Share on facebook
Share on twitter
Share on linkedin

Microsoft’s new Open-Source nature is a breath of fresh air

Jim Curtis, Senior Cloud Security Architect

To start off some people reading this article may still have the image and viewpoint of Microsoft as being the company that does things its own way with its own products, and doesn’t particularly listen to outside noise.

Microsoft have built their colossal success by being highly efficient at building great hardware, brilliant and attractive software and to top it off, implementing strong and secure ringfencing around it all.

But in the last five years or so, a switch has flipped.

Today’s cyber threats and exploits don’t follow a system or schema. They are heavily customised and built to be executed on any system regardless of O/S or function – and that makes them more deadlier than ever for an organisation’s digital platform.

And in the last decade Microsoft has realised this and made some monumental steps to change to address these threats and because of that, SOCs, architects and most importantly customers are all reaping the benefits.

Microsoft has made steps with greater support for Linux, purchasing the open-source code management and collaboration platform GitHub, and introducing new open-source functionality and addons into services, such as  their Azure DevOps platform, with greater support for code-security analysis tools, such as  WhiteSource Bolt.

But being open-source natured is not just about purchasing open-source software houses or collaborating with open-source security providers. It’s about embracing the fact that the community is there to help.

Community engagement – whether with Microsoft 365 or Azure Defender – is now vital to drive constant product improvement, and thankfully for the industry Microsoft has realised this and is grabbing the opportunity it offers with both hands.

It’s seismic in the cloud security space that there are now tabs in Azure Security Center and Azure Sentinel for Community which directly takes architects and engineers to the community managed GitHub Repos straight from the Azure Portal.

Microsoft actively wants you to learn and engage with the community and use what someone else has already made, and bend it to your requirement, whether a workbook, a set of Sentinel KQL queries or a brilliant logic app playbook for auto-remediation. The Microsoft of old would never have done this.

The knowledge will never stop flowing in

Because tools like Sentinel, for example, are still so new, no one knows everything and probably never will about the product, and that is exciting for someone like myself – because the knowledge will never stop flowing in.

Microsoft is now admitting that they don’t know everything, and that’s accepted because the Microsoft cloud security community is powered by really strong and collaborative developers and engineers who have the same goal of creating a more secure ecosystem for all.

I believe with this new open-source nature that they’re now building into their security products especially, that it’s not a coincidence that products like Azure Defender and Microsoft 365 Defender for Endpoint are ascending up the Gartner quadrants consistently for being innovative industry leaders in the cloud security space.

Azure and Microsoft 365 offerings

All of the great improvements that have been made to the Microsoft cloud security stack year on year have made the Azure and Microsoft 365 offerings incredibly tantalising as an opportunity for current and future customers looking to migrate their workloads from on-premise or even from AWS or GCP, because security is rightfully the highest priority on any CTO/CIO’s list.

With Microsoft, your EUC, collaboration, infrastructure, automation and security is all under one low overhead umbrella, thanks to the shared security ecosystem that Microsoft has built and instead of having various systems sprawled across different providers, which is a risk in itself when it comes to maintaining security standards in an environment.

AI powered security ecosystem built with the strength and durability of Captain America’s shield

Whether it’s a football team or a security methodology, building from the back and work your way forward is a pretty smart strategy. The  team at Microsoft has done that by empowering the community in the background, building strong integrations with their toolsets across Azure and  Microsoft 365. The result is a deep AI powered security ecosystem built with strength and durability.

I feel empowered that I and my colleagues get to work with customers on these innovative products – and it’s thanks to the breath of fresh air that is the new open-minded and welcoming Microsoft.

If you have any questions around any cyber security elements relevant to your business, please give our team a call. Our services ensure we cover all areas to identify, protect, detect, respond, and recover from cyber threats 24/7×365.

You can reach our team on 03303 110 940, via email at hello@bridewellconsulting.com or reach out for a free, no obligation quote at https://bridewellconsulting.com/free-quote

Related Posts

Construction Industry – Threat Assessment August 2021

The construction industry may not appear to be an obvious target for cybercrime. The industry has an image of being a physical world industry with no connections to the digital one. If only that was true. The construction industry is being sought out by threat actors as the next easy target. In 2020 the average cost of the data breach within the construction industry was $4.99 million US dollars.