SC-100 Microsoft Cybersecurity Architect syllabus | http://babelouedstory.com/

SC-100 syllabus - Microsoft Cybersecurity Architect Updated: 2023

Pass4sure SC-100 dumps practice questions with Real Questions
Exam Code: SC-100 Microsoft Cybersecurity Architect syllabus June 2023 by Killexams.com team
Microsoft Cybersecurity Architect
Microsoft Cybersecurity syllabus

Other Microsoft exams

MOFF-EN Microsoft Operations Framework Foundation
62-193 Technology Literacy for Educators
AZ-400 Microsoft Azure DevOps Solutions
DP-100 Designing and Implementing a Data Science Solution on Azure
MD-100 Windows 10
MD-101 Managing Modern Desktops
MS-100 Microsoft 365 Identity and Services
MS-101 Microsoft 365 Mobility and Security
MB-210 Microsoft Dynamics 365 for Sales
MB-230 Microsoft Dynamics 365 for Customer Service
MB-240 Microsoft Dynamics 365 for Field Service
MB-310 Microsoft Dynamics 365 for Finance and Operations, Financials (2023)
MB-320 Microsoft Dynamics 365 for Finance and Operations, Manufacturing
MS-900 Microsoft Dynamics 365 Fundamentals
MB-220 Microsoft Dynamics 365 for Marketing
MB-300 Microsoft Dynamics 365 - Core Finance and Operations
MB-330 Microsoft Dynamics 365 for Finance and Operations, Supply Chain Management
AZ-500 Microsoft Azure Security Technologies 2023
MS-500 Microsoft 365 Security Administration
AZ-204 Developing Solutions for Microsoft Azure
MS-700 Managing Microsoft Teams
AZ-120 Planning and Administering Microsoft Azure for SAP Workloads
AZ-220 Microsoft Azure IoT Developer
MB-700 Microsoft Dynamics 365: Finance and Operations Apps Solution Architect
AZ-104 Microsoft Azure Administrator 2023
AZ-303 Microsoft Azure Architect Technologies
AZ-304 Microsoft Azure Architect Design
DA-100 Analyzing Data with Microsoft Power BI
DP-300 Administering Relational Databases on Microsoft Azure
DP-900 Microsoft Azure Data Fundamentals
MS-203 Microsoft 365 Messaging
MS-600 Building Applications and Solutions with Microsoft 365 Core Services
PL-100 Microsoft Power Platform App Maker
PL-200 Microsoft Power Platform Functional Consultant
PL-400 Microsoft Power Platform Developer
AI-900 Microsoft Azure AI Fundamentals
MB-500 Microsoft Dynamics 365: Finance and Operations Apps Developer
SC-400 Microsoft Information Protection Administrator
MB-920 Microsoft Dynamics 365 Fundamentals Finance and Operations Apps (ERP)
MB-800 Microsoft Dynamics 365 Business Central Functional Consultant
PL-600 Microsoft Power Platform Solution Architect
AZ-600 Configuring and Operating a Hybrid Cloud with Microsoft Azure Stack Hub
SC-300 Microsoft Identity and Access Administrator
SC-200 Microsoft Security Operations Analyst
DP-203 Data Engineering on Microsoft Azure
MB-910 Microsoft Dynamics 365 Fundamentals (CRM)
AI-102 Designing and Implementing a Microsoft Azure AI Solution
AZ-140 Configuring and Operating Windows Virtual Desktop on Microsoft Azure
MB-340 Microsoft Dynamics 365 Commerce Functional Consultant
MS-740 Troubleshooting Microsoft Teams
SC-900 Microsoft Security, Compliance, and Identity Fundamentals
AZ-800 Administering Windows Server Hybrid Core Infrastructure
AZ-801 Configuring Windows Server Hybrid Advanced Services
AZ-700 Designing and Implementing Microsoft Azure Networking Solutions
AZ-305 Designing Microsoft Azure Infrastructure Solutions
AZ-900 Microsoft Azure Fundamentals
PL-300 Microsoft Power BI Data Analyst
PL-900 Microsoft Power Platform Fundamentals
MS-720 Microsoft Teams Voice Engineer
DP-500 Designing and Implementing Enterprise-Scale Analytics Solutions Using Microsoft Azure and Microsoft Power BI
PL-500 Microsoft Power Automate RPA Developer
SC-100 Microsoft Cybersecurity Architect
MO-201 Microsoft Excel Expert (Excel and Excel 2019)
MO-100 Microsoft Word (Word and Word 2019)
MS-220 Troubleshooting Microsoft Exchange Online

We are doing struggle on providing valid and updated SC-100 dumps real questions and answers, along with vce exam simulator for SC-100 braindumps practice. Our experts keep it updated and keep connected to people taking the SC-100 test. They update SC-100 dumps as necessary and maintain high quality of material so that test takers really benefit from it.
SC-100 Dumps
SC-100 Braindumps
SC-100 Real Questions
SC-100 Practice Test
SC-100 dumps free
Microsoft
SC-100
Microsoft Cybersecurity Architect
http://killexams.com/pass4sure/exam-detail/SC-100
Question: 33
You are creating an application lifecycle management process based on the Microsoft Security Development Lifecycle
(SDL).
You need to recommend a security standard for onboarding applications to Azure. The standard will include
recommendations for application design, development, and deployment
What should you include during the application design phase?
A. static application security testing (SAST) by using SonarQube
B. dynamic application security testing (DAST) by using Veracode
C. threat modeling by using the Microsoft Threat Modeling Tool
D. software decomposition by using Microsoft Visual Studio Enterprise
Answer: C
Explanation:
https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling
Question: 34
HOTSPOT
You need to recommend a strategy for App Service web app connectivity. The solution must meet the landing zone
requirements.
What should you recommend? To answer, select the appropriate options in the answer area. NOTE Each correct
selection is worth one point.
Answer:
Explanation:
Box 1: Virtual Network Integration – correct
Virtual network integration gives your app access to resources in your virtual network, but it doesn’t grant inbound
private access to your app from the virtual network.
Box 2: Private Endpoints. – correct
You can use Private Endpoint for your Azure Web App to allow clients located in your private network to securely
access the app over Private Link.
Question: 35
Your company is developing a serverless application in Azure that will have the architecture shown in the following
exhibit.
You need to recommend a solution to isolate the compute components on an Azure virtual network.
What should you include in the recommendation?
A. Azure Active Directory (Azure AD) enterprise applications
B. an Azure App Service Environment (ASE)
C. Azure service endpoints
D. an Azure Active Directory (Azure AD) application proxy
Answer: B
Explanation:
App Service environments (ASEs) are appropriate for application workloads that require:
Very high scale,Isolation and secure network access,High memory utilization.
This capability can host your:
Windows web apps,Linux web apps
Docker containers,Mobile apps
Functions
https://docs.microsoft.com/en-us/azure/app-service/environment/overview
Question: 36
You need to recommend a solution to scan the application code. The solution must meet the application development
requirements.
What should you include in the recommendation?
A. Azure Key Vault
B. GitHub Advanced Security
C. Application Insights in Azure Monitor
D. Azure DevTest Labs
Answer: B
Explanation:
https://docs.microsoft.com/en-us/learn/modules/introduction-github-advanced-security/2-what-is-github-advanced-
security
Question: 37
HOTSPOT
You need to recommend a strategy for securing the litware.com forest. The solution must meet the identity
requirements.
What should you include in the recommendation? To answer, select the appropriate options in the answer area. NOTE;
Each correct selection is worth one point.
Answer:
Explanation:
Question: 38
You are designing a ransomware response plan that follows Microsoft Security Best Practices.
You need to recommend a solution to limit the scope of damage of ransomware attacks without being locked out.
What should you include in the recommendations?
A. Privileged Access Workstations (PAWs)
B. emergency access accounts
C. device compliance policies
D. Customer Lockbox for Microsoft Azure
Answer: B
Question: 39
HOTSPOT
You need to recommend a multi-tenant and hybrid security solution that meets to the business requirements and the
hybrid requirements.
What should you recommend? To answer, select the appropriate options in the answer area. NOTE: Each correct
selection is worth one point.
Answer:
Question: 40
HOTSPOT
You use Azure Pipelines with Azure Repos to implement continuous integration and continuous deployment (CI/CO)
workflows.
You need to recommend best practices to secure the stages of the CI/CD workflows based on the Microsoft Cloud
Adoption Framework for Azure.
What should you include in the recommendation for each stage? To answer, select the appropriate options in the
answer area. NOTE: Each correct selection is worth one point.
Answer:
Question: 41
A customer is deploying Docker images to 10 Azure Kubernetes Service (AKS) resources across four Azure
subscriptions. You are evaluating the security posture of the customer.
You discover that the AKS resources are excluded from the secure score recommendations. You need to produce
accurate recommendations and update the secure score.
Which two actions should you recommend in Microsoft Defender for Cloud? Each correct answer presents part of the
solution. NOTE: Each correct selection is worth one point.
A. Configure auto provisioning.
B. Assign regulatory compliance policies.
C. Review the inventory.
D. Add a workflow automation.
E. Enable Defender plans.
Answer: A,E
Explanation:
https://docs.microsoft.com/en-us/azure/defender-for-cloud/update-regulatory-compliance-packages
https://docs.microsoft.com/en-us/azure/defender-for-cloud/workflow-automation
Question: 42
Your company has a Microsoft 365 E5 subscription.
Users use Microsoft Teams, Exchange Online, SharePoint Online, and OneDrive for sharing and collaborating. The
company identifies protected health information (PHI) within stored documents and communications.
What should you recommend using to prevent the PHI from being shared outside the company?
A. insider risk management policies
B. data loss prevention (DLP) policies
C. sensitivity label policies
D. retention policies
Answer: B
Explanation:
https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-policy?view=o365-worldwide
For More exams visit https://killexams.com/vendors-exam-list
Kill your exam at First Attempt....Guaranteed!

