Data Security Index: The Risk of AI, Threatscape.

The post ​​Explore practical best practices to secure your data with Microsoft Purview​​ appeared first on Microsoft Security Blog.

According to the Microsoft 2024 Data Security Index, organizations experience an average of 156 data security incidents annually, and this cyberthreat continues to be a top concern for data security decision-makers.1 A full 82% of security decision-makers believe a comprehensive, fully integrated platform is superior to managing multiple isolated tools. Yet on average, teams are juggling 12 different data security solutions, creating complexity that increases their vulnerability.1

Also, as organizations increasingly turn to generative AI tools, the risk of sensitive data exposure or unauthorized use grows. This shift makes broad visibility into data risks across the digital landscape not only important—but essential. To effectively safeguard data in today’s environment, organizations need a robust and integrated data security strategy, bringing together data and user context across cloud apps, services, devices, AI tools, and more. Achieving this requires a holistic approach—one that unifies people, processes, and technology to protect what matters most.

At Microsoft, we help empower data security leaders to keep their most valuable assets—data—safe, and now we’re publishing Securing your data with Microsoft Purview: A practical handbook. This guide is designed for data security leaders to initiate and enhance data security practices, leveraging the extensive experience of Microsoft subject matter experts (SMEs) and relevant customer insights. The guide aims to help customers efficiently and effectively implement data security with Microsoft Purview, maximizing the solution’s value by focusing on a integrated strategy.

Learn more with Securing your data with Microsoft Purview: A practical handbook Stronger data security begins with a clear plan

Data security is critically important and with the right approach, it doesn’t need to be overly complicated. As in the implementation of any technology, when securing data, proper preparation can help organizations avoid major roadblocks and realize greater efficiency and value going forward. The guide we’re sharing can help data security teams frame their goals and prioritize opportunities that are actionable, attainable, and can lead to quick wins—such as effective initial policies and greater organizational commitment to data security goals.

Every organization faces unique data security challenges and have varying levels of risk tolerance. However, a universal struggle remains: balancing employee productivity with robust data security. This guide walks leaders through several key considerations for creating data security goals that integrate business objectives and compliance needs. It also provides insights on how to collaborate across the organization to understand the full scope of data security requirements and develop a cross-functional team of stakeholders.

Lastly, preparation also includes defining what success will look like for your organization’s data security strategy. The guide helps leaders choose clear metrics for evaluating the effectiveness of their data security deployments with Microsoft Purview and includes examples of success metrics to consider. Additionally, the guide helps organizations focus on resolving their biggest data security risks first, while allowing the flexibility to modify, add, or change success metrics as challenges and maturity level change.

Read the guide: Securing your data with Microsoft Purview Leveraging Microsoft Purview to secure your organization’s data

Once organizations set goals and prioritize data security opportunities, it’s time to assess their environment and implement robust protections to secure their data.

Teams today are under constant pressure to protect sensitive data from leaks, unintentional oversharing, insider cyberthreats and more—all while enabling collaboration and innovation. Businesses need tools to understand where their data is, who’s accessing it, and how it’s being used. With advanced detection and prevention capabilities, companies can identify potential risks before they become incidents—whether it’s an employee sharing confidential information externally or sensitive data being stored in the wrong location. By automating policy enforcement and surfacing actionable insights, companies can reduce human error, strengthen their data security posture, and respond swiftly to emerging cyberthreats, without disrupting everyday workflows.

With Microsoft Purview, organizations can aim to establish a strong data security program by uncovering hidden risks to data throughout its lifecycle, safeguarding against data loss, and mitigating risks from both internal and external security incidents. To successfully leverage these capabilities, the guidance included in the asset walks us through a deeply integrated suite of products, ensuring a cohesive approach to data security.

This practical guide will enable data security teams to get up to speed with Microsoft Purview’s integrated set of solutions and establish a strong data security program from the start. From understanding your organization’s data to developing policies that align with the business and compliance needs of your organization, there are several steps to take to ensure data security programs are better set up for success. This guide is designed to empower data security teams to confidently establish the right strategy to secure their organization’s data, from policy design to implementation, troubleshooting, and continual improvement—providing a comprehensive approach for organizations to prevent data risks.

Discover more with Securing your data with Microsoft Purview: A practical handbook The next steps on your data security journey

Once your organization has deployed Microsoft Purview and navigated the initial steps, you’ll be well poised to go deeper into adjacent opportunities and scenarios to further protect your organization.

