Retail at Risk: How a Single Alert Uncovered a Major CyberthreatMicrosoft Incident Response’s expert team details how a single alert in a retail environment led to the discovery of a persistent threat. This report highlights actionable forensic insights and security...
Microsoft Security Blog 2025-09-24
Microsoft, SAP, and OpenAI Partner to Bring AI Innovation to Germany's Public Sectorstclarke summarizes Microsoft’s partnership with SAP and OpenAI aimed at delivering responsible and secure AI solutions for the German public sector using Microsoft Azure.
Microsoft News 2025-09-24
Protecting Microsoft Fabric Data with Purview DLP and Sensitivity LabelsMicrosoft Fabric Blog explains how to secure your data in Microsoft Fabric using Microsoft Purview’s Data Loss Prevention policies and sensitivity labels, outlining benefits, setup steps, and governance improvements for...
Microsoft Fabric Blog 2025-09-24
AI-Obfuscated Phishing Campaign Detection by Microsoft Threat IntelligenceMicrosoft Threat Intelligence, led by the original post’s authors, reveals how AI-generated code was utilized in a credential phishing campaign and explains detection and defense approaches to combat these advanced...
Microsoft Security Blog 2025-09-24
Accelerate Remediation with GitHub Security Campaigns and Assignable AlertsAllison introduces key updates for GitHub security: security campaigns for secret scanning alerts and assignable alerts for both code and secret scanning, aimed at helping developers and security teams remediate...
The GitHub Blog 2025-09-23
Microsoft Purview Achieves 30% Reduction in Data Breach Likelihood, According to Forrester StudyHerain Oberoi presents findings from a Forrester Consulting study on Microsoft Purview, showing how unified data security and governance can reduce breach likelihood and automate compliance processes.
Microsoft Security Blog 2025-09-23
Upcoming Changes to GitHub Dependabot Alerts REST API PaginationAllison announces the upcoming removal of offset-based pagination from GitHub Dependabot alerts REST API, guiding developers on migrating to cursor-based pagination methods for enhanced performance and consistency.
The GitHub Blog 2025-09-23
Incremental Security Analysis with CodeQL Now Available Across All LanguagesAllison explains GitHub’s new incremental analysis for CodeQL, enabling faster and more efficient security scans across all supported languages, including C#, in pull requests.
The GitHub Blog 2025-09-23
Unlocking Enterprise-Ready SQL Database Features in Microsoft Fabric: ALM, Backups, and Copilot EnhancementsThe Microsoft Fabric Blog, with Joanne Wong as coauthor, details critical updates to SQL Database in Microsoft Fabric, highlighting Copilot features, ALM APIs, advanced security options, VS Code integrations, and...
Microsoft Fabric Blog 2025-09-23
Modernizing Java Projects with GitHub Copilot Agent Mode: Step-by-Step GuideAndrea Griffiths details how to modernize legacy Java projects by leveraging GitHub Copilot Agent Mode, automated upgrades, secure migrations, and direct Azure cloud deployments.
The GitHub Blog 2025-09-23
GitHub's Roadmap for Strengthening npm Supply Chain SecurityXavier René-Corail outlines GitHub’s response to recent npm supply chain attacks, including plans for stricter authentication, granular tokens, and trusted publishing to help maintainers and organizations secure their npm projects....
The GitHub Blog 2025-09-23
New Trusted Publishing Enhances Security on NuGet.orgEvgeny Tvorun and Sean highlight Trusted Publishing on NuGet.org, guiding developers to secure package publishing by using GitHub OIDC tokens instead of long-lived API keys.
Microsoft .NET Blog 2025-09-22
Microsoft Defender Delivers 242% ROI Over Three YearsScott Woodgate reviews Forrester’s TEI study, highlighting how Microsoft Defender provides 242% ROI through AI-powered automation, rapid threat response, tool consolidation, and integration with Microsoft Sentinel, benefitting SecOps teams and...
Microsoft Security Blog 2025-09-18
Microsoft Recognized as Leader in 2025 Gartner Magic Quadrant for Global Industrial IoT PlatformsMichael MacKenzie shares how Microsoft has been named a Leader in the 2025 Gartner Magic Quadrant for Global Industrial IoT Platforms, spotlighting Azure IoT, Microsoft Fabric, and integrated AI and...
The Azure Blog 2025-09-18
Agent Factory: Blueprint for Safe and Secure Enterprise AI Agents Using Azure AI FoundryYina Arenas discusses how enterprises can use Azure AI Foundry to implement a secure and trustworthy AI agent blueprint, addressing identity, governance, and real-time security controls for agentic AI in...
The Azure Blog 2025-09-17
Microsoft DCU Disrupts RaccoonO365 Phishing Tool: 338 Malicious Sites Seizedsbaynes details how Microsoft’s Digital Crimes Unit dismantled RaccoonO365, a subscription-based phishing service exploiting Microsoft 365 users, by seizing 338 associated websites through court action and cross-industry collaboration.
Microsoft News 2025-09-17
Delegated Bypass Controls for Push Protection Now Available at the Enterprise LevelAllison announces new enterprise-level delegated bypass controls for push protection in GitHub secret scanning, highlighting features for managing approvers and reviewer workflows.
