Microsoft Azure
Microsoft Azure | News, how-tos, features, reviews, and videos
Azure API Management flaws highlight server-side request forgery risks in API development
New SSRF vulnerabilities highlight the weaknesses of using blacklisting techniques as a defense mechanism.
How Microsoft’s Shared Key authorization can be abused and how to fix it
Orca Security revealed a potential point of entry for attackers through Shared Key authorization that could inadvertently become a gateway to sensitive data.
Iranian APT group launches destructive attacks in hybrid Azure AD environments
The threat group MERCURY has the ability to move from on-premises to cloud Microsoft Azure environments.
Managing security in the cloud through Microsoft Intune
Microsoft’s cloud-based endpoint management service extends Active Directory features to Microsoft Azure cloud.
Defending against attacks on Azure AD: Goodbye firewall, hello identity protection
Gone are the days when a good firewall was key to keeping attackers out of a network. Azure Active Directory users need to know the new weak spots in identity authentication and protection and how to mitigate attacks.
How Azure Active Directory opens new authentication risks
Hybrid cloud identity and access management services add complexity and opportunity for attackers to network authentication processes, as recently demonstrated for Azure AD.
AWS, Google Cloud, and Azure: How their security features compare
Each cloud platform differs in the security tools and features it offers customers to help them protect their cloud assets.
Researchers break Azure PostgreSQL database-as-a-service isolation with cross-tenant attack
Although the vulnerabilities were patched server-side, they allowed privilege escalation and authentication bypass.
Microsoft announces new security, privacy features at Ignite
Microsoft has consolidated some security tools under the Defender brand and added security and privacy features and products. Here's a look at what's new.
4 lessons from recent Microsoft Azure cloud vulnerabilities
The discovery of serious vulnerabilities in Azure's Cosmos database and Linux VM shows you can't take cloud security for granted. Here's how to reduce the risk from current and future vulnerabilities.
Cosmos DB users advised to regenerate their keys following serious vulnerability
The Azure vulnerability, which affects only those using the Jupyter Notebook feature, gives attackers access to data in databases.
The great cloud computing surge
Driven in part by the pandemic, cloud computing adoption has reached new heights. These five articles take a close look at the implications.
Tech Primer
What it takes to become an information assurance analyst
This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...
Tech Primer
Fraud prevention: Improving internal controls
Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.
Tech Primer
How to write an information security policy
Learn the critical first step, why consensus is key, what to cover and how make your information security policy — and program — effective.
Tech Primer
Red team versus blue team: How to run an effective simulation
Playing the role of an attacker can make your team better at defense. Learn how in our step-by-step guide to war gaming your security infrastructure — from involving the right people to weighing a hypothetical vs. live event.
Tech Primer
How to survive (and thrive) in the CISO hot seat
The CISO role is more varied and more pressure-filled than ever. CSO Online looks at how you can be successful in a post where security incidents and management feuds can cost you your job.
eBook
Special report: platforms play big in the cloud
This latest report in our C-Suite 360 series takes a full-spectrum look at the opportunities and risks in cloud computing, offering up the expert information your organization needs to set its cloud strategy.