Categories
Education

Microsoft is overhauling its software security after major Azure cloud attacks

An Azure security engineer oversees the security aspects of Azure, multi-cloud, and hybrid environments. Their job entails managing the overall security posture, proactively identifying and addressing vulnerabilities, conducting threat modeling, and implementing threat protection measures. In addition, they collaborate with architects, administrators, microsoft azure security and developers to design and implement secure solutions that align with security and compliance standards. Azure security engineers may also play a role in incident response activities, effectively mitigating and resolving security incidents as needed. Each course has a scenario-based project, enabling you to practice skills in a realistic setting.

  • Microsoft Azure security engineers are in high demand due to the increasing adoption of Microsoft Azure as a cloud computing platform.
  • This new approach is designed to change the way Microsoft designs, builds, tests, and operates its software and services.
  • Their job entails managing the overall security posture, proactively identifying and addressing vulnerabilities, conducting threat modeling, and implementing threat protection measures.

It’s the biggest change to security efforts inside Microsoft since the company announced its Security Development Lifecycle (SDL) in 2004 after Windows XP fell victim to a huge Blaster worm attack that knocked PCs offline in 2003. That push came just two years after co-founder Bill Gates had called on a trustworthy computing initiative in an internal memo. Microsoft Azure security engineers are in high demand due to the increasing adoption of Microsoft Azure as a cloud computing platform. Employers require skilled professionals to ensure the secure configuration and protection of Azure resources and data, as well as to detect and respond to security incidents in Azure environments. Part of the criticism leveled at Microsoft in recent months has been focused on the amount of time it takes the company to respond to major security vulnerabilities. Cybersecurity company Tenable originally discovered an Azure flaw in March, but it says it took Microsoft “more than 90 days to implement a partial fix” that only applied to new Azure applications.

The future of Xbox: all the news on Microsoft’s strategy shift

When you complete this professional certificate, you will have skills that enable you to confidently attempt the AZ-500 Microsoft Azure Security Technologies exam. No prior knowledge is required to enroll in this program, however, having a familiarity with Azure technologies and a solid understanding of computer networking and hybrid environments is highly recommended. Azure security engineers are responsible for implementing, managing, and overseeing security measures across Azure, multi-cloud, and hybrid environments to safeguard the entire infrastructure. In September, cybersecurity research firm Wiz disclosed that 38TB of data had accidentally been exposed by Microsoft AI researchers thanks to an Azure feature called SAS tokens. “Account SAS tokens are extremely hard to manage and revoke,” said Wiz researchers at the time.

  • These projects allow you to deepen your skills in protecting identity, access, data, applications, and networks in cloud and hybrid environments.
  • You would have gained the skills to monitor security events, investigate incidents, and respond promptly to mitigate potential risks or breaches.
  • Microsoft doesn’t specifically mention SAS tokens in its new security initiative, but hopefully it’s something the company is looking at, too.
  • Microsoft is now announcing a huge cybersecurity effort, dubbed the Secure Future Initiative (SFI).
  • Microsoft has faced mounting criticism of its handling of a variety of cybersecurity issues in recent years.

In terms of job responsibilities, you will be able to implement and manage security controls ensuring proper access management, network security, and data protection. You would have gained the skills to monitor security events, investigate incidents, and respond promptly to mitigate potential risks or breaches. In addition, the skills gained will help you identify vulnerabilities and gaps in an organization’s Azure infrastructure and provide recommendations to enhance the security posture. You will be able to conduct risk assessments and ensure compliance within Azure environments.

See how employees at top companies are mastering in-demand skills

Microsoft doesn’t specifically mention SAS tokens in its new security initiative, but hopefully it’s something the company is looking at, too. Through this program, you will gain skills that top-tier companies actively seek, showcasing your job-readiness for a career in security technologies. If you are an Azure administrator, this is the right course to steer your career toward IT security.

microsoft azure security

In an internal memo to Microsoft’s engineering teams today, the company’s leadership has outlined its new cybersecurity approach. It comes just months after Microsoft was accused of “blatantly negligent” cybersecurity practices related to a major breach that targeted its Azure platform. Microsoft has faced mounting criticism of its handling of a variety of cybersecurity issues in recent years.