The GitHub Blog 2025-09-16
Dependabot Adds Support for Conda Environment FilesAllison announces that Dependabot now supports Conda environment files, offering automated security and version updates for Conda-based Python projects and enhancing supply chain security on GitHub.
The GitHub Blog 2025-09-16
Microsoft Purview Innovations for Fabric: Unifying Data Security and Governance for AIRudra Mitra shares insights into new Microsoft Purview innovations for Microsoft Fabric, detailing unified strategies for data security, compliance, and governance to enable secure and scalable AI transformation for organizations....
Microsoft Security Blog 2025-09-16
Microsoft Fabric September 2025 Feature Summary: Data, AI, Engineering and Governance EnhancementsCompiled by the Microsoft Fabric Blog team, this detailed feature summary explores September 2025 advancements, including new AI, ML, security, and developer capabilities to empower data professionals.
Microsoft Fabric Blog 2025-09-16
Enterprise Access Restrictions with Corporate Proxies for GitHub Enterprise Cloud Now AvailableAllison details how GitHub Enterprise Cloud accounts with Enterprise Managed Users can now restrict access to github.com traffic via corporate proxy configuration, strengthening compliance and security for organizational workflows.
The GitHub Blog 2025-09-15
Post-Quantum Secure SSH Access on GitHubbrian m. carlson details GitHub’s implementation of post-quantum secure SSH key exchange, highlighting the updates, impact, and steps for developers to prepare.
GitHub Engineering Blog 2025-09-15
Security Contact Email Setting for Enterprise Incident NotificationsAllison shares that GitHub enterprise admins can now configure a dedicated contact email for security incident notifications, helping organizations streamline their response workflows.
The GitHub Blog 2025-09-15
GitHub Copilot in Visual Studio Code August 2025 Update (v1.104): New Features and Security EnhancementsAllison details the August 2025 release of GitHub Copilot in Visual Studio Code, outlining major enhancements to workflow flexibility, security, and AI-powered development, with features like auto model selection and...
The GitHub Blog 2025-09-12
Secret Scanning Validity Checks Now Available for GitHub Enterprise Cloud with Data ResidencyAllison details GitHub’s rollout of validity checks for secret scanning on Enterprise Cloud with data residency, providing a significant security upgrade for DevOps teams and security practitioners.
The GitHub Blog 2025-09-10
Your Guide to GitHub Universe 2025: Event Schedule, Learning, and Certifications AnnouncedGitHub Staff presents highlights of GitHub Universe 2025, where attendees will explore AI-powered development, Copilot, automation, and security with sessions, certifications, and mentoring opportunities.
The GitHub Blog 2025-09-10
Azure Storage APIs Gain Microsoft Entra ID and RBAC SupportChristine Chen discusses the newly available Microsoft Entra ID and RBAC support for Azure Storage APIs, offering guidance on OAuth-based authentication and updated security practices.
Microsoft Azure SDK Blog 2025-09-10
CodeQL 2.23.0: New Rust Log Injection Detection and Security ImprovementsAllison covers the latest in CodeQL 2.23.0, highlighting new Rust log injection detection, security query improvements across languages, and deployment updates for GitHub code scanning users.
The GitHub Blog 2025-09-10
How to use the GitHub and JFrog integration for secure, traceable builds from commit to productionApril Yoho explains how developers can leverage the new GitHub and JFrog integration to create a secure, traceable build process, with unified security scanning and centralized artifact management from commit...
The GitHub Blog 2025-09-10
Announcing OneLake Security (Preview): Fine-Grained Data Access Control in Microsoft FabricMicrosoft Fabric Blog introduces the public preview of OneLake security, highlighting author-driven best practices for securing data lakes with advanced, unified access controls across Fabric workloads.
Microsoft Fabric Blog 2025-09-08
Azure Mandatory Multifactor Authentication: Phase 2 Launches October 2025Joy Shah and Neha Kulkarni explain Microsoft’s rollout of Phase 2 mandatory multifactor authentication enforcement on Azure Resource Manager operations, with critical details on its October 2025 launch, technical scope,...
Microsoft Security Blog 2025-09-05
Remote GitHub MCP Server Now Generally AvailableAllison details the general availability of the remote GitHub MCP Server, highlighting powerful integrations with Copilot, AI-driven automation, advanced authentication, and enhanced security features for developers and teams.
The GitHub Blog 2025-09-04
Cloud and AI: Unlocking Australia's Public Sector Productivitystclarke examines Mandala’s report on how cloud and AI can transform Australia’s government sector, highlighting big savings, improved cybersecurity, and modernization opportunities.
Microsoft News 2025-09-04
OneLake: your foundation for an AI-ready data estateThe Microsoft Fabric Blog team details how OneLake unifies organizational data for AI and analytics. Drawing on real enterprise deployments, this post covers security, data integration, governance, and AI-ready architecture—all...
Microsoft Fabric Blog 2025-09-04
What’s New in Fabric Warehouse: August 2025 RecapThis recap by the Microsoft Fabric Blog team highlights August 2025 updates in Fabric Warehouse, including enhanced data ingestion, automation, security, and AI-driven workflows for developers and data engineers.
Microsoft Fabric Blog 2025-09-03
Introducing Workspace Outbound Access Protection for SparkMicrosoft Fabric Blog introduces Workspace Outbound Access Protection (OAP) for Spark, empowering admins to restrict outbound connectivity and prevent data exfiltration in managed workspaces.