From empowering data security teams and deep-content investigation with the application of generative AI, to integrating data security into the Security Operations Center experience, continuing your data security journey with intentionality can lead to enhanced protection and operational efficiency. Looking across the other aspects of data within an organization is also crucial, as data compliance and data governance complement data security—ensuring comprehensive protection and management of data across its lifecycle, while meeting regulatory requirements and unlocking value creation from data.

Securing your organization’s data is not just about implementing the right tools, but also about fostering a culture of security awareness and collaboration. By leveraging Microsoft Purview and following the best practices outlined in this guide, you can create a robust data security strategy that protects your valuable assets and supports your business objectives. Remember, data security is a continuous journey, and with the right approach, you can navigate it successfully.

Download Securing your data with Microsoft Purview: A practical handbook and set up your organization for a successful implementation today.

To learn more about our latest data security innovations, check out the Microsoft Secure announcement blog for more news across Microsoft Purview.

Learn more with Microsoft Security

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

1Microsoft 2024 Data Security Index: The Risk of AI, Threatscape.

The post ​​Explore practical best practices to secure your data with Microsoft Purview​​ appeared first on Microsoft Security Blog.

We are releasing a taxonomy of failure modes in AI agents to help security professionals and machine learning engineers think through how AI systems can fail and design them with safety and security in mind.

The taxonomy continues Microsoft AI Red Team’s work to lead the creation of systematization of failure modes in AI; in 2019, we published one of the earliest industry efforts enumerating the failure modes of traditional AI systems. In 2020, we partnered with MITRE and 11 other organizations to codify the security failures in AI systems as Adversarial ML Threat Matrix, which has now evolved into MITRE ATLAS™. This effort is another step in helping the industry think through what the safety and security failures in the fast-moving and highly impactful agentic AI space are.

To build out this taxonomy and ensure that it was grounded in concrete and realistic failures and risk, the Microsoft AI Red Team took a three-prong approach:

• We catalogued the failures in agentic systems based on Microsoft’s internal red teaming of our own agent-based AI systems.
• Next, we worked with stakeholders across the company—Microsoft Research, Microsoft AI, Azure Research, Microsoft Security Response Center, Office of Responsible AI, Office of the Chief Technology Officer, other Security Research teams, and several organizations within Microsoft that are building agents to vet and refine this taxonomy.
• To make this useful to those outside of Microsoft, we conducted systematic interviews with external practitioners working on developing agentic AI systems and frameworks to polish the taxonomy further.

To help frame this taxonomy in a real-world application for readers, we also provide a case study of the taxonomy in action. We take a common agentic AI feature of memory and we walk through how an cyberattacker could corrupt an agent’s memory and use that as a pivot point to exfiltrate data.

Figure 1. Failure modes in agentic AI systems.

Core concepts in the taxonomy

While identifying and categorizing the different failure modes, we broke them down across two pillars, safety and security.

• Security failures are those that result in core security impacts, namely a loss of confidentiality, availability, or integrity of the agentic AI system; for example, such a failure allowing a threat actor to alter the intent of the system.
• Safety failure modes are those that affect the responsible implementation of AI, often resulting in harm to the users or society at large; for example, a failure that causes the system to provide differing quality of service to different users without explicit instructions to do so.

We then mapped the failures along two axes—novel and existing.

1. Novel failure modes are unique to agentic AI and have not been observed in non-agentic generative AI systems, such as failures that occur in the communication flow between agents within a multiagent system.
2. Existing failure modes have been observed in other AI systems, such as bias or hallucinations, but gain in importance in agentic AI systems due to their impact or likelihood.

As well as identifying the failure modes, we have also identified the effects these failures could have on the systems they appear in and the users of them. Additionally we identified key practices and controls that those building agentic AI systems should consider to mitigate the risks posed by these failure modes, including architectural approaches, technical controls, and user design approaches that build upon Microsoft’s experience in securing software as well as generative AI systems.

The taxonomy provides multiple insights for engineers and security professionals. For instance, we found that memory poisoning is particularly insidious in AI agents, with the absence of robust semantic analysis and contextual validation mechanisms allows malicious instructions to be stored, recalled, and executed. The taxonomy provides multiple strategies to combat this, such as limiting the agent’s ability to autonomously store memories by requiring external authentication or validation for all memory updates, limiting which components of the system have access to the memory, and controlling the structure and format of items stored in memory.

