< ciso
brief />
Tag Banner

All news with #azure tag

71 articles

Microsoft details SFI AI system to harden cloud

🚀 Microsoft describes a multi-agent AI system within the Secure Future Initiative (SFI) that continuously evaluates and hardens its cloud services. The system combines code, configuration, identity, network, and runtime evidence to find composite vulnerabilities and assess layered defenses. It generates assurance trees tailored to each service and produces high-quality, actionable findings that speed remediation. Microsoft reports the system compresses deep security reviews from weeks to hours and that over 90% of findings were validated by engineers.
read more →

Azure’s Unified Approach to Cloud Resiliency

🔧 Azure reframes resiliency beyond simple availability metrics to emphasize sustained operation, recoverability, and trust under real-world constraints. The platform combines zone-first design, data protection, and cyber recovery with observability and automation to help customers meet sovereignty and regulatory needs. New tooling like Azure Infrastructure Resiliency Manager and the Resiliency Agent shift guidance to executable, IaC-driven remediation.
read more →

Azure Managed HSM external key management preview

🔐 Azure announces public preview of external key management for Managed HSM, enabling customers to keep key material on HSMs they own and operate outside Microsoft infrastructure. The feature connects Azure cryptographic operations to external HSMs via a dedicated API endpoint while keeping keys from ever residing in Azure. It targets scenarios with strict regulatory or contractual data-sovereignty requirements and shifts more operational responsibility to customers.
read more →

Azure Chaos Studio Workspaces public preview

🧪 Azure Chaos Studio Workspaces is now in public preview, offering scenario-focused chaos engineering to validate application resilience. It provides curated outage scenarios (Zone Down, DNS Outage, SQL failover, etc.), a drag-and-drop Scenario Designer, and a managed Workspace that discovers resources and recommends applicable tests. Runs produce structured drill reports and integrations with GitHub Copilot and Model Context Protocol for automated workflows.
read more →

Azure Files boosts Linux workloads with NFS enhancements

📣 Azure Files provides fully managed file storage tailored for modern Linux workloads, combining familiar file access with built-in performance, resilience, and security. The service supports AI inferencing, cloud-native Kubernetes deployments, and enterprise migrations by exposing standard NFS and SMB endpoints and integrating with Azure services. New features like zonal placement, provisioned v2, and faster provisioning improve scale, latency, and cost management for shared file scenarios.
read more →

Optimizing PostgreSQL on Azure within VS Code

🔍 Microsoft highlights tighter integration for PostgreSQL on Azure by embedding performance tools directly into Visual Studio Code. The PostgreSQL extension centralizes query authoring, server metrics, Azure‑specific telemetry, and Azure Advisor recommendations to shorten detection-to-resolution time. Enhanced query plan visualization and AI‑assisted analysis help teams troubleshoot and tune queries faster, while schema‑aware authoring and Entra ID integration support secure, consistent workflows at enterprise scale.
read more →

Agentic cloud operations: insight to governed action

🧭 Agentic cloud operations use AI-powered agents to turn continuous observability into governed, auditable actions across the cloud lifecycle. Microsoft describes how Azure Copilot’s observability agent—now generally available—analyzes telemetry, traces dependencies, and surfaces grouped signals and contextual recommendations to speed incident resolution and reduce noise. Built-in governance and policy guardrails ensure actions respect controls and remain human-reviewed, while cost and usage intelligence integrate into developer tools to enable continuous optimization.
read more →

Three strategic takeaways from Microsoft Build 2026

🔍 This post summarizes three business-focused takeaways from Microsoft Build 2026 for leaders evaluating AI adoption. It explains how Microsoft is shifting from standalone models to a shared enterprise intelligence layer—Microsoft IQ—that connects business data and processes across systems. The article highlights Azure’s agent platform and Foundry updates for production-grade deployment, governance, and performance, emphasizing that AI is expected to deliver measurable outcomes now.
read more →

Experts warn MFA alone won’t stop token phishing

🔐 Security researchers and agencies are warning that phishing campaigns are increasingly targeting Microsoft 365 OAuth device codes and access tokens to bypass multifactor authentication. New commercial services like Kali365 and older kits such as EvilTokens automate token capture, AI‑generated lures, and large-scale campaign management. The FBI and vendors urge admins to restrict device code flows, apply conditional access, monitor token misuse, and adopt identity‑centric controls beyond MFA.
read more →

Azure IaaS: System-Level Approach for High Performance

🔧 This third post in the Azure IaaS series argues that cloud performance must be managed as a coordinated system across compute, storage, and networking rather than as isolated resource choices. It highlights platform features like Azure Boost, Ultra Disk, and Premium SSD v2 that offload processing, tune I/O, and decouple capacity from throughput. The article examines requirements for AI, cloud-native, and business-critical workloads and explains how Azure services such as AKS, Azure Container Storage, ExpressRoute, and advanced networking (eBPF/Cilium, Accelerated Networking) combine to deliver consistent, scalable, and recoverable performance.
read more →

Microsoft Disrupts Malware-Signing Service Abusing Artifact

🔒 Microsoft says it disrupted a malware-signing-as-a-service operation that abused its Azure Artifact Signing platform to generate fraudulent short-lived code-signing certificates used by ransomware gangs and other cybercriminals. The actor, tracked as Fox Tempest, created over 1,000 certificates and hundreds of Azure tenants and subscriptions. Microsoft seized the signspace[.]cloud domain, took virtual machines offline, revoked certificates, and filed a lawsuit in the Southern District of New York.
read more →