Microsoft Cybersecurity syllabus - BingNews https://killexams.com/pass4sure/exam-detail/SC-100 Search results Microsoft Cybersecurity syllabus - BingNews https://killexams.com/pass4sure/exam-detail/SC-100 https://killexams.com/exam_list/Microsoft Top 10 Countries for Cybersecurity Awareness in 2023

Despite news of breaches and leaks on what feels like a weekly basis, the US scored admirably in the National Privacy Test from NordVPN in 2023.

The importance of cybersecurity awareness has never been more apparent in the modern era. Email scams and skilled hackers are threatening to steal your data no matter where you are online, and they're getting more effective by the day.

Subsequently, a bit of awareness can go a long way in shoring up your security, and some countries are better about it than others.

US Scores 64% on National Privacy Test in 2023

There's no denying that cybersecurity has become an pressing issue in 2023, and luckily the US is at least moderately keeping up with the times, having scored a 64% on the National Privacy Test from NordVPN. Here are the scores from countries with more than 100 respondents.

  • United States (5,350 respondents) – 64%
  • Germany (848 respondents) – 64%
  • Afghanistan (105 respondents) 64%
  • United Kingdom (2,084 respondents) – 63%
  • Netherlands (744 respondents) – 63%
  • Australia (1,088 respondents) – 62%
  • Canada (694 respondents) – 62%
  • Sweden (304 respondents) – 61%
  • France (599 respondents) – 59%
  • Italy (382 respondents) – 59%
  • Spain (205 respondents) – 59%

Admittedly, there were other countries that received higher marks than these top scorers, like Ghana (75%), Serbia (72%), and El Salvador (71%). However, with fewer than 10 respondents each, the test weighed their scores lower due to it not being a significant portion of the population.

What Is the National Privacy Test?

The National Privacy Test is a global test of cybersecurity awareness of countries around the world. The goal is to let everyday users to “test their knowledge on privacy and cybersecurity and identify where you need to improve,” according to the website.

“By creating the National Privacy Test (NPT), NordVPN seeks to determine local and global levels of online privacy and cybersecurity awareness.”

The test asks basic questions on daily digital life, privacy awareness, and real security habits to get an idea of what users actually know about cybersecurity. Some of the questions in the test include:

  • What information do you read on a terms and conditions page?
  • What kind of security tools do you use to securely use the internet?
  • How do you make sure your Wi-Fi connection is secure?

The test is supported by the NordVPN Social Responsibility program, with the goal “to see the internet the way it was first envisioned – free from crime, censorship, and surveillance.”

Secure Your Data

Incogni by Surfshark can help you reclaim your information to stay safer online.

Is Cybersecurity Important?

All this talk about cybersecurity probably has you wondering whether or not it even matters for your business. After all, how much could a little security breach actually cost your business in the long run?

The reality, however, is that it can cost you a lot. In fact, accurate studies have shown that a single security breach can cost your company almost $10 million, an amount that no business owner should be comfortable with, no matter how good your quarterly report was.

So what can you do to make security a priority? If you can't afford to hire a full-on cybersecurity professional to keep your team safe, there are other more affordable options available. The best place to start is with the right tools, including password managers, remote desktop software, and VPNs.

Mon, 05 Jun 2023 03:40:00 -0500 en-US text/html https://tech.co/news/countries-cybersecurity-awareness
Today’s Cyber Threats Require Modern Cloud Network Security

By Narayan Annamalai

When cybersecurity measures fail, the results can be devastating and costly. In the past year, network security failures have led to downed websites, delayed flights, unavailable video games, and much more. Such incidents can erode customer, investor, and board member trust and result in the types of headlines you don’t want. Technology challenges and the growing frequency and sophistication of cyberattacks spur conversation—and understandable worry—across industries. CISOs and other C-Suite members, as well as security professionals, recognize how increased cloud adoption and the shift toward hybrid work have expanded the attack surface. Some leaders also mention the challenges represented by the dynamic and complex regulatory landscape.

Consider these security statistics:

Your network is the heart of your organization—and a tempting prize for bad actors. Network security puts controls in place to help prevent cybercriminals from breaching it. Let’s explore how.

Protecting your data and assets

Cloud network security can keep pace with modern cybersecurity threats in a way that’s not possible with conventional security tools. It can secure the data and applications that are essential to supporting hybrid workforces in cloud environments. And it enables you to protect organization assets from emerging attacks and secure both apps and infrastructure.

Network security in the cloud is important because all assets are accessed over a network. Here are the major components of effective network security in the cloud:

  • Zero Trust approach: Zero Trust means using least-privilege access to limit user access, always authenticating identity, and minimizing blast radius and segment access by assuming a security breach. It helps you manage people, devices, data, and assets so you can enable a hybrid workforce, protect sensitive information, and manage multicloud assets with confidence.
  • Network firewall: A network firewall helps prevent cybercriminals from accessing your network resources by monitoring and inspecting your network traffic and blocking malicious traffic.
  • DDoS protection: Distributed denial of service (DDoS) attacks involve cybercriminals targeting a website or service by flooding it with traffic to disrupt network services. DDoS protection typically provides monitoring, attack mitigation, and other features as defenses.
  • Web application protection: Web applications and application programming interfaces (APIs) are popular targets for cybercriminals, as they are accessible over the public internet and may provide access to sensitive data. Web application protection helps protect websites, applications, and APIs from attacks.

Network security in action

Manufacturers create a significant volume of sensitive data, including intellectual property and research and development data. The IoT devices they use are highly targeted in DDoS attacks. And their supply chains are frequent targets as well.

Manufacturers may be more willing than those in other sectors to pay criminals ransom because of the sensitivity of their data and their reliance on the supply chain to receive product components and to ship their products. Attacks that target the supply chain could bring operations to a standstill.

