At this week’s Build virtual event, Microsoft announced new Identity and Azure features meant to improve security for both application developers and enterprise customers.
For developers, admins, and end-users alike, new Identity capabilities to help foster a secure and trustworthy app ecosystem include Publisher Verification, app consent policies, and general availability of Microsoft authentication libraries (MSAL) for Angular.
With Publisher Verification, developers can demonstrate to customers that their application comes from a trusted and authentic source. Applications will be marked when the publisher has verified their identity with the Microsoft Partner Network (MPN) and associated the account with the application registration.
Administrators will also be able to configure policies and determine the applications that users can consent to, such as those that have been Publisher Verified.
In addition to making MSAL generally available, Microsoft announced that a web library identity.web for ASP.NET Core is in public preview. With MSAL, devs can implement authentication patterns, security features, and integration points with support for any Microsoft identity (from Azure Active Directory accounts to Microsoft accounts).
The tech company also announced the preview of Azure AD External Identities, meant to help organizations and developers create and manage apps that connect with users outside an organization.
This week, Microsoft announced two new additions to Azure Security Center: the availability of Azure Secure Score API to customers, and the public availability of suppression rules for Azure Security Center alerts, which are meant to reduce alerts fatigue.
The company also announced that customers can now control encryption keys on 50 more Azure services, to ensure they meet compliance or regulatory requirements. The capability is now part of the Azure Security Benchmark.
Now, Azure Disk Encryption can be used to secure Red Hat Enterprise Linux BYOS Gold Images (Azure Disk Encryption can be enabled only after the subscription has been registered).
Azure Key Vault, the unified service for management of secrets, certificates, and encryption keys, now provides increased security with Private Link, an option that provides access to Azure Key Vault over a private endpoint in a virtual network (the traffic flows over the Microsoft backbone network).
Furthermore, Microsoft now allows customers to use SafeNet Luna HSMs or Fortanix SDKMS to generate encryption keys outside Azure and then import them into Azure Key Vault (previously, only nCipher nShield HSMs was supported).
Microsoft also released a public preview of notifications for keys, secrets, and certificates, to make it easier for customers to rotate secrets.
Recently, Microsoft announced the general availability of Azure Confidential Computing, which leverages the latest Intel SGX CPU hardware for a new class of VMs that can protect the confidentiality and integrity of customer data while in memory.
Customers can approve or reject data access requests through Customer Lockbox for Microsoft Azure, which now features expanded coverage of services, and is now available in preview for Azure Government cloud customers.
Related: Microsoft Open-Sources COVID-19 Threat Intelligence

More from Ionut Arghire
- Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes
- NBA Notifying Individuals of Data Breach at Mailing Services Provider
- Adobe Acrobat Sign Abused to Distribute Malware
- Latitude Financial Services Data Breach Impacts 300,000 Customers
- US Government Warns Organizations of LockBit 3.0 Ransomware Attacks
- New ‘Trigona’ Ransomware Targets US, Europe, Australia
- New Espionage Group ‘YoroTrooper’ Targeting Entities in European, CIS Countries
- CISA Seeks Public Opinion on Cloud Application Security Guidance
Latest News
- Aembit Scores $16.6M Seed Funding for Workload IAM Technology
- Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
- NBA Notifying Individuals of Data Breach at Mailing Services Provider
- Adobe Acrobat Sign Abused to Distribute Malware
- New York Man Arrested for Running BreachForums Cybercrime Website
- Huawei Has Replaced Thousands of US-Banned Parts With Chinese Versions: Founder