Storm-2949 Abuses SSPR and MFA to Exfiltrate Azure Data

🔐 Microsoft reports that a threat actor tracked as Storm-2949 is abusing Self-Service Password Reset (SSPR) and social engineering to steal Microsoft Entra ID credentials and bypass MFA for privileged users. The attackers trick targets into approving authentication prompts, reset passwords, remove MFA, and enroll Microsoft Authenticator on attacker devices. Using Microsoft Graph and custom scripts they enumerate tenants, exfiltrate files from OneDrive and SharePoint, and pivot into Azure to harvest secrets from Key Vaults, storage accounts, and SQL databases. Microsoft recommends least privilege, conditional access, phishing-resistant MFA for admins, limiting RBAC, and extended Key Vault logging to mitigate these attacks.
read more →

Storm-2949: Identity Compromise Leads to Cloud Breach

🔐 Microsoft Threat Intelligence details how Storm-2949 converted targeted identity compromise into a broad cloud breach, exfiltrating data from Microsoft 365 and production workloads in Azure. The actor abused SSPR-based social engineering to bypass MFA, performed directory discovery via Graph API, and leveraged management-plane operations to retrieve Key Vault secrets and download large volumes of data. Organizations should adopt behavior-based detections such as Microsoft Defender and tighten RBAC and administrative controls to detect and mitigate similar identity-driven cloud attacks.
read more →

Microsoft Rejects Azure Backup AKS Vulnerability Report

🔒 A security researcher alleges Microsoft quietly changed Azure Backup for AKS behavior after rejecting his March disclosure and blocking a CVE, arguing the issue required pre-existing administrative access. The reported flaw purportedly allowed a user with only the Backup Contributor role to gain cluster-admin privileges via Trusted Access. Microsoft maintains the behavior was expected and that no product changes were made, yet the researcher observed new permission checks and a shift to manual Trusted Access configuration after disclosure. CERT/CC validated the bug but the CVE process stalled, leaving defenders with limited visibility.
read more →

Azure IaaS: Defense in Depth and Secure-by-Design Principles

🔒 Azure IaaS combines a layered defense-in-depth architecture with Microsoft’s Secure Future Initiative—secure by design, secure by default, and secure in operation—to protect compute, networking, storage, and operations. Hardware roots of trust, measured boot, and host isolation reduce platform exposure while VM protections such as Trusted Launch and confidential computing guard workloads at runtime. Network defaults enforce least privilege and private connectivity, and centralized telemetry in Azure Monitor and Defender for Cloud enables continuous detection and response.
read more →

Azure Integrated HSM Open-sourced to Increase Trust

🔐 Microsoft is open-sourcing the firmware, drivers, and software stack for the Azure Integrated HSM, a tamper-resistant hardware security module built into new Azure servers and engineered to meet FIPS 140-3 Level 3. The move, announced at the OCP EMEA Summit, includes publishing validation artifacts and launching an OCP workgroup to guide ongoing development. Azure says the HSM protects keys in hardware so they never appear in host or guest memory, reducing classes of exfiltration attacks, and will be available in Azure V7 VMs globally in the coming weeks.
read more →

Microsoft Discovery: Agentic R&D at Enterprise Scale

🔬 Microsoft Discovery is an extensible platform that brings agentic orchestration, advanced reasoning, a graph-based knowledge foundation, and high-performance computing to enterprise R&D. It equips specialized agents to reason across proprietary data and external literature, generate hypotheses, and validate them through simulation and lab integrations under centralized governance. Built on Azure, the platform emphasizes security, compliance, partner interoperability, and enterprise-grade controls while remaining in preview.
read more →

Azure Accelerate for Databases: Modernize Data for AI

🚀 Azure Accelerate for Databases is a Microsoft program that helps organizations modernize database estates to become AI-ready. It bundles a Savings Plan (up to 35% vs. pay-as-you-go), delivery funding, Azure credits, zero-cost Cloud Accelerate Factory support, partner services, AI-enhanced assessments, and role-based skilling. The offering aims to reduce friction and speed migrations at scale. Microsoft highlights Thomson Reuters’ migration of over 18,000 databases as a customer example.
read more →

Microsoft Pays $2.3M for Cloud and AI Flaws at Zero Day Quest

🛡️ Microsoft awarded $2.3 million to security researchers after receiving nearly 700 submissions during this year’s Zero Day Quest hacking contest, compensating teams for high‑impact cloud and AI vulnerabilities uncovered at the live event. Participants from more than 20 countries tested within authorized environments under Microsoft’s Rules of Engagement and demonstrated issues such as credential exposure, SSRF chains, and cross‑tenant access without accessing customer data. The contest is part of the Secure Future Initiative, and Microsoft said findings will be shared through the CVE program to strengthen cloud and AI security.
read more →

Cloud Cost Optimization Principles That Still Matter

🔍 This article outlines durable principles for cloud cost optimization and explains why ongoing cost management remains essential as workloads scale. It highlights how AI workloads add unpredictability, iteration-driven spikes, and specialized infrastructure needs that amplify cost risk. The post recommends core practices—visibility, governance guardrails, rightsizing, and continuous review—while distinguishing cost management from action-oriented cost optimization. It concludes by urging measurement of value alongside cost and pointing to Azure guidance such as FinOps and AI ROI resources.
read more →