Let’s take a look at a common manufacturing use case—secure connected insights, which can be used for theft prevention, loss monitoring, warehouse optimization, and traffic flow insights across a city or in a retail environment to automate stock replenishment. Manufacturers can monitor the activities of their warehouse floors, assembly lines, production, and distribution in real time via a connected factory setup.

Along with machine learning and compute technologies for mission-critical analytics, manufacturers and other industries need cloud network security to ensure that data is secure and disruption is minimized. It secures your apps and network infrastructure against threats. The benefits of using network security include reducing security threats, improving operational efficiency, and increasing business agility.

Cloud network security services, like those of Azure Network Security, paired with Microsoft Azure Virtual Machines powered by AMD, ensure you can deliver secure connected insights efficiently. Features include:

  • Operations scalability to maximize warehouse efficiency
  • Faster issue resolution tracking products across the value chain
  • Better safety and quality control
  • On-time delivery of goods and services

Protect against modern threats

Cyber threats continually challenge traditional security methods. Modern network security can answer the call with a Zero Trust approach, network firewall, DDoS protection, and web application protection.

Microsoft and AMD share the objective of prioritizing network security services—fully secure modern network protection for Azure workloads. Network security can help you protect your people, data, and operations in any sector.


Narayan Annamalai leads the SDN product management group in Microsoft Azure that focuses on virtual networks, load balancing and network security.

Learn how AMD helps accelerate Azure workloads and how Azure Network Security can help your organization protect your data and assets.

Fri, 02 Jun 2023 01:02:00 -0500 text/html https://hbr.org/sponsored/2023/06/todays-cyber-threats-require-modern-cloud-network-security
Pentagon Hacking Fears Fueled by Microsoft's Monopoly on Military IT

The U.S. Department of Defense is quietly abandoning one of its longest running cybersecurity programs protecting its vast global IT network, and replacing it with off-the-shelf tools from Microsoft, despite internal opposition and criticism from experts who say it will make the nation more vulnerable to foreign hackers, enemy cyberwarriors and online spies, Newsweek has learned.

At a series of meetings with DOD Chief Information Officer John Sherman last fall, as the department's fiscal year 2024 budget request was being finalized, a clear majority of senior IT leaders from the military services opposed the move, a former senior defense official directly involved told Newsweek. They were concerned about the department's growing reliance on a single software vendor: "I was completely against it. A lot of us were, for the same reason: It felt like we were further embedding ourselves into this monopolistic (Microsoft) monoculture."

The potential risks were laid bare in March, when it was revealed that hackers suspected to be from Russian military intelligence had been stealthily exploiting a vulnerability in Outlook, Microsoft's email program, for almost a year. The incident, unreported except by the cybersecurity trade press, illustrates what experts say are the dangers of relying exclusively on Microsoft IT.

DOD's decision to push ahead with the move to Microsoft security tools, based on an assessment from the National Security Agency, has cast a new light on long-standing questions about the security of the software produced by the Redmond, Wash.-based technology giant, and the impact of its dominance in government technology markets. It could also run counter to the White House's new cybersecurity strategy, which calls on software companies to offer secure products in the first place rather than selling additional security measures on top.

Lance Corporal Kristi Baker, 21, a U.S. Marine with the FET (Female Engagement Team) 1st Battalion 8th Marines, Regimental Combat Team II, hangs out in the barracks working on her laptop on November 12, 2010, in Musa Qala, Afghanistan. In 2020 and 2021, users of the Navy Marine Corps Internet were among the first military personnel to pilot the new Microsoft monoculture through the Flank Speed program. Paula Bronstein/Getty

The NSA declined to provide Newsweek with a copy of the assessment or to comment. The former official said the assessment was a decisive factor behind the decision because everyone understood it could have been informed by undisclosed secret intelligence. "You don't really get to argue that," said the former official, speaking on condition of anonymity because he was not authorized to speak to the media.

The Defense Department's IT network, one of the largest in the world, was already a poster child for what cyber experts call the Microsoft monoculture—an IT environment in which everyone uses the same software, meaning they are all potentially vulnerable to the same cyberattacks.

Since 2017, DOD has exclusively used the Microsoft Windows operating system on all its four million-plus desktop computers and is increasingly employing Microsoft's Azure cloud computing services. And most of its 2.1 million active duty and reserve military personnel and 750,000 civilian employees use Microsoft programs such as Outlook or Office for email, calendar, word processing and other administrative tasks.

Now, the department will use Microsoft Defender—a set of cybersecurity tools bundled with the company's higher-end software licenses—as well, Deputy CIO David McKeown, one of the Defense Department's top cyber officials, confirmed to Newsweek. "Microsoft Defender will provide DOD an integrated cybersecurity solution that promises to satisfy most, if not all, of the capabilities we require" to secure the military's networks, he said via email. He disputed the suggestion that using Microsoft security tools to protect Microsoft software would make the DOD more vulnerable, saying tools that were built from the ground up to integrate with the software they were protecting would be more secure.

In a statement to Newsweek, Microsoft said it was best placed to defend its own products because of the huge amount of data it can draw on from its billions of users all over the world.

"Our teams process and share up to 65 trillion cyber signals a day in order to enhance the security baseline for government and commercial entities. We ... will continue to invest in both integrated and standalone security products to help our government customers combat an increasingly complex threat environment."

But the DOD's move goes too far for some former career defense officials—even those who have led past roll-outs of Microsoft products in DOD. Three of them told Newsweek that over-reliance on the tech giant risks making the U.S. military's computer networks more vulnerable just as America is pivoting from fighting the war on terror to confront peer adversaries such as Russia and China with the technical capabilities to take advantage of those vulnerabilities.

And although there's continuing debate among cyber experts about how best to quantify the security of software, by some measures, Microsoft products do appear more vulnerable to hackers, although the company vigorously contests that analysis.

The U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) keeps a running tally of all vulnerable code found to be weaponized by hackers or cyber criminals. Of 919 vulnerabilities exploited and catalogued up until April 2023, 258 of them, just over 28 percent, have been in Microsoft products. That 258 is more than the total number of exploited vulnerabilities in the products of the next five vendors combined: Cisco, Adobe, Apple, Google and Oracle.

When it comes to the 15 most commonly exploited vulnerabilities across the world in 2021, nine were in Microsoft products, according to data compiled by CISA and its international partners.

In other contexts, the company and its defenders have argued they are a victim of their own success: More vulnerabilities are found in their products because more security researchers are looking for them, they say, owing to their dominant position in so many marketplaces. And when vulnerabilities are found and responsibly disclosed, they are more likely to be exploited by hackers because of the ubiquity of Microsoft products. Just as Willie Sutton robbed banks because that was where the money was, goes the argument, hackers attack Microsoft products because they are used by most large companies and governments.

Microsoft's defenders also argue that counting vulnerabilities per vendor is a very crude measure, and that Microsoft suffers by it because of the high number of products it offers. If you look at vulnerabilities per product, they say, a different picture emerges, in which the most vulnerable products are not Microsoft ones—although many remain high on the list.

A single point of failure

Even setting aside the vulnerabilities question, many cybersecurity experts believe that over-reliance on any single vendor is bad for security. That's why three former Defense Department senior officials who led Microsoft roll-outs at DOD said they questioned the decision to scrap the Endpoint Security Solutions (ESS) program, which has since 2007 bought and customized commercial cybersecurity tools from different vendors, and replace it with Microsoft Defender tools.

"It scares the heck out of me that we're vertically integrating the endpoints, the software, the cloud, and now the security stack with a single vendor. To me, that's an unacceptable level of risk," said a second former senior DOD IT official who was involved in many deployments of Microsoft products.

"It could create a single point of failure," said a third former defense official who was involved in the early discussions that led to the decision last year. "If a single company is providing not just the software you use, but the cloud infrastructure you run it on as well and now the security stack too, that could be a problem" if hackers breach that single provider.

