Security should work the same way AI does. Always on, always learning, and built directly into the tools, agents, and platforms people rely on every day. The "In the Loop" covers the latest capabilities designed to help security teams secure their AI agents, protect cloud-native applications, and defend against threats in real time. Learn more about this and other Microsoft Agent 365 and Microsoft Defender for Cloud updates in our "In the Loop" blog. Link in the comments ⤵️
Microsoft Security
Computer and Network Security
Empowering security leaders with innovation, insights, and tools to stay ahead of threats
About us
Leading source for security innovation, industry insights, and news. Stay ahead of every shift in the security landscape and discover tools to help you secure your organization.
- Website
-
www.microsoft.com/security
External link for Microsoft Security
- Industry
- Computer and Network Security
- Company size
- 10,001+ employees
- Headquarters
- Seattle
- Specialties
- Security, Information protection, Identity, Compliance, Zero Trust, Remote Work, Threat protection, Access management, Microsoft Azure, Microsoft 365, Cloud app security, Secure application development, MCAS, CASB, Cloud access, Machine learning, and Cybersecurity
Updates
-
Microsoft Security reposted this
We’re excited to partner with Anthropic on plans to bring the cyber capabilities of Claude Opus 4.7 into the Microsoft Security portfolio, putting them in defenders' hands within their existing flow of work. You can read more in Anthropic’ s announcement here: https://lnkd.in/gdYBYiz2 Customers will be able to use advanced models like Claude Opus 4.7 to help find and fix vulnerabilities using Microsoft’s new multi-model, AI-driven scanning harness. Built from our experience applying advanced AI to scan the Microsoft codebase, this harness enables customers to put their preferred models to work discovering vulnerabilities and then validating, prioritizing, and remediating them at enterprise scale. You can read more about our approach in a blog I posted last week: https://lnkd.in/g22K9BeU
-
Done right, risk reviews help shift security from reactive remediation to a proactive posture. Deputy CISO Rico Mariani shares eight key points to make risk reviews actually useful—and help teams build a plan that drives action over time. Get started—link in the comments.
-
-
When it comes to securing AI agents, are we ready to: ✔️ Track them? ✔️ Govern them? ✔️ Secure them? In the era of agentic AI, security means applying visibility and control at scale. A unified control plane brings it all together. Learn more about Agent 365, generally available May 1—link in comments.
-
What changes when AI enters the ransomware lifecycle isn’t the objective. It’s the speed, scale, and ease of execution. More below. 👇
Threat actors are using AI to compress attack timelines across a range of malicious activities, including ransomware and extortion. AI is accelerating malware development, infrastructure setup, extortion strategies, and post‑compromise decision‑making, allowing operators to move from access to impact with less friction and fewer technical constraints. https://msft.it/6049vGZUT AI-assisted coding and debugging enable rapid payload iteration, while jailbreaking techniques can bypass safety controls to generate malicious tooling at speed. After compromise, AI supports analysis of compromised environments, prioritization of high‑value data, and refinement of persistence and escalation strategies. Stolen data can then be summarized, categorized, and operationalized at scale to support extortion, tailored ransom demands, and automated victim communications. Rather than introducing entirely new behaviors, AI amplifies existing ransomware tradecraft by increasing speed, adaptability, and endurance across the attack lifecycle, which can be used by threat actors to reimagine ransomware. For information on how to quickly protect your organization against ransomware attacks, see: https://msft.it/6040vGZUp
-
Same principles. New surface. Secure your agents with zero trust and least privilege. #RSAC #AgenticAI
-
Microsoft Security reposted this
In my latest edition of Heart of Security, I share why secure-by-design and empathy-driven security is essential as agents become more autonomous. AI should reduce complexity, helping defenders focus on what matters most: protecting people, data, and critical systems with clarity and confidence. I also spoke with David Weston about how we shift from fear to action, and why putting the right guardrails is critical to building and maintaining trust. Take a look at the full piece and our conversation below and as always let me know your feedback. 💜
-
A word from OpenAI and Microsoft Office of the CISO: AI models are becoming much more capable in cybersecurity, and that progress raises the bar for everyone. As capabilities advance, we're focused on deep collaboration with defenders to make software more resilient. Through initiatives like OpenAI’s Trusted Access for Cyber program and Microsoft’s Secure Future Initiative (SFI), we’re committed to helping customers and the industry use these advanced AI models to improve security outcomes for all. OpenAI and Microsoft have worked closely for years, and we’re building on our partnership. Going forward, our teams will work even more closely to apply AI for defense. OpenAI will provide Microsoft with access to its most cyber capable models through Trusted Access for Cyber, and Microsoft is committed to bringing the full strength of its cybersecurity defense team to help OpenAI protect their models and infrastructure and defend our joint customers. We’re excited to keep raising the bar together and with others in the industry to help make the broader ecosystem, including open-source software, more secure.