Microsoft Fabric Blog 2025-09-03
CodeQL 2.22.4 Adds Go 1.25 Support and Security EnhancementsAllison introduces CodeQL 2.22.4, describing new language support, advanced security queries, and accuracy improvements for developers leveraging GitHub code scanning.
The GitHub Blog 2025-09-03
Improved Notifications in GitHub Security CampaignsAllison provides an update on GitHub’s security campaigns, introducing enhanced notifications for developers and highlighting integration with GitHub Copilot Autofix as part of the platform’s security and collaboration improvements.
The GitHub Blog 2025-09-02
How GitHub Copilot Accelerated Secret Protection EngineeringParth Sehgal shares how the GitHub engineering team used GitHub Copilot coding agents to automate and scale secret protection, offering practical lessons for engineering teams.
The GitHub Blog 2025-08-28
Storm-0501’s Evolving Cloud-Based Ransomware Tactics: Microsoft Analysisstclarke provides an in-depth analysis of recent Storm-0501 attacks leveraging cloud-based ransomware techniques to compromise hybrid Microsoft environments, with actionable recommendations for security professionals.
Microsoft News 2025-08-27
Microsoft Defender Leads Modern Endpoint Security Market for Third Consecutive YearRob Lefferts reports on Microsoft Defender’s continued leadership in endpoint security, emphasizing market share growth, cross-platform capabilities, and AI-powered threat disruption.
Microsoft Security Blog 2025-08-27
Agent Factory: Top 5 Agent Observability Best Practices for Reliable AIYina Arenas shares best practices for implementing observability in AI agents, covering lifecycle evaluation, monitoring, security, and governance with Azure AI Foundry Observability.
The Azure Blog 2025-08-27
Enabling Healthcare Compliance with Microsoft Purview DLP Policies in FabricMicrosoft Fabric Blog presents a thorough overview of using Purview DLP policies to safeguard healthcare data, outlining compliance strategies and actionable steps for security administrators.
Microsoft Fabric Blog 2025-08-27
GitHub Introduces Free Secret Risk Assessment Tool for OrganizationsAllison presents GitHub’s new secret risk assessment tool, enabling organizational admins to detect and analyze secret leaks across their repositories. This feature enhances security practices and supports actionable improvements.
The GitHub Blog 2025-08-26
GitHub Releases Introduce Immutability for Enhanced Supply Chain SecurityAllison reports on GitHub’s rollout of immutable releases in public preview, highlighting new supply chain security measures, tag and asset protection, and cryptographic attestations for artifact verification.
The GitHub Blog 2025-08-26
Introducing Crescent: Microsoft's Cryptographic Library for Privacy-Preserving Digital Identitystclarke explains how Crescent, a cryptographic library from Microsoft Research, provides privacy-preserving features for digital identity systems, preventing tracking and protecting user data with advanced cryptography.
Microsoft News 2025-08-26
GitHub Secret Scanning Expands with New Validators and Validity ChecksAllison outlines GitHub’s addition of over 10 new validators for secret scanning, including providers like Square and Yandex, to improve credential security for developers.
The GitHub Blog 2025-08-26
Securing and Governing Autonomous AI Agents in the EnterpriseIgor Sakhnov, Corporate Vice President and Deputy CISO for Identity at Microsoft, shares practical advice on securing and governing autonomous AI agents, highlighting new risks and governance strategies in large-scale...
Microsoft Security Blog 2025-08-26
Safeguarding VS Code Against Prompt Injections: Securing GitHub Copilot ChatMichael Stepankin details prompt injection vulnerabilities in the VS Code Copilot Chat extension, examining how attackers target agent tools and how the GitHub and VS Code teams have responded. The...
The GitHub Blog 2025-08-25
Protecting Azure Infrastructure: Defense-in-Depth from Silicon to SystemsAuthored by Mark Russinovich, Omar Khan, and Bryan Kelly, this article examines Microsoft’s holistic approach to securing Azure, covering innovations like Azure Boost, confidential computing, and root-of-trust hardware for end-to-end...
The Azure Blog 2025-08-25
Analyzing the ClickFix Social Engineering Technique and Defenses with Microsoft SecurityMicrosoft Threat Intelligence and Defender Experts offer a comprehensive analysis of the evolving ClickFix social engineering campaigns targeting enterprise users, with detailed recommendations for detecting, responding, and mitigating these attacks...
Microsoft Security Blog 2025-08-21
On-premises Data Gateway August 2025 Release: Entra ID Support for PostgreSQLThe Microsoft Fabric Blog shares news about the August 2025 release of the on-premises data gateway. Key highlights include Entra ID authentication support for PostgreSQL and seamless integration with Power...
Microsoft Fabric Blog 2025-08-21
Microsoft Unveils Quantum Safe Program Strategy to Prepare for Post-Quantum Security Erasbaynes details Microsoft’s Quantum Safe Program Strategy, outlining the company’s proactive approach to post-quantum cybersecurity and strategic partnerships with governments and industry to safeguard global digital infrastructure.
