Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Microsoft Announces New Security Features for Devs, Customers

At this week’s Build virtual event, Microsoft announced new Identity and Azure features meant to improve security for both application developers and enterprise customers.

At this week’s Build virtual event, Microsoft announced new Identity and Azure features meant to improve security for both application developers and enterprise customers.

For developers, admins, and end-users alike, new Identity capabilities to help foster a secure and trustworthy app ecosystem include Publisher Verification, app consent policies, and general availability of Microsoft authentication libraries (MSAL) for Angular.

With Publisher Verification, developers can demonstrate to customers that their application comes from a trusted and authentic source. Applications will be marked when the publisher has verified their identity with the Microsoft Partner Network (MPN) and associated the account with the application registration.

Administrators will also be able to configure policies and determine the applications that users can consent to, such as those that have been Publisher Verified.

In addition to making MSAL generally available, Microsoft announced that a web library identity.web for ASP.NET Core is in public preview. With MSAL, devs can implement authentication patterns, security features, and integration points with support for any Microsoft identity (from Azure Active Directory accounts to Microsoft accounts).

The tech company also announced the preview of Azure AD External Identities, meant to help organizations and developers create and manage apps that connect with users outside an organization.

This week, Microsoft announced two new additions to Azure Security Center: the availability of Azure Secure Score API to customers, and the public availability of suppression rules for Azure Security Center alerts, which are meant to reduce alerts fatigue.

The company also announced that customers can now control encryption keys on 50 more Azure services, to ensure they meet compliance or regulatory requirements. The capability is now part of the Azure Security Benchmark.

Advertisement. Scroll to continue reading.

Now, Azure Disk Encryption can be used to secure Red Hat Enterprise Linux BYOS Gold Images (Azure Disk Encryption can be enabled only after the subscription has been registered).

Azure Key Vault, the unified service for management of secrets, certificates, and encryption keys, now provides increased security with Private Link, an option that provides access to Azure Key Vault over a private endpoint in a virtual network (the traffic flows over the Microsoft backbone network).

Furthermore, Microsoft now allows customers to use SafeNet Luna HSMs or Fortanix SDKMS to generate encryption keys outside Azure and then import them into Azure Key Vault (previously, only nCipher nShield HSMs was supported).

Microsoft also released a public preview of notifications for keys, secrets, and certificates, to make it easier for customers to rotate secrets.

Recently, Microsoft announced the general availability of Azure Confidential Computing, which leverages the latest Intel SGX CPU hardware for a new class of VMs that can protect the confidentiality and integrity of customer data while in memory.

Customers can approve or reject data access requests through Customer Lockbox for Microsoft Azure, which now features expanded coverage of services, and is now available in preview for Azure Government cloud customers.

Related: Microsoft Open-Sources COVID-19 Threat Intelligence

Related: Microsoft Releases Azure Security Benchmark

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.