It's not just the Defense Department. Across the federal government, 85 percent of employees use Microsoft business software for tasks such as email and word processing. And former officials say the company is seeking to duplicate the Defense Department's move to Microsoft security products across civilian federal agencies as well.

By relying on Microsoft security tools to protect Microsoft software, the DOD is "putting all the nation's eggs in one basket, and a badly flawed basket at that," former career White House official Andrew Grotto told Newsweek. Now a fellow at Stanford University and a program director at its Cyber Policy Center, Grotto previously served as senior director for cybersecurity policy in the White House National Security Council staffs of Presidents Obama and Trump. Grotto currently consults for technology companies, including some that compete directly with Microsoft.

Master Sgt. Jesus Cruz, 30th Space Communications Squadron operations flight chief, logs into Microsoft OneDrive at Vandenberg Air Force Base in California on Nov. 1, 2021. The use of OneDrive is part of the military's increasing reliance on a single software vendor: Microsoft. Space Launch Delta 30 Public Affairs/Senior Airman Daniel Sanchez

The DOD move has stoked concerns well beyond the circle of Microsoft's established critics.

John Zangardi, a former longtime government IT executive who was acting chief information officer of DOD in 2017 when the department enforced the roll-out of Windows across all of its desktops and other endpoints, declined to comment directly on the ESS decision. But he told Newsweek that in his tenure, he emphasized "removing single points of failure" and "the importance of security tool diversity and redundancy"—having more than one set of tools, even if that meant duplication.

"Today's digital infrastructures are incredibly complex, a bit like a modern commercial or military aircraft," said Zangardi, a former U.S. Navy pilot who is now CEO of Redhorse Corp, a data science consultancy. "Those aircraft are built with multiple backup systems. If one part of a system fails, the entire aircraft can still function safely with the backup systems. Redundancy is an added guarantee of safety and lets complex systems be more reliable than the sum of their parts. In the same way, security tool diversity can provide backup and redundancy for digital infrastructure."

Asked whether the change created a single point of failure, McKeown, the Defense Department's Deputy CIO, said he believed that an integrated system was a source of security strength, not weakness.

"When DOD buys an aircraft, it doesn't buy a box of parts that our mechanics have to put together, it buys the integrated aircraft," he said. "We need to start thinking about our networks as weapon systems by investing in integrated solutions rather than individual components that our IT and cyber personnel try to make work together."

He did not directly address detailed questions about technical evaluations that have compared ESS with Microsoft Defender, or about whether the newly purchased products are properly certified to run on DOD networks.

Microsoft says it is a great believer in diversity in security, using, for example, multiple sources of threat intelligence, including those licensed from its competitors, and developing partnerships with more than 15,000 security companies.

The half-billion security upsell

The DOD's decision to upgrade its Microsoft licenses to include the Defender security tools will cost $543 million over two years, said John Weiler, CEO of the IT Acquisition Advisory Council, a non-profit that works to Improve the way the federal government buys computer goods and services. The DOD itself did not provide a figure, but Weiler's number was confirmed by other sources with knowledge of the transaction.

It's not clear how much money the government hopes to save by winding down ESS, and potentially other DOD cybersecurity programs that duplicate Microsoft Defender tools, Weiler said, but added: "They just eliminated an entire market for competition and for innovation in DOD." He noted that about a dozen cybersecurity vendors competed to supply tools to ESS and the other cybersecurity programs likely to be wound down. "These companies will no longer innovate to the needs of DOD down the road because there's no revenue coming in to support that. And we all know that monopolists don't innovate, they put all their energy and money into maintaining their monopoly."

Weiler was an expert witness in the Justice Department's Microsoft antitrust proceeding almost a quarter century ago, which found the company had violated anti-trust laws by bundling its web browser, Internet Explorer, with its Windows operating system, to freeze out competing browsers such as Netscape. Weiler said Microsoft's current bundling of security tools with business software was "the same playbook" the company had used in the 1990s.

Microsoft's statement did not address accusations that its practices with security software could be seen as anti-competitive.

From left, David McKeown, the Department of Defense's Senior Information Security Officer; Randy Resnick, chief of the DOD's Zero Trust Portfolio Management Office, and U.S. Navy Cmdr. Jessica McNulty, DOD spokeswoman, hold a virtual press briefing on November 22, 2022. McKeown defended the DOD's decision to adopt Microsoft security tools. U.S. Air Force Tech. Sgt. Jack Sanders/Dept. of Defense

The Defense Department move highlights some other difficult questions for Microsoft about the $20 billion annual security business the company has built over the past five years.

The $2 trillion-plus company, the second most highly valued global company behind Apple, earns almost 10 percent of its $200 billion-plus annual revenue from selling security products and services, and that revenue stream is in double-digit growth even as other areas of the company's business are growing slowly if at all.

Critics charge they are making that money selling customers who've already bought Microsoft business software additional security tools—which they only need because the business software is so insecure.

"This is like a water company, who, when their customers complain: 'This water you're selling us is contaminated,' they reply, 'Well, we have some filters and other equipment we can sell you that will get rid of most of that,'" said John Pescatore, director of emerging security trends at the prestigious SANS Institute, a cybersecurity training organization. "Why aren't they selling clean water in the first place? Why isn't their software secure in the first place?"

Privately, Microsoft executives say that they entered the security market in response to customer demand. There was already a thriving marketplace for other companies' security tools to protect Microsoft products from hackers, they say. Why shouldn't the company bring its software expertise, and all the data it gets about attacks from the billions of computers its software is installed on, to that market?

A vulnerable architecture

But critics say the greater preponderance of vulnerabilities in Microsoft is no accident. It's the result of design decisions taken over decades, said Ryan Kalember, executive vice president at cybersecurity company Proofpoint, which competes with Microsoft in the security tools market.

Above all, Kalember told Newsweek, Microsoft has focused on backwards compatibility, a design principle that means updated versions of the software must still work with all the programs the previous, un-updated versions worked with. The concept is very popular with consumer and business users, but comes at a high price for security.

"They end up creating more and more risk because they're just building layers on top of layers," Kalember said, retaining code for features that had been buggy and insecure a generation ago.

A vulnerability in Outlook revealed last month illustrates the issue, Kalember said. A hacker could, just by sending a specially crafted email, obtain a copy of the target user's digital signature that they could then employ to impersonate that user on their corporate network. Read their email. Steal data they had access to. Worse, it was a so-called "zero-click" attack. The target didn't need to click a link or an attachment, or even open the email.

The Outlook vulnerability lives in a 30 year-old mechanism for verifying identity called NTLM. It has been obsolete for 25 years, but it remains embedded in Microsoft code because removing it would break backwards compatibility.

"All of a sudden you're back in 2002," Kalember said, "It's crazy how thin the veneer is."

The company's defenders say Microsoft customers rely on backwards compatibility, because not all of them can afford to upgrade to the latest products.

In its statement to Newsweek, the company said, "Security is woven into the digital fabric of our applications and services, and has been since day one."

When Microsoft revealed and patched the NTLM vulnerability on March 14, hackers suspected to be from the Russian military intelligence agency GRU had been exploiting it for almost a year. But it attracted little attention outside of the cyber trade press: Just another vulnerability announced, as is now traditional, on Patch Tuesday, the second Tuesday of every month, when Microsoft and other vendors release security updates and improvements to their software.

In that same March update, Microsoft included patches for 80 different software vulnerabilities, nine of them rated "critical" and 60 "important."

And it's likely that a significant proportion of Microsoft customers, especially in government, may not yet have applied those patches, according to Roger Cressey, a veteran cybersecurity executive who worked on some of the federal government's first cyber efforts more than two decades ago, and has continued to consult and work in the federal space since.

Microsoft has for 20 years been able to force its government and commercial clients to absorb the costs of the constant security updates needed to protect its products, Cressey said.