Microsoft News 2025-08-20
Designing Multi-Agent Intelligence: Microsoft Reference Architecture and Enterprise Case StudiesVinicius Souza, Maggie Liu, Thiago Rotta, and others from Microsoft AI Co-Innovation Labs present a detailed blueprint for enterprise-ready, multi-agent AI systems running on Azure. The article includes reference architectures,...
Microsoft DevBlog 2025-08-20
Microsoft Fabric Introduces Workspace-Level Private Link (Preview)Microsoft Fabric Blog announces the preview of workspace-level Private Link, a new security feature enabling more granular private network access to individual Fabric workspaces. This post by the Microsoft Fabric...
Microsoft Fabric Blog 2025-08-20
Quantum-safe Security: Microsoft's Progress Toward Next-generation CryptographyMark Russinovich and Michal Braverman-Blumenstyk present an authoritative overview of Microsoft’s quantum-safe security strategy, covering cryptography advances, standards collaboration, and practical steps for resilience against quantum-era threats.
Microsoft Security Blog 2025-08-20
Agent Factory: Building Your First AI Agent with Azure AI FoundryYina Arenas details how to build and securely manage agentic AI solutions in Azure AI Foundry, offering practical patterns, protocols, and governance strategies for enterprise adoption.
The Azure Blog 2025-08-20
GitHub Secret Scanning: Custom Pattern Configuration in Push Protection Now AvailableAllison reports that GitHub Secret Protection now allows organizations to configure secret scanning patterns used in push protection, supporting stronger, customizable security policies.
The GitHub Blog 2025-08-19
Model Context Protocol (MCP) Is Now Generally Available in Visual StudioAllie Barry introduces the general availability of Model Context Protocol (MCP) in Visual Studio, highlighting how developers can integrate AI agents, like Copilot, for richer automation and secure connections to...
Microsoft DevBlog 2025-08-19
Azure Developer CLI (azd) August 2025 Release OverviewPuiChee (PC) Chan shares the August 2025 Azure Developer CLI (azd) release summary, including important bug fixes, new documentation, improved templates for common developer scenarios, and enhanced security and AI...
Microsoft DevBlog 2025-08-18
Dissecting PipeMagic: Technical Analysis of a Modular Malware BackdoorMicrosoft Threat Intelligence delivers a comprehensive technical breakdown of PipeMagic, a modular backdoor leveraged by Storm-2460, focusing on its architecture, exploitation methods, and mitigation strategies for security professionals.
Microsoft Security Blog 2025-08-18
GitHub Actions Policy Adds Blocking and SHA Pinning for Enhanced SecurityAllison outlines recent improvements to GitHub Actions policies, focusing on blocking vulnerable actions and enforcing SHA pinning to enhance repository and workflow security.
The GitHub Blog 2025-08-15
CodeQL Expands Support for Kotlin and Improves Static Analysis AccuracyAllison reports on recent updates to CodeQL, featuring expanded Kotlin support, enhanced Rust analysis, and improved query accuracy for JavaScript and React, ensuring better static analysis and security scanning for...
The GitHub Blog 2025-08-14
Queensland Government Enhances Cybersecurity for Vulnerable Communities with Microsoft 365 E5stclarke outlines the Queensland Government’s journey in transforming its cybersecurity posture by consolidating tools under Microsoft 365 E5, deploying Defender and Sentinel, and aligning with modern security practices for greater...
Microsoft News 2025-08-14
GitHub Enterprise Importer Incident and IP Range Update: July 2025 Availability ReportJakub Oleksy reports on the July 2025 service disruption affecting GitHub Enterprise Importer, focusing on incident details, infrastructure changes, updated IP allow list requirements for Azure and other cloud migrations,...
The GitHub Blog 2025-08-13
GitHub MCP Server Enhances Secret Scanning and Push Protection for Public RepositoriesAllison introduces major enhancements in secret scanning and push protection for the GitHub MCP server, explaining how these features help secure public repository workflows against credential leaks and prompt injection...
The GitHub Blog 2025-08-13
Connect with the Security Community at Microsoft Ignite 2025stclarke highlights Microsoft Ignite 2025, an event tailored for security professionals and leaders to explore AI-powered security innovations, network with peers, and participate in hands-on labs and certification opportunities.
Microsoft News 2025-08-13
Azure DevOps Improves OAuth Client Secret Security: Secrets Now Shown Only OnceAngel Wong announces an important change to how Azure DevOps handles OAuth client secrets, introducing a ‘show-once’ system to improve security and retiring the existing secret retrieval API.
Microsoft DevBlog 2025-08-13
Secret Scanning Expands Support: 12 New Token Validators Added to GitHubAllison reports on GitHub’s secret scanning improvements, highlighting expanded support for 12 new token types and enhanced credential validity checks to bolster repository security.
The GitHub Blog 2025-08-12
How Dow Uses Microsoft Security Copilot and AI to Transform Cybersecurity Operationsstclarke explores how Mario Ferket and Dow have integrated Microsoft Security Copilot and AI into their cybersecurity operations, improving automation, threat detection, and analyst mentorship.
Microsoft News 2025-08-12
Secret Validity Checks Launch in GitHub Advanced Security for Azure DevOpsMichael Omokoh introduces the secret validity checks feature in GitHub Advanced Security for Azure DevOps, showing how developers and security teams can now prioritize remediation of live secrets and stay...