Read the new “Taxonomy of Failure Mode in Agentic AI Systems” whitepaper How to use this taxonomy

1. For engineers building agentic systems:
   • We recommend that this taxonomy is used as part of designing the agent, augmenting the existing Security Development Lifecycle and threat modeling practice. The guide helps walk through the different harms and the potential impact.
   • For each harm category, we provide suggested mitigation strategies that are technology agnostic to kickstart the process.
2. For security and safety professionals:
   • This is a guide on how to probe AI systems for failures before the system launches. It can be used to generate concrete attack kill chains to emulate real world cyberattackers.
   • This taxonomy can also be used to help inform defensive strategies for your agentic AI systems, including providing inspiration for detection and response opportunities.
3. For enterprise governance and risk professionals, this guide can help provide an overview of not just the novel ways these systems can fail but also how these systems inherit the traditional and existing failure modes of AI systems.

Learn more

Like all taxonomies, we consider this a first iteration and hope to continually update it, as we see the agent technology and cyberthreat landscape change. If you would like to contribute, please reach out to airt-agentsafety@microsoft.com.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The taxonomy was led by Pete Bryan; the case study on poisoning memory was led by Giorgio Severi. Others that contributed to this work: Joris de Gruyter, Daniel Jones, Blake Bullwinkel, Amanda Minnich, Shiven Chawla, Gary Lopez, Martin Pouliot,  Whitney Maxwell, Katherine Pratt, Saphir Qi, Nina Chikanov, Roman Lutz, Raja Sekhar Rao Dheekonda, Bolor-Erdene Jagdagdorj, Eugenia Kim, Justin Song, Keegan Hines, Daniel Jones, Richard Lundeen, Sam Vaughan, Victoria Westerhoff, Yonatan Zunger, Chang Kawaguchi, Mark Russinovich, Ram Shankar Siva Kumar.

The post New whitepaper outlines the taxonomy of failure modes in AI agents appeared first on Microsoft Security Blog.

We are releasing a taxonomy of failure modes in AI agents to help security professionals and machine learning engineers think through how AI systems can fail and design them with safety and security in mind.

The taxonomy continues Microsoft AI Red Team’s work to lead the creation of systematization of failure modes in AI; in 2019, we published one of the earliest industry efforts enumerating the failure modes of traditional AI systems. In 2020, we partnered with MITRE and 11 other organizations to codify the security failures in AI systems as Adversarial ML Threat Matrix, which has now evolved into MITRE ATLAS™. This effort is another step in helping the industry think through what the safety and security failures in the fast-moving and highly impactful agentic AI space are.

Taxonomy of Failure Mode in Agentic AI Systems

Microsoft's new whitepaper explains the taxonomy of failure modes in AI agents, aimed at enhancing safety and security in AI systems.

Read the whitepaper

To build out this taxonomy and ensure that it was grounded in concrete and realistic failures and risk, the Microsoft AI Red Team took a three-prong approach:

• We catalogued the failures in agentic systems based on Microsoft’s internal red teaming of our own agent-based AI systems.
• Next, we worked with stakeholders across the company—Microsoft Research, Microsoft AI, Azure Research, Microsoft Security Response Center, Office of Responsible AI, Office of the Chief Technology Officer, other Security Research teams, and several organizations within Microsoft that are building agents to vet and refine this taxonomy.
• To make this useful to those outside of Microsoft, we conducted systematic interviews with external practitioners working on developing agentic AI systems and frameworks to polish the taxonomy further.

To help frame this taxonomy in a real-world application for readers, we also provide a case study of the taxonomy in action. We take a common agentic AI feature of memory and we walk through how an cyberattacker could corrupt an agent’s memory and use that as a pivot point to exfiltrate data.

Figure 1. Failure modes in agentic AI systems.

Core concepts in the taxonomy

While identifying and categorizing the different failure modes, we broke them down across two pillars, safety and security.

• Security failures are those that result in core security impacts, namely a loss of confidentiality, availability, or integrity of the agentic AI system; for example, such a failure allowing a threat actor to alter the intent of the system.
• Safety failure modes are those that affect the responsible implementation of AI, often resulting in harm to the users or society at large; for example, a failure that causes the system to provide differing quality of service to different users without explicit instructions to do so.

We then mapped the failures along two axes—novel and existing.

1. Novel failure modes are unique to agentic AI and have not been observed in non-agentic generative AI systems, such as failures that occur in the communication flow between agents within a multiagent system.
2. Existing failure modes have been observed in other AI systems, such as bias or hallucinations, but gain in importance in agentic AI systems due to their impact or likelihood.

As well as identifying the failure modes, we have also identified the effects these failures could have on the systems they appear in and the users of them. Additionally we identified key practices and controls that those building agentic AI systems should consider to mitigate the risks posed by these failure modes, including architectural approaches, technical controls, and user design approaches that build upon Microsoft’s experience in securing software as well as generative AI systems.