"Software is the only industry where government and consumers are asked to absorb the costs of unsafe, flawed vendor products as the cost of doing business," said Cressey, now a partner with Mountain Wave Ventures, a cybersecurity and risk management consulting firm, where he occasionally consults for Microsoft competitors.

And the result is that many software patches are applied weeks or months after they are issued, or sometimes not at all. In April 2021, the FBI had to get a court order to allow it to remotely remove malware that was present on the IT networks of more than 60,000 Microsoft customers worldwide, more than six weeks after the company issued a patch.

The company says it works with CISA, other government agencies and its private sector partners to publicize the importance of applying security updates that patch vulnerabilities being actively exploited by hackers.

Microsoft's unique role

The widespread concerns in the cybersecurity community about Microsoft's role are reflected in the Biden administration's National Cybersecurity Strategy, released in March. Pillar three, one of five the high-level document lays out, aims to push the responsibility for cybersecurity back onto software companies, especially the dominant ones such as Microsoft.

Launching the strategy, officials said software manufacturers needed to build security into the original design of their products, rather than leaving it to the end users, their customers, to buy additional software to try and secure it.

The White House declined to address questions about whether the DOD decision was pulling in a different direction.

"The whole point of pillar three [of the strategy] is to move to a place where you have security built-in to software from the get-go, not bolted on afterwards through additional tools," Grotto said.

Microsoft's multiple roles in the IT marketplace, he added, means it can use security as what sales executives call an "upsell"—getting the customer to spend more for extra features.

All vendors try to upsell, Grotto acknowledged, but Microsoft is in a unique position because of its massive dominance of the business software segment—think email, calendar and word processing—in the federal government.

"When you've got one vendor supplying 85 percent of the productivity tools for the federal government, they are in an extraordinarily powerful position," Grotto said, especially if that makes agencies think it would be expensive and difficult to change vendors.

In the course of a 2021 contract dispute, the U.S. Department of Agriculture (USDA) spelled out in rare detail what it would mean for the department to transition away from Microsoft products.

The agency justification, cited in a decision by government auditors, states that "96 percent of USDA systems run Windows operating systems." And that USDA provides Microsoft software tools to 7,500 field offices supporting more than 120,000 users.

Even though the cost of Microsoft Office licenses for the USDA workforce was $170 million while the cost of licenses for competitor Google Workspace would have been as low as $58 million, the agency wanted to stay with Microsoft.

Switching to other products would take at least three years, USDA said, adding, "An undertaking of this magnitude would be a ... multi-million-dollar effort during which time there would likely be an impact to the IT workforce and customer satisfaction across the board."

The USDA's situation is only remarkable in that it became public, Michael Garland, a government procurement attorney specializing in IT, told Newsweek. "The USDA protest provides a rare window into the reality of how entrenched and locked-in some of these software giants, including Microsoft, are all across the U.S. government's software estate," he said.

Secretary of Defense Ash Carter takes a photo with Bill Gates at the Microsoft Vision Center in Davos, Switzerland, on January 22, 2016. Since 2017, DOD has used Windows 10 on all its 4 million-plus desktop computers. U.S. Army Sgt. 1st Class Clydell Kinchen/Dept. of Defense

Fixing the problem: The car analogy for software

With its new strategy, the Biden administration wants to flip the script on cybersecurity, CISA Executive Assistant Director for Cybersecurity Eric Goldstein told Newsweek, pushing security responsibility "upstream," back to the companies shipping insecure products.

"If we keep blaming only the victims, we know that's not a recipe for scalable improvements, because so many victims, school districts, small hospitals, local water utilities, are never going to be able to defend themselves standing alone against the threats that they're facing," he said.

But absent congressional action to impose security requirements by regulation, officials plan to rely on market forces to incentivize Microsoft and other tech vendors to Improve security. "We know that most customers want to install, run and rely upon products that are safe and secure by design and default," Goldstein said. But buyers do not know what to ask for, he said.

To help educate the market, CISA has produced a set of design principles for secure products, and a key requirement is ending the practice of security upsell.

Charging extra for basic security measures "is not OK," Goldstein said, using the example of seatbelts in a car.

"If one of us rented a car, got it, and there were no seatbelts because they were charging extra for that, we would not accept that ... We need to get to the same model with technology, where there's a basic (security) threshold that technology is expected to meet," he said.

An upcoming White House deadline for federal agencies to have new security capabilities—such as the ability to preserve logs of computer activity that can help in the response to a cyberattack—will be an important test case for large government vendors like Microsoft, Goldstein said.

Historically, agencies have had to pay as much as 40 percent extra for such capabilities, but Goldstein said it was time for vendors to step up and do the right thing—by providing their federal customers with products that didn't require expensive add-ons to be secure.

Microsoft executives say the company has a right to charge extra for high-end security measures—whether to the Department of Defense or to anyone else.

"We are a for-profit company," Microsoft Vice President Brad Smith told a congressional committee in 2021, when asked whether security should be treated as an upsell. "Everything that we do is designed to generate a return other than our philanthropic work."

Shaun Waterman can be reached at s.waterman@newsweek.com. Follow him on Twitter @WatermanReports.

Mon, 15 May 2023 21:24:00 -0500 Shaun Waterman en text/html https://www.newsweek.com/pentagon-hacking-fears-raised-microsoft-military-software-it-antivirus-monopoly-cybersecurity-1794369
Cybercriminals are abusing security tools—here’s how we’re stopping them

By Microsoft Security

Cybercriminals are constantly looking for novel ways to evade detection and enact harm. Outdated copies of common security tools have become one avenue. Microsoft, cybersecurity software company Fortra™ and the Health Information Sharing and Analysis Center (Health-ISAC) recently came together to combat this issue.

On March 31, 2023, the U.S. District Court for the Eastern District of New York issued a court order allowing Microsoft, Fortra, and Health-ISAC to disrupt the malicious infrastructure criminals use to facilitate their attacks. Cobalt Strike, which is provided by Fortra, is a legitimate and popular post-exploitation tool used for adversary simulation; however, threat actors will sometimes abuse and alter older versions of the software. These illegal copies are referred to as “cracked” and have been used to launch destructive attacks, such as those against the Government of Costa Rica and the Irish Health Service Executive. Microsoft software development kits and APIs have also been abused as part of the malware coding and distribution infrastructure to target and mislead victims.

The ransomware families associated with or deployed by cracked copies of Cobalt Strike have been linked to more than 68 ransomware attacks impacting healthcare organizations in more than 19 countries around the world. These attacks have cost hospital systems millions of dollars in recovery and repair costs, plus interruptions to critical patient care services including delayed diagnostic, imaging, and laboratory results, canceled medical procedures, and delays in delivery of chemotherapy treatments, just to name a few.

The court order issued by the U.S. District Court for the Eastern District of New York enables Microsoft to notify relevant internet service providers (ISPs) and computer emergency readiness teams (CERTs) who assist in taking the infrastructure offline, effectively severing the connection between criminal operators and infected victim computers.

Disrupting criminal activity through legal avenues

The cybersecurity community will need to be persistent to successfully take down the cracked, legacy copies of Cobalt Strike hosted around the world. In the past, Microsoft’s Digital Crimes Unit has focused on disrupting the command and control infrastructure of malware families. Now, the team has pivoted its approach to combining technical and legal action to target the abuse of security tools used by a broad spectrum of cybercriminals.

Fortra and Microsoft’s investigation efforts included detection, analysis, telemetry, and reverse engineering, with additional data and insights to strengthen our legal case from a global network of partners, including Health-ISAC, the Fortra Cyber Intelligence Team, and the Microsoft Threat Intelligence team. Our action focuses solely on disrupting cracked, legacy copies of Cobalt Strike and compromised Microsoft software.