Microsoft DevBlog 2025-08-12
Microsoft Recognized as a Leader in the 2025 Gartner Magic Quadrant for Container ManagementSean McKenna reports on Microsoft’s continued leadership in the 2025 Gartner Magic Quadrant for Container Management. The post highlights innovations in Azure’s container portfolio, developer and operational tooling, AI workloads,...
The Azure Blog 2025-08-12
Continuous Access Evaluation (CAE) Brings Real-Time Security to Azure DevOpsAngel Wong introduces support for Continuous Access Evaluation (CAE) on Azure DevOps, discussing its impact on real-time security and the implications for developers using Microsoft Entra ID.
Microsoft DevBlog 2025-08-12
Securing the Open Source Supply Chain: Impact of the GitHub Secure Open Source FundAuthored by Kevin Crosby, this article highlights how 71 critical open source projects—supported by the GitHub Secure Open Source Fund and partners like Microsoft—improved their security posture with tangible results...
The GitHub Blog 2025-08-11
Customer-Managed Keys for Microsoft Fabric Workspaces Now in Public PreviewMicrosoft Fabric Blog announces the public preview of customer-managed keys (CMK) for Fabric workspaces, allowing teams to implement stronger data protection and compliance measures. Authored by the Microsoft Fabric Blog...
Microsoft Fabric Blog 2025-08-11
Introducing Support for Workspace Identity Authentication in Fabric ConnectorsThe Microsoft Fabric Blog team, including co-author Meenal Srivastva, announces expanded workspace identity authentication support in Microsoft Fabric connectors, detailing security improvements and implementation steps.
Microsoft Fabric Blog 2025-08-11
GPT-5 Launches in Azure AI Foundry: New Era for AI Apps, Agents, and DevelopersSteve Sweetman announces the general availability of GPT-5 in Azure AI Foundry, detailing its rollout to developers via GitHub Copilot and VS Code, enhanced reasoning, orchestration features, and robust security...
The Azure Blog 2025-08-07
Announcing Public Preview of the Phishing Triage Agent in Microsoft DefenderCristina Da Gama Henriquez announces the public preview of the Phishing Triage Agent in Microsoft Defender, highlighting its AI-powered, autonomous phishing detection capabilities for SOC teams.
Microsoft Security Blog 2025-08-07
Microsoft Bounty Program Year in Review: $17 Million Awarded to Security Researchersstclarke presents a comprehensive year-in-review of the Microsoft Bounty Program, showcasing $17 million in rewards, the impact of security research collaborations, and updates to Microsoft’s vulnerability reward initiatives.
Microsoft News 2025-08-06
Practical Guidance: Launching Microsoft Secure Future Initiative Patterns and PracticesIn this post, stclarke introduces the Microsoft Secure Future Initiative (SFI) patterns and practices—a library of practical security solutions aimed at helping organizations enhance security at scale, informed by Microsoft’s...
Microsoft News 2025-08-06
5 Copilot Chat Prompts .NET Developers Should Use NowIn this blog, Wendy Breiding presents five practical GitHub Copilot Chat prompts specifically designed to help .NET developers boost productivity, code quality, and security when working on Microsoft technologies.
Microsoft .NET Blog 2025-08-06
Project Ire: Autonomous AI Agent for Large-Scale Malware Detection and ClassificationWritten by stclarke, this post presents Project Ire, Microsoft’s new autonomous AI agent built for large-scale malware detection by reverse engineering and classifying threats. The article addresses technical foundations, system...
Microsoft News 2025-08-05
Elevate Your Protection with Expanded Microsoft Defender Experts CoverageAuthored by Henry Yan and Sylvie Liu, this post introduces new 24/7, expert-driven protections from Microsoft Defender Experts for protecting cloud workloads, including support for multicloud environments.
Microsoft Security Blog 2025-08-05
What’s New in Copilot Studio: July 2025 Feature RoundupIn this comprehensive roundup, stclarke highlights major new capabilities added to Microsoft Copilot Studio in July 2025, focusing on AI-powered agent creation, secure data integration, and robust analytics and admin...
Microsoft News 2025-08-05
What’s New in Fabric Warehouse – July 2025: AI, Performance, and Modern Data EngineeringThis comprehensive recap from the Microsoft Fabric Blog details July 2025’s new features and enhancements for Fabric Warehouse, including AI integration, security, performance improvements, and developer tools, making it relevant...
Microsoft Fabric Blog 2025-08-05
Automate Open-Source Dependency Scanning in Azure DevOps with Advanced SecurityLaura Jiang explores automating open-source dependency scanning in Azure DevOps with GitHub Advanced Security, focusing on setup, integration, and how results are surfaced for developers.
Microsoft DevBlog 2025-08-04
What’s New in Azure AI Foundry: July 2025 Releases and UpdatesAuthored by Nick Brady, this post highlights the July 2025 updates to Azure AI Foundry, including Deep Research Agent, GPT-image-1 model improvements, agent tools, and platform and security features for...
Microsoft DevBlog 2025-08-04
The new Dependabot NuGet updater: 65% faster with native .NETJamie Magee and Brett Forsgren share how Dependabot’s revamped NuGet updater uses .NET’s own tooling to bring faster, more reliable, and more secure dependency updates to developers.