The taxonomy provides multiple insights for engineers and security professionals. For instance, we found that memory poisoning is particularly insidious in AI agents, with the absence of robust semantic analysis and contextual validation mechanisms allows malicious instructions to be stored, recalled, and executed. The taxonomy provides multiple strategies to combat this, such as limiting the agent’s ability to autonomously store memories by requiring external authentication or validation for all memory updates, limiting which components of the system have access to the memory, and controlling the structure and format of items stored in memory.

Read the new “Taxonomy of Failure Mode in Agentic AI Systems” whitepaper How to use this taxonomy

1. For engineers building agentic systems:
   • We recommend that this taxonomy is used as part of designing the agent, augmenting the existing Security Development Lifecycle and threat modeling practice. The guide helps walk through the different harms and the potential impact.
   • For each harm category, we provide suggested mitigation strategies that are technology agnostic to kickstart the process.
2. For security and safety professionals:
   • This is a guide on how to probe AI systems for failures before the system launches. It can be used to generate concrete attack kill chains to emulate real world cyberattackers.
   • This taxonomy can also be used to help inform defensive strategies for your agentic AI systems, including providing inspiration for detection and response opportunities.
3. For enterprise governance and risk professionals, this guide can help provide an overview of not just the novel ways these systems can fail but also how these systems inherit the traditional and existing failure modes of AI systems.

Learn more

Like all taxonomies, we consider this a first iteration and hope to continually update it, as we see the agent technology and cyberthreat landscape change. If you would like to contribute, please reach out to airt-agentsafety@microsoft.com.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

The taxonomy was led by Pete Bryan; the case study on poisoning memory was led by Giorgio Severi. Others that contributed to this work: Joris de Gruyter, Daniel Jones, Blake Bullwinkel, Amanda Minnich, Shiven Chawla, Gary Lopez, Martin Pouliot,  Whitney Maxwell, Katherine Pratt, Saphir Qi, Nina Chikanov, Roman Lutz, Raja Sekhar Rao Dheekonda, Bolor-Erdene Jagdagdorj, Eugenia Kim, Justin Song, Keegan Hines, Daniel Jones, Richard Lundeen, Sam Vaughan, Victoria Westerhoff, Yonatan Zunger, Chang Kawaguchi, Mark Russinovich, Ram Shankar Siva Kumar.

The post New whitepaper outlines the taxonomy of failure modes in AI agents appeared first on Microsoft Security Blog.

The dynamic nature of containers can make it challenging for security teams to detect runtime anomalies or pinpoint the source of a security incident, presenting an opportunity for attackers to stay undetected. Microsoft Threat Intelligence has observed threat actors taking advantage of unsecured workload identities to gain access to resources, including containerized environments. Microsoft data showed that in the past year, 51% of workload identities were completely inactive, representing a potential attack vector for threat actors.

Microsoft released and updated the threat matrix for Kubernetes, an active knowledge base for security threats that target Kubernetes clusters, to systematically map the attack surface of Kubernetes. We also worked with MITRE to develop the ATT&CK® for Containers matrix in 2021. As the adoption of containers-as-a-service among organizations rises, Microsoft Threat Intelligence continues to monitor the unique security threats that affect containerized environments.

Threats in Kubernetes environments

Containerized assets (including Kubernetes clusters, Kubernetes nodes, Kubernetes workloads, container registries, container images, and more) are at risk of several different types of attacks. To fully secure containerized workloads, organizations must secure the containers and the code running within them, software dependencies and libraries, continuous integration and continuous delivery (CI/CD) pipelines, runtime, and more.

Threats in Kubernetes environments can come from six primary areas:

• Compromised accounts: In cases where Kubernetes clusters are deployed in public clouds (such as Azure Kubernetes Service (AKS) or Google Kubernetes Engine (GKE)), compromised cloud credentials could lead to cluster takeover, as attackers who have access to account credentials can get access to the cluster’s management layer.
• Vulnerable or misconfigured images: Images that are not updated regularly might contain vulnerabilities that can be exploited in malicious attacks.
• Environment misconfigurations: An attacker with access to the Kubernetes API, either through exposed management interfaces or lack of appropriate authentication/authorization controls, could completely take down the server, deploy malicious containers, or hijack the entire cluster.
• App-level attacks: Applications could be exploited through several typical methods, such as SQL injection, cross-site scripting, and remote file inclusion.
• Node-level attacks: Attackers can gain initial access through nodes (host machines that containers run on) that run on vulnerable code or software, have open management interfaces such as SSH, or run commands from the cloud control plane. There is also the risk of pod escape, where a compromised pod can provide access to the node or to other pods in the cluster.
• Unauthorized traffic: Insecure networking between the different containers within the cluster and between the pods and outside world could be subject to malicious traffic if not secured.