Disrupting cracked legacy copies of Cobalt Strike significantly hinders cybercriminals’ ability to monetize and use these illegal copies in cyberattacks. Additionally, the joint litigation involves copyright claims against the malicious use of Microsoft and Fortra’s software code, which is altered and abused for harm.

Continuing the fight against threat actors

Fortra has taken considerable steps to prevent the misuse of its software, including stringent customer vetting practices. As criminals have adapted their techniques, Fortra has adapted the security controls in the Cobalt Strike software to eliminate the methods used to crack older versions of Cobalt Strike.

While the exact identities of those conducting the criminal operations are currently unknown, Fortra and Microsoft detected malicious infrastructure across the globe, including in China, the United States, and Russia.

Responding to this threat will take a coordinated effort from public and private sector entities. One of the best ways that organizations can contribute to a collectively strengthened cybersecurity posture is by aligning with broadly agreed-upon best practices like Zero Trust.

This model focuses on using explicit verification, least-privileged access, and assumed breach to disrupt cyber-criminal activity.

Microsoft, Fortra and Health-ISAC are also collaborating with the FBI Cyber Division, National Cyber Investigative Joint Task Force (NCIJTF) and Europol’s European Cybercrime Centre (EC3) on this case. While these actions will impact the criminals’ immediate operations, the companies anticipate criminals will attempt to revive their efforts. Through ongoing coordinated legal and technical action, Microsoft, Fortra and Health-ISAC will continue to monitor and take action to disrupt further criminal operations, including the use of cracked copies of Cobalt Strike.

To stay up to date with the latest trends in cybercriminal activity, visit Microsoft Security Insider.

Copyright © 2023 IDG Communications, Inc.

Sat, 03 Jun 2023 21:36:00 -0500 Microsoft Security en text/html https://www.csoonline.com/article/3698229/cybercriminals-are-abusing-security-tools-here-s-how-we-re-stopping-them.html
UAE Cybersecurity Council Partners With Microsoft To Host Middle East Cybersecurity Conference
(MENAFN- Mid-East.Info)

Conference will see CIOs and CSOs from across industries discuss and raise awareness around the region's evolving threat landscape.

Dubai, United Arab Emirates – Microsoft and the UAE Cybersecurity Council have announced their collaboration to host the Middle East Cybersecurity Conference on May 16-17, 2023 at Emirates Palace – Abu Dhabi. The conference will bring CIOs, CSOs and other key subject matter experts together from across government and private sectors to share their knowledge and insights into the latest innovations and developments in the areas of cybersecurity and data protection.

“The world is on the exciting cusp of a fourth industrial revolution driven by connectivity and digital technologies,” says Naim Yazbeck, General Manager of Microsoft UAE.“With so much at stake, robust and effective cybersecurity has never been more important. In an increasingly complex world, technology alone is not enough to combat increasing threats. It also requires partnerships, both with governments and industries as well as between governments. The upcoming Middle East Cybersecurity Conference will provide a platform for thought leaders and experts in the region to share their knowledge and experiences on emerging cybersecurity challenges and opportunities.”

The conference will feature engaging discussions and keynote speeches on various courses such as the business of cybercrime as well as the future of Artificial Intelligence in cybersecurity, along with networking opportunities for participants to connect and collaborate. Notable speakers at the event include H.E. Dr. Mohamed Al Kuwaiti, Head of the UAE Cybersecurity Council; Michal Braverman-Blumenstyk, Corporate Vice President at Microsoft Corporation; Dr. Tomer Simon Chief Scientist at Microsoft Israel R&D Center and Paula Januszkiewicz, Founder and CEO of CQURE, Cybersecurity Expert, Microsoft MVP and Regional Director.

The event also aligns with the UAE Digital Economy Strategy, which seeks to double the contribution of the digital economy to the UAE's non-oil GDP from 11.7 percent to over 20 percent within the next 10 years. The strategy aims to embed digital aspects into overall government strategies, ensuring that the UAE Government is digital by design and that all capacities, structures and opportunities are integrated on a national level and aligned with the UAE's strategic digital government vision. The accelerating pace of digital transformation across the region has meant that organisations are also facing a growing volume of more sophisticated cyberattacks.

“Today's defenders are overwhelmed by the number of cyberattacks and sophistication of attackers. From simple phishing attempts to sophisticated cyber-espionage operations that compromise sensitive data and critical infrastructure, the threat landscape has grown in scale and sophistication over the last few years alone. Defenders need new tools to help them move at machine speed. The rapid pace of innovation including digitization of infrastructure and AI will help shift the balance of power to defenders by empowering them with greater visibility and speed” says Michal Braverman-Blumenstyk, Corporate Vice President at Microsoft Corporation, CTO of the Microsoft Security Division and General Manager of Israel R&D Center.“At Microsoft, we view cybersecurity as a foundational component in the development and deployment of AI technologies. As we work to create cutting-edge digital and AI solutions, we are also committed to the privacy and security of our customers' data.”

MENAFN16052023005446012082ID1106257917


Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.

Tue, 16 May 2023 11:03:00 -0500 Date text/html https://menafn.com/1106257917/UAE-Cybersecurity-Council-Partners-With-Microsoft-To-Host-Middle-East-Cybersecurity-Conference
UAE Cyber Security Council collaborates with Microsoft to enhance cybersecurity capabilities and promote information exchange

Abu Dhabi, United Arab Emirates – The Cyber Security Council United Arab Emirates (CSC UAE) and Microsoft have signed a Memorandum of Understanding (MoU) to enhance cooperation and collaboration in the field of cybersecurity. The MoU outlines a framework for the two parties to work together towards the establishment of a secure global information society.

Commenting on the MoU, H.E. Dr Mohammed Hamad Al-Kuwaiti, Head of the UAE Cybersecurity Council, expressed his pleasure to have Microsoft joining the Council’s efforts to establish a secure and global information community. He said that the MoU is an important step toward building a strong cybersecurity framework that would protect critical infrastructure and prevent cyberthreats.

H.E. Dr Mohammed Al-Kuwaiti explained that information and communication technologies (ICTs) have opened new windows of opportunities for socioeconomic development, but they have also introduced new types of threats, such as cybercrimes, cyberespionage, and cyberterrorism. He added that these threats are becoming increasingly sophisticates and require a coordinated response from all stakeholders.

“Over the past few years, organizations across the region have made significant changes to their cybersecurity strategy to accommodate the growing number of users needing access to mission critical data and applications,” said Naim Yazbeck, General Manager, Microsoft UAE. "This has resulted in a new wave of threats that are targeting organizations across industries. We are committed to working with CSC UAE to enhance cybersecurity capabilities across the UAE and share knowledge to help prevent cyber threats. This MoU is a testament to our commitment to promoting a secure global information society."

Under the terms of the MoU, Microsoft and CSC UAE will cooperate and conduct information exchanges in cybersecurity-related fields, with particular attention to national cooperation, deterrence, prevention, and responses to cyber-attacks. The two parties will also work together to promote awareness-building through educational programs, as well as exploring business and economic exchanges for cybersecurity.

The agreement is also expected to foster greater collaboration between CSC UAE and Microsoft in the field of cybersecurity and promote the exchange of best practices and expertise to prevent and respond to cyber threats.

-Ends-

About Microsoft

Microsoft (Nasdaq “MSFT” @microsoft) enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more. Microsoft opened its Dubai-based headquarters in 1991, which, today, oversees operations across the region.