Microsoft .NET Blog 2025-08-04
Microsoft Entra Suite Delivers 131% ROI Through Unified Identity and Network AccessIrina Nechaeva reports on a Forrester study showing that organizations using Microsoft Entra Suite achieved a 131% ROI by improving identity and network access security.
Microsoft Security Blog 2025-08-04
Fabric Platform Ends Support for TLS 1.1 and EarlierMicrosoft Fabric Blog announces the end of support for TLS 1.1 and earlier on the Fabric platform. Authors provide key migration steps and security implications for organizations relying on Fabric...
Microsoft Fabric Blog 2025-08-04
Russian Threat Actor Secret Blizzard's AiTM Campaign Targets Diplomats with ApolloShadow Malwarestclarke presents an in-depth look at Microsoft’s findings on the Russian state actor Secret Blizzard’s AiTM attack on diplomats in Moscow, revealing their use of ApolloShadow malware, attack flow, and...
Microsoft News 2025-07-31
Modernize Your Identity Defense with Microsoft Identity Threat Detection and ResponseEric Sachs and Yaron Paryanty discuss Microsoft’s integrated approach to identity threat detection and response, providing actionable insights for strengthening identity security.
Microsoft Security Blog 2025-07-31
Experience the New Visual SQL Audit Logs Configuration in Fabric WarehouseMicrosoft Fabric Blog introduces a new visual experience for configuring SQL Audit Logs in Fabric Data Warehouse, detailing improved audit management and compliance flexibility for data professionals.
Microsoft Fabric Blog 2025-07-31
Azure SDK Release Highlights and Updates for July 2025Ronnie Geraghty summarizes the key updates in the July 2025 Azure SDK release, detailing new features, bug fixes, stable and beta releases for languages like Python, .NET, and more.
Microsoft DevBlog 2025-07-31
A Practical Guide to Using the GitHub MCP Server for Automated AI WorkflowsAndrea Griffiths explores the migration from a local MCP Docker image to GitHub’s managed MCP server, streamlining authentication, automation, and security-focused AI workflows with GitHub Copilot integration.
The GitHub Blog 2025-07-30
Fabric July 2025 Feature SummaryThis article by Microsoft Fabric Blog offers a comprehensive summary of July 2025’s new features in Microsoft Fabric, authored by Patrick LeBlanc. Key updates span data science, governance, Power BI,...
Microsoft Fabric Blog 2025-07-30
Spotlight-based macOS TCC Vulnerability CVE-2025-31199: Analysis by Microsoft Threat IntelligenceIn this technical breakdown by Microsoft Threat Intelligence, authors Jonathan Bar Or, Alexia Wilson, and Christine Fossaceca uncover and analyze the new macOS Spotlight-based TCC vulnerability, CVE-2025-31199, and discuss its...
Microsoft Security Blog 2025-07-28
How to Build Secure and Scalable Remote MCP ServersAuthored by Den Delimarsky, this article offers a thorough walkthrough for developers on building secure, scalable MCP servers. It focuses on robust security, authorization, secrets management, and architectural practices needed...
The GitHub Blog 2025-07-25
How to Streamline GitHub API Calls in Azure Pipelines Using a Custom DevOps ExtensionWritten by Tiago Pascoal, this post details how to build a custom Azure DevOps extension for secure, efficient, and centralized authentication with GitHub APIs from Azure Pipelines, streamlining automation and...
The GitHub Blog 2025-07-24
We Need a European Sovereign Tech Fund to Sustain Open Source SoftwareAuthored by Felix Reda, this article calls for greater public investment in open source software through a proposed European Sovereign Tech Fund, highlighting GitHub’s policy efforts and recommendations to address...
The GitHub Blog 2025-07-23
MCP C# SDK Updated: Protocol 2025-06-18 Brings Elicitation, Structured Output, and Enhanced SecurityIn this post, Mike Kistler presents the major update for the MCP C# SDK, introducing support for protocol version 2025-06-18. The release offers .NET developers new features such as elicitation,...
Microsoft .NET Blog 2025-07-22
Mitigating Active Exploitation of On-Premises SharePoint VulnerabilitiesMicrosoft Threat Intelligence reports on recent attacks exploiting SharePoint vulnerabilities, with actionable defense steps for organizations. This summary highlights author guidance for defenders and SharePoint administrators facing these advanced threats....
Microsoft Security Blog 2025-07-22
Microsoft Sentinel Data Lake: Unifying Security Signals and Driving AI AdoptionScott Woodgate and Krishna Kumar Parthasarathy introduce a new data lake for Microsoft Sentinel, enhancing unified security data management, AI-driven insights, and affordability for security teams.
Microsoft Security Blog 2025-07-22
Microsoft at Black Hat USA 2025: A Unified Approach to Modern Cyber DefenseIn this announcement, author Elliot Volkman shares Microsoft’s plans for Black Hat USA 2025, focusing on AI-driven, unified security solutions. Learn what to expect and how to connect with Microsoft...
Microsoft Security Blog 2025-07-18
Microsoft Defender for Office 365: Transparent Benchmarks on Email Security EffectivenessRamya Chitrakar and Scott Woodgate present Microsoft’s latest efforts to make email security performance more transparent, including dashboards and benchmarking reports for Defender for Office 365 and comparisons with other...