Figure 1. Overview of attacks against Kubernetes environments Case study: Password spray attack leads to containers being used for cryptomining

In the past year, Microsoft Threat Intelligence has observed AzureChecker threats (tracked as Storm-1977) launching password spray attacks against cloud tenants in the education sector. The attack involves the use of AzureChecker.exe, a Command Line Interface (CLI) tool that is being used by a wide range of threat actors.

We observed that AzureChecker.exe connected to sac-auth[.]nodefunction[.]vip to download AES-encrypted data that when decrypted reveals the list of password spray targets. The tool then also accepted the file accounts.txt, which contained the username and password combinations to be used for the attack, as input. The threat actor then used the information from both files and posted the credentials to the target tenants for validation.

Microsoft Threat Intelligence was able to observe an instance of successful account compromise and found that the threat actor leveraged a guest account to create a resource group within the compromised subscription. The threat actor then created more than 200 containers within the resource group and used them for cryptomining activity.  

Securing containerized environments

The following best practices can help secure containerized assets against commonly observed threats.

Secure code prior to deployment

Ensuring that containers have secure code prior to deployment is essential to preventing issues during deployment and runtime. To facilitate this, Microsoft Defender for Cloud scans container images for vulnerabilities and misconfigurations and alerts customers of issues before a container is deployed.

Defender for Cloud DevOps also provides visibility into the security posture of the CI/CD platform. Additional best practices such as restricting access to DevOps tooling, using a secret store instead of hard-coding secrets in code or documentation, and using hardened DevOps workstations to build and deploy code can help prevent security issues before code is deployed.

Secure container deployment and runtime

Container deployment refers to the phase of the lifecycle where container images are pulled from the static container registry to be run on virtual machines hosts. During deployment, you should ensure the following best security practices:

• Ensure containers are immutable: Prevent patches from running containers whenever possible. As best practice, if you notice that a running container needs updates, you should rebuild the image and deploy the new container. Introducing new code in running containers can introduce new vulnerabilities, bypass secure development lifecycle protections, as well as pose an operational risk in case a container is restarted and run again with the original container image content without any runtime modifications.
• Leverage Admission Controllers: Configure policies to prevent containers from being deployed from untrusted registries, from running out of alignment with the minimal Pod Security Standard that fits the pod requirement (such as restricting root privileges), and from utilizing too many resources in the event of a denial-of-service attack. These can be enforced with Azure Policy Add-On for Kubernetes.
• Gate deployments of vulnerable images: Ensure that the containers being deployed are free of vulnerabilities and misconfigurations by running a vulnerability scan in the Build and Ship phases. Any image with high or critical severity vulnerabilities should be blocked from deployment.

Container runtime refers to the phase of the lifecycle where containers are running on the virtual hosts. During runtime, monitor your running containers for any new vulnerabilities that might have been introduced during runtime. In cases where a container image was not scanned in build time or in registry before being deployed to the cluster, Microsoft Defender Vulnerability Management supports Azure vulnerability assessments.

Additionally, monitor each node, pod, and container during runtime for any sort of anomalous or malicious activity that may be occurring:

• Look for malicious API calls and unusual activity using a monitoring system to identify any unusual Kubernetes API server requests for malicious activity. Defenders can query Kubernetes API calls in Defender XDR advanced hunting using the CloudAuditEvents table.
• For AKS clusters, Container Insights offers the ability to collect Syslog events from Linux nodes, to then be accessed within Azure’s built-in workbooks.

Defender for Containers’ Agentless discovery for Kubernetes provides API-based discovery of Kubernetes clusters, their configurations, and deployments. Defender for Cloud also identifies runtime threats at both the API level and the workload level. Additionally, organizations can use Microsoft Defender for Cloud to identify and remediate attack paths to address any potential attack vectors.

Secure user accounts and permissions

Attackers are increasingly using compromised identities for initial access and for establishing long-term persistence within an environment. If a compromised user has access to Kubernetes services, an attacker could use that identity to access those services using portal access or the command-line interface. In cases where Kubernetes clusters are deployed in public clouds (such as AKS in Azure or GKE in Google Cloud Platform (GCP)), compromised cloud credentials could lead to cluster takeover as attackers who have access to account credentials can get access to the cluster’s management layer.