For more information (Press only):
Magdalena Stepien, Microsoft UAE
E : mastepie@microsoft.com

Husain Gandhi, ProGlobal Media
E: h.gandhi@proglobal.ae

Wed, 17 May 2023 01:30:00 -0500 en text/html https://www.zawya.com/en/press-release/companies-news/uae-cyber-security-council-collaborates-with-microsoft-to-enhance-cybersecurity-capabilities-and-promote-information-exchange-hhqfrjal
Parablu To Deliver Microsoft Azure-Hosted Cybersecurity And Data Resiliency Saas Solutions
(MENAFN- PR Newswire)
    Increase in remote work leaves user endpoints exposed to unprecedented cyberattack vulnerability. Proven data management/backup and data security solutions for Azure and OneDrive for Business help enterprises protect and manage remote endpoints, on-premises, and cloud-based data assets. Multi-year agreement tightly integrates engineering, go-to-market, and co-selling efforts. Innovative technology, cost-efficient collaboration also sets foundation for future AI enhancements.

FREMONT, Calif., May 15, 2023 /PRNewswire/ -- parablu , a global provider of SaaS-based data protection and management solutions for endpoints, on-premises, and cloud environments, today announced a multi-year agreement with Microsoft that integrates engineering, go-to-market activities, and co-selling of Parablu's bluvault and the ransomware defense suite Software-as-a-Service (SaaS) offerings.

Parablu will leverage Microsoft Cloud infrastructure and services –– Microsoft azure and microsoft 365
to deliver scalable, secure, cost-efficient, and cyber-resilient data management and protection solutions. Parablu's patent-protected zero- and low-cost storage options will not only help businesses effectively address today's economic challenges, but also deliver proven data security for endpoints and Microsoft 365 –– backed by the global scale, durability, and security of the Microsoft cloud. Parablu's BluVault offering in combination with the Ransomware Defense Suite is designed to quickly detect and recover from cyber-attacks such as ransomware using early detection techniques, accelerated recovery options, file/device quarantining features, as well as e-Discovery, ­­making it easier for customers as well as AI tools to find and use this data effectively.

"With more knowledge workers now working remotely, the number of endpoints has grown exponentially –– increasing the likelihood of ransomware and other malicious threats," said Parablu Chief Strategy Officer Randy De Meno. "This alliance empowers Microsoft and its ecosystem of partners to deliver proven heterogeneous data management, backup and data security solutions built for OneDrive for Business and Microsoft Azure, while giving customers a proactive defense against malicious actors. Today's announcement proves that innovation and cost efficiency in data security can be accomplished in collaborative fashion with Microsoft using their proven infrastructure."

Allison West Hughes, Microsoft CVP of Digital Acquisition added, "Parablu's focus on delivering innovative, cyber-resilient, data management and protection SaaS capabilities using Microsoft Azure and Microsoft 365 instantly equips all of our customers with best-of-breed options to manage and protect their most used devices and applications –– their endpoints and Microsoft 365. We've been greatly impressed by Parablu's innovation and their "All-In" approach with the Microsoft cloud infrastructure while enabling customers to securely store and AI-leveraged functionality using protected copies of their data."

"This collaboration with Microsoft enables Parablu to deliver best-of-breed solutions combining zero-trust security, zero-knowledge encryption, and zero-cost storage from the best data centers leveraging leading-edge, scalable, and highly secure infrastructure," said Anand Prahlad, CEO of Parablu. "We look forward to collaborating with Microsoft to innovate and expand our offering to cover more data sources, while continuing to leverage the Microsoft Azure cloud and the cutting-edge services it provides."

This collaboration builds on Parablu's accurate recognition by G2 as the best online solution compared to 158 other backup products in nearly all key categories and robust experience with storage, data management and security, while leveraging the capabilities of Azure and Microsoft 365. BluVault's cutting edge features such as platform independent granular restores, point-in-time recovery, cloud-cloud restores, rapid recovery, as well as new innovations that automatically tier data across OneDrive and Azure, will all be served out of the Microsoft cloud. The new agreement includes plans to enhance Parablu's SaaS offering with various Azure Services including Azure OpenAI Service.

Brian Bellows, analyst at Piper Sandler said, "Frequently abrasive economic times often spark innovation and growth. Microsoft's partnering with Parablu while enabling robust technical and secure data capabilities may be another example of Microsoft sparking ecosystem success and growth within the tech sector."

For more information on Parablu's suite of data security
and resiliency solutions for the digital enterprise, visit parablu.com , follow us on twitter , connect with us on linkedin , like us on facebook , and subscribe to us on youtube .

Related Parablu News

    parablu signs distribution agreement with td synnex parablu joins hands with cohesity parablu achieves soc 2 type 2 compliance certification

About Parablu

Parablu is a leading provider of data security and resiliency solutions for the digital enterprise. These solutions protect enterprise data completely and provide total visibility into all data movement through centrally managed intuitive dashboards. Parablu's products include: bluvault , a suite of powerful and secure
data backup
solutions designed for the cloud; and
blusync TM,
a suite of solutions designed for
secure managed file transfer, secure collaboration, and file services. Both solutions holistically address enterprise data protection needs and can be easily bridged with existing infrastructure to provide cost-effective data protection. To learn more about Parablu visit
.

SOURCE Parablu

MENAFN15052023003732001241ID1106244239


Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.

Mon, 15 May 2023 00:47:00 -0500 Date text/html https://menafn.com/1106244239/Parablu-To-Deliver-Microsoft-Azure-Hosted-Cybersecurity-And-Data-Resiliency-Saas-Solutions
Parablu to Deliver Microsoft Azure-Hosted Cybersecurity and Data Resiliency SaaS Solutions
  • Increase in remote work leaves user endpoints exposed to unprecedented cyberattack vulnerability.
  • Proven data management/backup and data security solutions for Azure and OneDrive for Business help enterprises protect and manage remote endpoints, on-premises, and cloud-based data assets.
  • Multi-year agreement tightly integrates engineering, go-to-market, and co-selling efforts.
  • Innovative technology, cost-efficient collaboration also sets foundation for future AI enhancements.

FREMONT, Calif., May 15, 2023 /PRNewswire/ -- Parablu, a global provider of SaaS-based data protection and management solutions for endpoints, on-premises, and cloud environments, today announced a multi-year agreement with Microsoft that integrates engineering, go-to-market activities, and co-selling of Parablu's BluVault and the Ransomware Defense Suite Software-as-a-Service (SaaS) offerings.

Parablu will leverage Microsoft Cloud infrastructure and services –– Microsoft Azure and Microsoft 365 to deliver scalable, secure, cost-efficient, and cyber-resilient data management and protection solutions. Parablu's patent-protected zero- and low-cost storage options will not only help businesses effectively address today's economic challenges, but also deliver proven data security for endpoints and Microsoft 365 –– backed by the global scale, durability, and security of the Microsoft cloud. Parablu's BluVault offering in combination with the Ransomware Defense Suite is designed to quickly detect and recover from cyber-attacks such as ransomware using early detection techniques, accelerated recovery options, file/device quarantining features, as well as e-Discovery, ­­making it easier for customers as well as AI tools to find and use this data effectively.

"With more knowledge workers now working remotely, the number of endpoints has grown exponentially –– increasing the likelihood of ransomware and other malicious threats," said Parablu Chief Strategy Officer Randy De Meno. "This alliance empowers Microsoft and its ecosystem of partners to deliver proven heterogeneous data management, backup and data security solutions built for OneDrive for Business and Microsoft Azure, while giving customers a proactive defense against malicious actors. Today's announcement proves that innovation and cost efficiency in data security can be accomplished in collaborative fashion with Microsoft using their proven infrastructure."

Allison West Hughes, Microsoft CVP of Digital Acquisition added, "Parablu's focus on delivering innovative, cyber-resilient, data management and protection SaaS capabilities using Microsoft Azure and Microsoft 365 instantly equips all of our customers with best-of-breed options to manage and protect their most used devices and applications –– their endpoints and Microsoft 365. We've been greatly impressed by Parablu's innovation and their "All-In" approach with the Microsoft cloud infrastructure while enabling customers to securely store and AI-leveraged functionality using protected copies of their data."