Microsoft Security Blog 2025-07-17
Microsoft Azure AI Foundry Models and Security Copilot Achieve ISO/IEC 42001:2023 CertificationIn this post, Molly Bostic announces Microsoft’s ISO/IEC 42001:2023 certification for Azure AI Foundry Models and Microsoft Security Copilot, detailing the implications for responsible AI, security, and compliance efforts.
The Azure Blog 2025-07-17
Microsoft Named a Leader in Gartner's 2025 Magic Quadrant for Endpoint ProtectionRob Lefferts shares Microsoft’s achievement as a Leader in the 2025 Gartner Magic Quadrant for Endpoint Protection Platforms, recognizing Defender for Endpoint’s effectiveness against advanced cyberthreats.
Microsoft Security Blog 2025-07-16
How to Catch GitHub Actions Workflow Injections Before Attackers DoIn this article, Dylan Birtolo addresses strategies for detecting and mitigating GitHub Actions workflow injections, offering practical guidance on boosting repository security.
The GitHub Blog 2025-07-16
Configure internet access for Copilot coding agentIn this article, Allison discusses new updates to GitHub Copilot, specifically focusing on changes to its internet access during the public preview phase. The updates aim to better protect user...
The GitHub Blog 2025-07-16
Databricks Runs Best on Azure: Performance, Integration, and AI SynergyIn this post, Jason Pereira and Anavi Nahar outline how Azure Databricks delivers a streamlined, high-performance environment for analytics and AI, leveraging tight integration with the Microsoft ecosystem.
The Azure Blog 2025-07-15
Security Copilot capabilities in Microsoft Intune and Entra now generally availableIn this article, author stclarke discusses the general availability of Security Copilot capabilities within Microsoft Intune and Microsoft Entra. The announcement highlights how these integrations bring enhanced AI-driven security automation,...
Microsoft News 2025-07-14
Microsoft Expands Zero Trust Workshop: Network, Infrastructure, and SecOps Now IncludedIn this article, Rob Lefferts explains Microsoft’s expanded Zero Trust workshop, now featuring guidance on network, infrastructure, and SecOps pillars to help organizations enhance their security posture and operational workflows....
Microsoft Security Blog 2025-07-09
July Patches for Azure DevOps Server Now AvailableAuthored by Gloridel Morales, this post announces July patches for Azure DevOps Server, highlighting key fixes and steps for users to ensure secure and updated deployments.
Microsoft DevBlog 2025-07-09
.NET and .NET Framework July 2025 Servicing Releases UpdatesAuthored by Tara Overfield and Victor Israel-Bolarinwa, this article outlines the latest servicing updates released for .NET and .NET Framework in July 2025.
Microsoft .NET Blog 2025-07-08
New e-book teaches how to build an AI-powered security operations centerIn this article, stclarke discusses the release of a new e-book that serves as a comprehensive guide for building an AI-powered security operations center (SOC).
Microsoft News 2025-07-07
Automating Secure and Scalable AI Deployments on Azure with HashiCorpWritten by cindywang and davidwright, this article delves into automating secure and scalable AI deployments using HashiCorp and Azure, highlighting infrastructure-as-code, security, and operational best practices.
Microsoft DevBlog 2025-07-04
Join Us for MCP Dev Days – July 29-30: Deep Dive into the Model Context ProtocolAuthored by Katie Savage and Marc Baiza, this post introduces MCP Dev Days, a Microsoft event dedicated to the Model Context Protocol (MCP), offering deep technical content, hands-on sessions, and...
Microsoft DevBlog 2025-07-02
Jasper Sleet - North Korean remote IT workers’ evolving tactics to infiltrate organizationsIn this article, stclarke discusses the latest strategies employed by North Korean remote IT workers aiming to infiltrate organizations globally.
Microsoft News 2025-07-01
Building Secure, Scalable Generative AI in the Cloud with Microsoft AzureMaria Bledsoe discusses Forrester Research findings on how Microsoft Azure enables enterprises to securely and efficiently scale generative AI, highlighting the platform’s security, compliance, and data management capabilities.
The Azure Blog 2025-07-01
Removing Azure Resource Manager Reliance on Azure DevOps Sign-insAngel Wong announces important authentication updates for Azure DevOps, moving away from Azure Resource Manager dependence for Entra sign-ins. This guide helps administrators prepare for the coming changes in Conditional...
Microsoft DevBlog 2025-06-25
IDC Study: 306% ROI in 3 Years Migrating Ubuntu Linux Workloads to Microsoft AzureOmar Khan reviews IDC’s findings on the impact of running Ubuntu workloads on Microsoft Azure, detailing ROI, cost savings, and productivity.
The Azure Blog 2025-06-20
Announcing General Availability of GitHub Copilot for Azure—Now with Agent ModeYun Jung Choi introduces the general availability of GitHub Copilot for Azure, highlighting its new Agent Mode that transforms DevOps workflows with integrated AI, enhanced security, and rich Azure support....
Microsoft DevBlog 2025-06-19
Maximize Your ROI for Azure OpenAI: Pricing, Deployment, and Cost Optimization StrategiesIn this article, Steve Sweetman explores maximizing returns with Azure OpenAI by reviewing flexible pricing, deployment types, cost-saving features, and integration across the Azure AI ecosystem.