The following recommendations, focused on requiring strong authentication to services and following the principle of least privilege, can help secure cloud credentials from compromise:

• Use strong authentication when exposing sensitive interfaces to the internet. For example, attacks were observed against exposed Kubeflow and Argo workloads that were not configured to use OpenID Connect or other authentication methods.
• Use strong authentication methods to the Kubernetes API to help prevent attackers from gaining access to the cluster even if valid credentials such as kubeconfig were achieved. For example, in AKS use Entra ID authentication instead of basic authentication. By using Entra ID authentication, a short-lived credential of the cluster is retrieved after authenticating to Entra ID.
• Avoid using the read-only endpoint of Kubelet in port 10255, which doesn’t require authentication. In newer versions of managed clusters, this port is disabled.
• Implement multifactor authentication (MFA).
• Configure the Kubernetes role-based access controls (RBAC) for each user and service accounts to have only necessary permissions. This applies also to other external authorization providers such as Azure RBAC in AKS.
• In a managed cluster, Kubernetes credentials are often retrieved or generated by the cloud provider through API call. To reduce the attack surface, grant permissions to the cloud provider API only to necessary accounts. In the case of Azure, make sure that only required identities have permissions to call: /subscriptions/resourceGroups/providers/Microsoft.ContainerService/managedClusters/listClusterUserCredential
• The kubeconfig file can contain credentials of accounts that allow interaction with a cluster. By applying the least privilege principle to all accounts, you can limit the impact of an account compromised through the kubeconfig file. To further limit misuse of the kubeconfig file, enable Microsoft Entra-based authentication to AKS and disable the local admin account, avoiding the use of the kubeconfig file altogether.

The Kubernetes project also lists the following recommendations for permissions and role assignment best practices:

• Avoid wildcard permissions, especially to all resources.
• Use RoleBinding instead of ClusterAdminBinding to give access within a namespace.
• Avoid adding users to the system:master group as it bypasses RBAC.
• Use impersonation rights for admins instead of adding to the cluster admin role. Audit and monitor when impersonation is being done.
• Avoid granting the escalate or bind permissions to roles when not needed, audit and monitor when escalation is being made.
• Avoid adding users to the system:unauthenticated group.
• Limit permissions to issue certificate signing requests (CSR) and certificates.
• Avoid granting users with create rights on service accounts/token, which could be exploited to create TokenRequests and issue tokens for existing service accounts.
• Users with control over validatingwebhookconfigurations or mutatingwebhookconfigurations can control webhooks that can read any object admitted to the cluster, and in the case of mutating webhooks, also mutate admitted objects

Secure container images

• Secure the CI/CD environment. Secure code repositories and CI/CD environment by placing gates to restrict unauthorized access and modification of content. This can include enforcing RBAC permissions to access and make changes to code, artifacts and build pipelines, ensure governed process for pull-request approval, apply branch policies and others.
• Apply image assurance policy to evaluate container images against vulnerabilities, malware, exposed secrets or other policies. By ensuring consistent and comprehensive image assurance policy across the build, ship, and run development stages. One approach of ensuring images pass assurance or compliance checks it to sign the container images, so the image signature can be checked downstream when deploying to Kubernetes clusters at runtime.
• Take and store data backups from pod-mounted volumes for critical workloads. Ensure backup and storage systems are hardened and kept separate from the Kubernetes environment to prevent compromise.

Restrict network traffic

The Kubernetes API server is the gateway to the cluster. Restricting access to the API server, as well as restricting how pods can communicate, can prevent unwanted access to the clusters management, even if an adversary gained valid credentials to the cluster. The following best practices can help harden clusters against attacks.

• Restrict access to the API server using intrusion detection signatures, network policies, and a web application firewall to block traffic at network boundaries to pods and services in a Kubernetes cluster. In managed clusters, cloud providers often support native built-in firewalls, which can restrict the IP addresses that are allowed to access the API server.
  • Implement a Next-Generation Firewall (NGFW) such as Azure Firewall, which offers a solution for AKS to monitor inbound and outbound traffic. You can integrate Azure Firewall as well as several third-party firewalls into Azure Sentinel to accumulate all logs into a centralized location. AKS also supports Retina, a cloud-agnostic platform for analysis of Kubernetes’ workload traffic.
  • Use Kubernetes network policies to control traffic and manage how pods communicate.
  • Adapt a network intrusion prevention solution to a Kubernetes environment if needed, in order to route network traffic destined to services through the security solution. In some cases, this can be done by deploying a containerized version of a network intrusion prevention solution to the Kubernetes cluster and be part of the cluster network, and in some cases, routing ingress traffic to Kubernetes services through an external appliance, requiring that all ingress traffic only come from such an appliance.
• Enable Just In Time (JIT) access to the API server through Microsoft Entra conditional access. Employing JIT elevated access to the Kubernetes API server helps reduce the attack surface by allowing access only at specific times, and through a governed escalation process. Enabling JIT access in Kubernetes is often done together with OpenID authentication, which includes processes and tools to manage JIT access. One example of such OpenID authentication is Azure Active Directory authentication to Kubernetes clusters. The JIT approval is performed in the cloud control plane level. Therefore, even if attackers have access to account credentials, their access to the cluster is limited.
• Limit access to services over network. Avoid exposing sensitive interfaces insecurely to the internet or limit access to it. Sensitive interfaces include management tools and applications that allow the creation of new containers in the cluster. Some of those services do not use authentication by default and are not intended to be exposed. Examples of services that were exploited include Weave Scope, Apache NiFi, and more.
  • If services need to be exposed to the internet and are exposed using a LoadBalancer service, use IP restriction (loadBalancerSourceRanges) when possible. This reduces the attack surface of the application and can prevent attackers from being able to reach the sensitive interfaces.

