Microsoft is overhauling its software security after major Azure cloud attacks

It’s the biggest change to security efforts inside Microsoft since the company announced its Security Development Lifecycle (SDL) in 2004 after Windows XP fell victim to a huge Blaster worm attack that knocked PCs offline in 2003. That push came just two years after co-founder Bill Gates had called on a trustworthy computing initiative in an internal memo. microsoft azure security engineers are in high demand due to the increasing adoption of Microsoft Azure as a cloud computing platform. Employers require skilled professionals to ensure the secure configuration and protection of Azure resources and data, as well as to detect and respond to security incidents in Azure environments. Part of the criticism leveled at Microsoft in recent months has been focused on the amount of time it takes the company to respond to major security vulnerabilities. Cybersecurity company Tenable originally discovered an Azure flaw in March, but it says it took Microsoft “more than 90 days to implement a partial fix” that only applied to new Azure applications.

In an internal memo to Microsoft’s engineering teams today, the company’s leadership has outlined its new cybersecurity approach. It comes just months after Microsoft was accused of “blatantly negligent” cybersecurity practices related to a major breach that targeted its Azure platform. Microsoft has faced mounting criticism of its handling of a variety of cybersecurity issues in recent years.

Do I need to take the courses in a specific order?

An Azure security engineer oversees the security aspects of Azure, multi-cloud, and hybrid environments. Their job entails managing the overall security posture, proactively identifying and addressing vulnerabilities, conducting threat modeling, and implementing threat protection measures. In addition, they collaborate with architects, administrators, and developers to design and implement secure solutions that align with security and compliance standards. Azure security engineers may also play a role in incident response activities, effectively mitigating and resolving security incidents as needed. Each course has a scenario-based project, enabling you to practice skills in a realistic setting.

microsoft azure security

When you complete this professional certificate, you will have skills that enable you to confidently attempt the AZ-500 Microsoft Azure Security Technologies exam. No prior knowledge is required to enroll in this program, however, having a familiarity with Azure technologies and a solid understanding of computer networking and hybrid environments is highly recommended. Azure security engineers are responsible for implementing, managing, and overseeing security measures across Azure, multi-cloud, and hybrid environments to safeguard the entire infrastructure. In September, cybersecurity research firm Wiz disclosed that 38TB of data had accidentally been exposed by Microsoft AI researchers thanks to an Azure feature called SAS tokens. “Account SAS tokens are extremely hard to manage and revoke,” said Wiz researchers at the time.

See how employees at top companies are mastering in-demand skills

Learners who pass all 7 courses will receive a voucher for 50% off the AZ-500 certificate exam. Learners who complete this program will receive 50% off of the AZ-500 Microsoft Certification Exam. This course is completely online, so there’s no need to show up to a classroom in person.

  • In September, cybersecurity research firm Wiz disclosed that 38TB of data had accidentally been exposed by Microsoft AI researchers thanks to an Azure feature called SAS tokens.
  • Cybersecurity company Tenable originally discovered an Azure flaw in March, but it says it took Microsoft “more than 90 days to implement a partial fix” that only applied to new Azure applications.
  • It’s the biggest change to security efforts inside Microsoft since the company announced its Security Development Lifecycle (SDL) in 2004 after Windows XP fell victim to a huge Blaster worm attack that knocked PCs offline in 2003.

You can access your lectures, readings and assignments anytime and anywhere via the web or your mobile device.

Identity Protection and Governance

These projects allow you to deepen your skills in protecting identity, access, data, applications, and networks in cloud and hybrid environments. The program content aligns with the AZ-500 Microsoft Azure Security Technologies exam, validating your preparedness to implement, manage, and monitor security. Additionally, the final projects, based on real-life scenarios, demonstrate your ability to utilize tools and services to complete tasks expected by employers. “We plan to cut the time it takes to mitigate cloud vulnerabilities by 50 percent,” says Bell in his memo. Microsoft is now announcing a huge cybersecurity effort, dubbed the Secure Future Initiative (SFI). This new approach is designed to change the way Microsoft designs, builds, tests, and operates its software and services.

microsoft azure security

Leave a Comment

Your email address will not be published. Required fields are marked *