004 - Is Microsoft Taking Security Seriously? - An SFI Update
カートのアイテムが多すぎます
カートに追加できませんでした。
ウィッシュリストに追加できませんでした。
ほしい物リストの削除に失敗しました。
ポッドキャストのフォローに失敗しました
ポッドキャストのフォロー解除に失敗しました
004 - Is Microsoft Taking Security Seriously? - An SFI Update
-
ナレーター:
-
著者:
このコンテンツについて
In this episode of SysAdmin Weekly, host Andy Syrewicze and guest Paul Schnackenburg discuss Microsoft's Secure Future Initiative (SFI) - a new initiative created a year or two back in response to multiple security incidents at Microsoft. In this conversation, Andy and Paul expand on various aspects of Microsoft's progress on the plans outlined in the Secure Future Initiative, focusing on the integration of security best practices in development, the implementation of hardware security modules, and the enhancement of Red Team capabilities.
Other key points of the SFI discussed include the role of AI in Microsoft's internal security operations, cultural shifts towards security awareness among Microsoft employees, and Microsoft's plans for management of identities and access control. Finally the guys wrap up with why all this is important for SysAdmins!
Key Points:
- Microsoft's Secure Future Initiative aims to improve security practices.
- The CSRB report highlighted significant security failings at Microsoft.
- Microsoft is focusing on integrating security best practices into development.
- The introduction of hardware security modules is a significant step for Microsoft.
- Red Team capabilities are being enhanced to identify vulnerabilities more effectively internally at Microsoft.
- AI is being integrated into security operations to improve efficiency of MS internal security.
- Cultural shifts are occurring at Microsoft to prioritize security across all employees.
Episode Resources:
Microsoft April 2025 SFI Progress Report - https://www.microsoft.com/en-us/security/blog/2025/04/21/securing-our-future-april-2025-progress-report-on-microsofts-secure-future-initiative/
CSRB Report - https://www.cisa.gov/resources-tools/resources/CSRB-Review-Summer-2023-MEO-Intrusion
Google on 97 Zero-Days in 2024 - https://www.bleepingcomputer.com/news/security/google-97-zero-days-exploited-in-2024-over-50-percent-in-spyware-attacks/
Paul Schnackenburg - https://www.expertitsolutions.com.au/aboutus.html
Paul's Blog - https://tellitasitis.com.au/
Project Runspace - https://www.projectrunspace.org
Andy on Tech - https://www.andyontech.com
#sysadmin #securefuture #cybersecurity #microsoft