Detection details Microsoft Defender for Cloud

Microsoft Defender for Containers provides security alerts on the cluster level and on the underlying cluster nodes by monitoring both the control plane (the API server) and the containerized workload itself.

• Exposed Postgres service with trust authentication configuration in Kubernetes detected (Preview)
• Exposed Postgres service with risky configuration in Kubernetes detected (Preview)
• Attempt to create a new Linux namespace from a container detected
• A history file has been cleared
• Abnormal activity of managed identity associated with Kubernetes (Preview)
• Abnormal Kubernetes service account operation detected
• An uncommon connection attempt detected
• Attempt to stop apt-daily-upgrade.timer service detected
• Behavior similar to common Linux bots detected (Preview)
• Command within a container running with high privileges
• Container running in privileged mode
• Container with a sensitive volume mount detected
• CoreDNS modification in Kubernetes detected
• Creation of admission webhook configuration detected
• Detected file download from a known malicious source
• Detected suspicious file download
• Detected suspicious use of the nohup command
• Detected suspicious use of the useradd command
• Digital currency mining container detected
• Digital currency mining related behavior detected
• Docker build operation detected on a Kubernetes node
• Exposed Kubeflow dashboard detected
• Exposed Kubernetes dashboard detected
• Exposed Kubernetes service detected
• Exposed Redis service in AKS detected
• Indicators associated with DDOS toolkit detected
• K8S API requests from proxy IP address detected
• Kubernetes events deleted
• Kubernetes penetration testing tool detected
• New container in the kube-system namespace detected
• New high privileges role detected
• Possible attack tool detected
• Possible backdoor detected
• Possible command line exploitation attempt
• Possible credential access tool detected
• Possible Cryptocoinminer download detected
• Possible Log Tampering Activity Detected
• Possible password change using crypt-method detected
• Potential port forwarding to external IP address
• Potential reverse shell detected
• Privileged container detected
• Process associated with digital currency mining detected
• Process seen accessing the SSH authorized keys file in an unusual way
• Role binding to the cluster-admin role detected
• Security-related process termination detected
• SSH server is running inside a container
• Suspicious file timestamp modification
• Suspicious request to Kubernetes API
• Suspicious request to the Kubernetes Dashboard
• Potential crypto coin miner started
• Suspicious password access
• Possible malicious web shell detected
• Burst of multiple reconnaissance commands could indicate initial activity after compromise
• Suspicious Download Then Run Activity
• Access to kubelet kubeconfig file detected
• Access to cloud metadata service detected
• MITRE Caldera agent detected

Recent updates to Microsoft Defender for Cloud enhance its container security capabilities from development to runtime. Defender for Cloud now offers enhanced discovery, providing agentless visibility into Kubernetes environments, tracking containers, pods, and applications. The updates also strengthen security posture through continuous and granular scanning from build to runtime, helping maintain compliance and secure configurations across the SDLC.

Defender for Cloud’s native integration with Defender XDR enables threat protection with real-time monitoring, prioritizing vulnerabilities based on risk and enabling SOC analysts to detect and respond to threats faster through rich contextual insights and cloud-native response tools

Microsoft Defender for Endpoint

Microsoft Defender for Endpoint also detects threats on endpoints running container hosts, focusing on suspicious behavior commonly observed on endpoints, including stealing locally stored credentials for accessing the cloud, downloading and running malicious images, and privilege escalation from dockers to hosts.

Microsoft Defender External Attack Surface Management

Microsoft Defender External Attack Surface Management detects Docker and Kubernetes instances with known vulnerabilities or misconfigurations using the following alerts:

• ASI: Open Docker Daemon API Service
• ASI: Unauthenticated Kubelet API

Microsoft Security Copilot

Security Copilot customers can use the standalone experience to create their own prompts or run the following pre-built promptbooks to automate incident response or investigation tasks related to this threat:

• Incident investigation
• Microsoft User analysis
• Threat actor profile
• Threat Intelligence 360 report based on MDTI article
• Vulnerability impact assessment

Note that some promptbooks require access to plugins for Microsoft products such as Microsoft Defender XDR or Microsoft Sentinel.

