Jim Curtis, Senior Cloud Security Architect
To start off some people reading this article may still have the image and viewpoint of Microsoft as being the company that does things its own way with its own products, and doesn’t particularly listen to outside noise.
Microsoft have built their colossal success by being highly efficient at building great hardware, brilliant and attractive software and to top it off, implementing strong and secure ringfencing around it all.
But in the last five years or so, a switch has flipped.
Today’s cyber threats and exploits don’t follow a system or schema. They are heavily customised and built to be executed on any system regardless of O/S or function – and that makes them more deadlier than ever for an organisation’s digital platform.
And in the last decade Microsoft has realised this and made some monumental steps to change to address these threats and because of that, SOCs, architects and most importantly customers are all reaping the benefits.
Microsoft has made steps with greater support for Linux, purchasing the open-source code management and collaboration platform GitHub, and introducing new open-source functionality and addons into services, such as their Azure DevOps platform, with greater support for code-security analysis tools, such as WhiteSource Bolt.
But being open-source natured is not just about purchasing open-source software houses or collaborating with open-source security providers. It’s about embracing the fact that the community is there to help.
Community engagement – whether with Microsoft 365 or Azure Defender – is now vital to drive constant product improvement, and thankfully for the industry Microsoft has realised this and is grabbing the opportunity it offers with both hands.
It’s seismic in the cloud security space that there are now tabs in Azure Security Center and Azure Sentinel for Community which directly takes architects and engineers to the community managed GitHub Repos straight from the Azure Portal.
Microsoft actively wants you to learn and engage with the community and use what someone else has already made, and bend it to your requirement, whether a workbook, a set of Sentinel KQL queries or a brilliant logic app playbook for auto-remediation. The Microsoft of old would never have done this.
The knowledge will never stop flowing in
Because tools like Sentinel, for example, are still so new, no one knows everything and probably never will about the product, and that is exciting for someone like myself – because the knowledge will never stop flowing in.
Microsoft is now admitting that they don’t know everything, and that’s accepted because the Microsoft cloud security community is powered by really strong and collaborative developers and engineers who have the same goal of creating a more secure ecosystem for all.
I believe with this new open-source nature that they’re now building into their security products especially, that it’s not a coincidence that products like Azure Defender and Microsoft 365 Defender for Endpoint are ascending up the Gartner quadrants consistently for being innovative industry leaders in the cloud security space.
Azure and Microsoft 365 offerings
All of the great improvements that have been made to the Microsoft cloud security stack year on year have made the Azure and Microsoft 365 offerings incredibly tantalising as an opportunity for current and future customers looking to migrate their workloads from on-premise or even from AWS or GCP, because security is rightfully the highest priority on any CTO/CIO’s list.
With Microsoft, your EUC, collaboration, infrastructure, automation and security is all under one low overhead umbrella, thanks to the shared security ecosystem that Microsoft has built and instead of having various systems sprawled across different providers, which is a risk in itself when it comes to maintaining security standards in an environment.
AI powered security ecosystem built with the strength and durability of Captain America’s shield
Whether it’s a football team or a security methodology, building from the back and work your way forward is a pretty smart strategy. The team at Microsoft has done that by empowering the community in the background, building strong integrations with their toolsets across Azure and Microsoft 365. The result is a deep AI powered security ecosystem built with strength and durability.
I feel empowered that I and my colleagues get to work with customers on these innovative products – and it’s thanks to the breath of fresh air that is the new open-minded and welcoming Microsoft.
If you have any questions around any cyber security elements relevant to your business, please give our team a call. Our services ensure we cover all areas to identify, protect, detect, respond, and recover from cyber threats 24/7×365.