"This collaboration with Microsoft enables Parablu to deliver best-of-breed solutions combining zero-trust security, zero-knowledge encryption, and zero-cost storage from the best data centers leveraging leading-edge, scalable, and highly secure infrastructure," said Anand Prahlad, CEO of Parablu. "We look forward to collaborating with Microsoft to innovate and expand our offering to cover more data sources, while continuing to leverage the Microsoft Azure cloud and the cutting-edge services it provides."

This collaboration builds on Parablu's accurate recognition by G2 as the best online solution compared to 158 other backup products in nearly all key categories and robust experience with storage, data management and security, while leveraging the capabilities of Azure and Microsoft 365. BluVault's cutting edge features such as platform independent granular restores, point-in-time recovery, cloud-cloud restores, rapid recovery, as well as new innovations that automatically tier data across OneDrive and Azure, will all be served out of the Microsoft cloud. The new agreement includes plans to enhance Parablu's SaaS offering with various Azure Services including Azure OpenAI Service.

Brian Bellows, analyst at Piper Sandler said, "Frequently abrasive economic times often spark innovation and growth. Microsoft's partnering with Parablu while enabling robust technical and secure data capabilities may be another example of Microsoft sparking ecosystem success and growth within the tech sector."

For more information on Parablu's suite of data security and resiliency solutions for the digital enterprise, visit Parablu.com, Follow us on Twitter, Connect with us on LinkedIn, Like us on Facebook, and Subscribe to us on YouTube.

Related Parablu News

About Parablu

Parablu is a leading provider of data security and resiliency solutions for the digital enterprise. These solutions protect enterprise data completely and provide total visibility into all data movement through centrally managed intuitive dashboards. Parablu's products include: BluVault, a suite of powerful and secure data backup solutions designed for the cloud; and BluSync™, a suite of solutions designed for secure managed file transfer, secure collaboration, and file services. Both solutions holistically address enterprise data protection needs and can be easily bridged with existing infrastructure to provide cost-effective data protection. To learn more about Parablu visit www.Parablu.com.

Cision View original content to get multimedia:https://www.prnewswire.com/news-releases/parablu-to-deliver-microsoft-azure-hosted-cybersecurity-and-data-resiliency-saas-solutions-301824192.html

SOURCE Parablu

Mon, 15 May 2023 02:48:00 -0500 en text/html https://www.news-journal.com/parablu-to-deliver-microsoft-azure-hosted-cybersecurity-and-data-resiliency-saas-solutions/article_78ef0f06-d143-50db-a54a-6f7c1f58e256.html
Parablu to Deliver Microsoft Azure-Hosted Cybersecurity and Data Resiliency SaaS Solutions
  • Increase in remote work leaves user endpoints exposed to unprecedented cyberattack vulnerability.

  • Proven data management/backup and data security solutions for Azure and OneDrive for Business help enterprises protect and manage remote endpoints, on-premises, and cloud-based data assets.

  • Multi-year agreement tightly integrates engineering, go-to-market, and co-selling efforts.

  • Innovative technology, cost-efficient collaboration also sets foundation for future AI enhancements.

FREMONT, Calif., May 15, 2023 /PRNewswire/ -- Parablu, a global provider of SaaS-based data protection and management solutions for endpoints, on-premises, and cloud environments, today announced a multi-year agreement with Microsoft that integrates engineering, go-to-market activities, and co-selling of Parablu's BluVault and the Ransomware Defense Suite Software-as-a-Service (SaaS) offerings.

Parablu will leverage Microsoft Cloud infrastructure and services –– Microsoft Azure and Microsoft 365 to deliver scalable, secure, cost-efficient, and cyber-resilient data management and protection solutions. Parablu's patent-protected zero- and low-cost storage options will not only help businesses effectively address today's economic challenges, but also deliver proven data security for endpoints and Microsoft 365 –– backed by the global scale, durability, and security of the Microsoft cloud. Parablu's BluVault offering in combination with the Ransomware Defense Suite is designed to quickly detect and recover from cyber-attacks such as ransomware using early detection techniques, accelerated recovery options, file/device quarantining features, as well as e-Discovery, ­­making it easier for customers as well as AI tools to find and use this data effectively.

"With more knowledge workers now working remotely, the number of endpoints has grown exponentially –– increasing the likelihood of ransomware and other malicious threats," said Parablu Chief Strategy Officer Randy De Meno. "This alliance empowers Microsoft and its ecosystem of partners to deliver proven heterogeneous data management, backup and data security solutions built for OneDrive for Business and Microsoft Azure, while giving customers a proactive defense against malicious actors. Today's announcement proves that innovation and cost efficiency in data security can be accomplished in collaborative fashion with Microsoft using their proven infrastructure."

Allison West Hughes, Microsoft CVP of Digital Acquisition added, "Parablu's focus on delivering innovative, cyber-resilient, data management and protection SaaS capabilities using Microsoft Azure and Microsoft 365 instantly equips all of our customers with best-of-breed options to manage and protect their most used devices and applications –– their endpoints and Microsoft 365. We've been greatly impressed by Parablu's innovation and their "All-In" approach with the Microsoft cloud infrastructure while enabling customers to securely store and AI-leveraged functionality using protected copies of their data."

"This collaboration with Microsoft enables Parablu to deliver best-of-breed solutions combining zero-trust security, zero-knowledge encryption, and zero-cost storage from the best data centers leveraging leading-edge, scalable, and highly secure infrastructure," said Anand Prahlad, CEO of Parablu. "We look forward to collaborating with Microsoft to innovate and expand our offering to cover more data sources, while continuing to leverage the Microsoft Azure cloud and the cutting-edge services it provides."

This collaboration builds on Parablu's accurate recognition by G2 as the best online solution compared to 158 other backup products in nearly all key categories and robust experience with storage, data management and security, while leveraging the capabilities of Azure and Microsoft 365. BluVault's cutting edge features such as platform independent granular restores, point-in-time recovery, cloud-cloud restores, rapid recovery, as well as new innovations that automatically tier data across OneDrive and Azure, will all be served out of the Microsoft cloud. The new agreement includes plans to enhance Parablu's SaaS offering with various Azure Services including Azure OpenAI Service.

Brian Bellows, analyst at Piper Sandler said, "Frequently abrasive economic times often spark innovation and growth. Microsoft's partnering with Parablu while enabling robust technical and secure data capabilities may be another example of Microsoft sparking ecosystem success and growth within the tech sector."

For more information on Parablu's suite of data security and resiliency solutions for the digital enterprise, visit Parablu.com, Follow us on Twitter, Connect with us on LinkedIn, Like us on Facebook, and Subscribe to us on YouTube.

Related Parablu News

About Parablu

Parablu is a leading provider of data security and resiliency solutions for the digital enterprise. These solutions protect enterprise data completely and provide total visibility into all data movement through centrally managed intuitive dashboards. Parablu's products include: BluVault, a suite of powerful and secure data backup solutions designed for the cloud; and BluSync™, a suite of solutions designed for secure managed file transfer, secure collaboration, and file services. Both solutions holistically address enterprise data protection needs and can be easily bridged with existing infrastructure to provide cost-effective data protection. To learn more about Parablu visit www.Parablu.com.

Cision

View original content to get multimedia:https://www.prnewswire.com/news-releases/parablu-to-deliver-microsoft-azure-hosted-cybersecurity-and-data-resiliency-saas-solutions-301824192.html

SOURCE Parablu

Mon, 15 May 2023 00:15:00 -0500 en-US text/html https://finance.yahoo.com/news/parablu-deliver-microsoft-azure-hosted-121000003.html




SC-100 approach | SC-100 course outline | SC-100 Practice Test | SC-100 pdf | SC-100 test | SC-100 information hunger | SC-100 learning | SC-100 mock | SC-100 study tips | SC-100 approach |


Killexams exam Simulator
Killexams Questions and Answers
Killexams Exams List
Search Exams
SC-100 exam dump and training guide direct download
Training Exams List