The Azure Blog 2025-06-18
Securely Turbo‑Charge Software Delivery with Codex Coding Agent on Azure OpenAIIn this detailed guide, Govind Kamtamneni explains how to run the Codex Coding Agent securely on Azure OpenAI. He covers setup, enterprise security benefits, automation via GitHub Actions, and troubleshooting...
Microsoft DevBlog 2025-06-18
Security and Trust in Visual Studio Marketplace: Safeguarding Extensions for DevelopersAuthored by Sean, this article delivers a comprehensive overview of efforts to ensure extension security and developer trust in the Visual Studio Marketplace, outlining both current safeguards and planned investments....
Microsoft DevBlog 2025-06-12
June Patches Released for Azure DevOps Server 2022.2: Improvements & Important UpdatesGloridel Morales announces the June patches for Azure DevOps Server 2022.2, highlighting Test Plans enhancements and addressing an ongoing issue with Patch 6, along with installation recommendations and verification steps....
Microsoft DevBlog 2025-06-10
Restricting PAT Creation in Azure DevOps Preview: New Granular Controls for AdministratorsWritten by Angel Wong, this article explores the new preview policy in Azure DevOps to restrict personal access token creation. It details how organizations can reduce PAT usage and strengthen...
Microsoft DevBlog 2025-06-05
Microsoft and LangChain: Advancing AI Security for Open Source on AzureAuthored by Marlene Mhangami, this article examines Microsoft’s partnership with LangChain to bolster AI security for open-source developers on Azure. The collaboration addresses integration risks while ensuring enterprises can safely...
Microsoft DevBlog 2025-06-05
Azure SDK Release Highlights and Notes for May 2025Written by Ronnie Geraghty, this overview summarizes the Azure SDK May 2025 release, detailing new features, stable and beta libraries for multiple programming languages, and links to comprehensive release notes....
Microsoft DevBlog 2025-06-03
GitHub Secret Protection and Code Security Now Available for Azure DevOpsLaura Jiang introduces the new standalone GitHub Secret Protection and GitHub Code Security products for Azure DevOps, highlighting their features, pricing structure, and steps for implementation within organizations.
Microsoft DevBlog 2025-06-02
Connect Once, Integrate Anywhere: Model Context Protocol (MCP) for AI IntegrationIn this article, Maria Naggaga details the Model Context Protocol (MCP), outlining its impact on AI integration and developer productivity, with insights on leveraging GitHub Copilot, Visual Studio, Azure API...
Microsoft DevBlog 2025-05-21
Azure MCP Server – May 2025 Release: New Integrations and FeaturesRohit Ganguly presents the May 2025 release of Azure MCP Server, focusing on new service integrations, improved documentation, and tools for developers, including collaboration with GitHub Copilot for Azure.
Microsoft DevBlog 2025-05-20
Visual Studio Code April 2025 (v1.100) Release HighlightsVisual Studio Code Team delivers an in-depth summary of the April 2025 (v1.100) release, focusing on new AI chat workflows, Copilot-powered code editing, agent mode, developer security, and ecosystem improvements....
Visual Studio Code Releases 2025-05-08
Azure Toolkit for IntelliJ Brings Enhanced Java Code Quality Analyzer for Azure SDK DevelopmentSameeksha Vaity details the latest enhancements to the Azure Toolkit for IntelliJ, highlighting a powerful Java Code Quality Analyzer aimed at improving code quality, security, and performance for developers working...
Microsoft DevBlog 2025-04-18
PowerShell, OpenSSH, and DSC Team Investments for 2025: Security, Integrations, and Community PrioritiesSteve Lee shares an in-depth look at the planned investments for PowerShell, OpenSSH, and Desired State Configuration (DSC) in 2025, emphasizing security, community input, and modernization across Microsoft’s open tooling...
Microsoft PowerShell Blog 2025-04-14
Introducing Spring Cloud Azure Starter Key Vault JCA for Streamlined TLS and mTLS in Spring BootMoary Chen introduces the Spring Cloud Azure Starter Key Vault JCA, showing how to streamline TLS and mTLS for Spring Boot using Azure Key Vault for secure certificate management.
Microsoft DevBlog 2025-04-11
Azure Developer CLI (azd) – March 2025 Release: New Features, Bug Fixes, and Updated TemplatesAuthored by Kristen Womack, this news post details the March 2025 Azure Developer CLI (azd) release, covering notable new features, bug fixes, contributions on templates, and enhanced support for AI...
Microsoft DevBlog 2025-03-07
Finding Leaked Passwords with AI: Building GitHub Copilot Secret ScanningAuthored by Ashwin Mohan, this post delves into the creation and refinement of GitHub Copilot secret scanning, highlighting the AI-powered approach to detecting passwords and managing security alerts for developers...
GitHub Engineering Blog 2025-03-04
Common Annotated Security Keys: Enhancing Token Format Security with CASK at Microsoft and GitHubIn this article, Michael C. Fanning details how GitHub and Microsoft are advancing secure secret management through the Common Annotated Security Standard (CASK), outlining its technical features and its role...
Microsoft DevBlog 2024-09-25
Security Update: Changes to URI Expiry Time in Azure Notification HubsAuthored by Sreehari R, this update details upcoming changes to Azure Notification Hubs’ URI expiry policy, focusing on improved security and guidance for users.
Microsoft DevBlog 2024-09-25