Hunting queries

In addition to the below hunting queries, the open-source tool KubiScan, developed by CyberArk Labs, can be used to scan clusters for risky permissions and users. Results can be used to manage RBAC within the environment and eliminate unnecessary permissions; it can also be used in incident response to identify the potential exposure of compromised users.

Microsoft Defender XDR

In addition to viewing alerts and incidents within Defender XDR, you can now use Azure Resource Manager (ARM) logs as well as Kubernetes audits logs for further investigation using the advanced hunting capabilities.

If a hunting query provides a good indicator of malicious or unsanctioned activity in your environment, you can create a custom rule detection in the Defender XDR portal by going to the Advanced unting page > Manage rules > Create custom detection.

Privileged pod deployment

The following query surfaces deployment of a privileged pod:

CloudAuditEvents | where Timestamp > ago(1d) | where DataSource == "Azure Kubernetes Service" | where OperationName == "create" | where RawEventData.ObjectRef.resource == "pods" and isnull(RawEventData.ObjectRef.subresource) | where RawEventData.ResponseStatus.code startswith "20" | extend PodName = RawEventData.RequestObject.metadata.name | extend PodNamespace = RawEventData.ObjectRef.namespace | mv-expand Container = RawEventData.RequestObject.spec.containers | extend ContainerName = Container.name | where Container.securityContext.privileged == "true" | extend Username = RawEventData.User.username | project Timestamp, AzureResourceId , OperationName, IPAddress, UserAgent, PodName, PodNamespace, ContainerName, Username

Exec command

The following query identifies use of the exec command in the kube-system namespace:

CloudAuditEvents | where Timestamp > ago(1d) | where DataSource == "Azure Kubernetes Service" | where OperationName == "create" | where RawEventData.ObjectRef.resource == "pods" and RawEventData.ResponseStatus.code == 101 | where RawEventData.ObjectRef.namespace == "kube-system" | where RawEventData.ObjectRef.subresource == "exec" | where RawEventData.ResponseStatus.code == 101 | extend RequestURI = tostring(RawEventData.RequestURI) | extend PodName = tostring(RawEventData.ObjectRef.name) | extend PodNamespace = tostring(RawEventData.ObjectRef.namespace) | extend Username = tostring(RawEventData.User.username) | where PodName !startswith "tunnelfront-" and PodName !startswith "konnectivity-" and PodName !startswith "aks-link" | extend Commands = extract_all(@"command=([^\&]*)", RequestURI) | extend ParsedCommand = url_decode(strcat_array(Commands, " ")) | project Timestamp, AzureResourceId , OperationName, IPAddress, UserAgent, PodName, PodNamespace, Username, ParsedCommand

Cluster-admin role binding

The following query identifies the creation of cluster-admin role binding:

CloudAuditEvents | where Timestamp > ago(1d) | where OperationName == "create" | where RawEventData.ObjectRef.resource == "clusterrolebindings" | where RawEventData.ResponseStatus.code startswith "20" | where RawEventData.RequestObject.roleRef.name == "cluster-admin" | mv-expand Subject = RawEventData.RequestObject.subjects | extend SubjectName = tostring(Subject.name) | extend SubjectKind = tostring(Subject["kind"]) | extend BindingName = tostring(RawEventData.ObjectRef.name) | extend ActionTakenBy = tostring(RawEventData.User.username) | where ActionTakenBy != "acsService" //Remove FP | project Timestamp, AzureResourceId , OperationName, ActionTakenBy, IPAddress, UserAgent, BindingName, SubjectName, SubjectKind References

• KubiScan
• Learn Kubernetes Basics

Learn more

For the latest security research from the Microsoft Threat Intelligence community, check out the Microsoft Threat Intelligence Blog: https://aka.ms/threatintelblog.

To get notified about new publications and to join discussions on social media, follow us on LinkedIn at https://www.linkedin.com/showcase/microsoft-threat-intelligence, and on X (formerly Twitter) at https://twitter.com/MsftSecIntel.

To hear stories and insights from the Microsoft Threat Intelligence community about the ever-evolving threat landscape, listen to the Microsoft Threat Intelligence podcast: https://thecyberwire.com/podcasts/microsoft-threat-intelligence.

The post Understanding the threat landscape for Kubernetes and containerized assets appeared first on Microsoft Security Blog.