CONFERENCE NOW LIVE: Threat Detection & Incident Response (TDIR) Summit - Join the Event In-Progress
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Microsoft Announces New Security Features for Devs, Customers

At this week’s Build virtual event, Microsoft announced new Identity and Azure features meant to improve security for both application developers and enterprise customers.

At this week’s Build virtual event, Microsoft announced new Identity and Azure features meant to improve security for both application developers and enterprise customers.

For developers, admins, and end-users alike, new Identity capabilities to help foster a secure and trustworthy app ecosystem include Publisher Verification, app consent policies, and general availability of Microsoft authentication libraries (MSAL) for Angular.

With Publisher Verification, developers can demonstrate to customers that their application comes from a trusted and authentic source. Applications will be marked when the publisher has verified their identity with the Microsoft Partner Network (MPN) and associated the account with the application registration.

Administrators will also be able to configure policies and determine the applications that users can consent to, such as those that have been Publisher Verified.

In addition to making MSAL generally available, Microsoft announced that a web library identity.web for ASP.NET Core is in public preview. With MSAL, devs can implement authentication patterns, security features, and integration points with support for any Microsoft identity (from Azure Active Directory accounts to Microsoft accounts).

The tech company also announced the preview of Azure AD External Identities, meant to help organizations and developers create and manage apps that connect with users outside an organization.

This week, Microsoft announced two new additions to Azure Security Center: the availability of Azure Secure Score API to customers, and the public availability of suppression rules for Azure Security Center alerts, which are meant to reduce alerts fatigue.

The company also announced that customers can now control encryption keys on 50 more Azure services, to ensure they meet compliance or regulatory requirements. The capability is now part of the Azure Security Benchmark.

Advertisement. Scroll to continue reading.

Now, Azure Disk Encryption can be used to secure Red Hat Enterprise Linux BYOS Gold Images (Azure Disk Encryption can be enabled only after the subscription has been registered).

Azure Key Vault, the unified service for management of secrets, certificates, and encryption keys, now provides increased security with Private Link, an option that provides access to Azure Key Vault over a private endpoint in a virtual network (the traffic flows over the Microsoft backbone network).

Furthermore, Microsoft now allows customers to use SafeNet Luna HSMs or Fortanix SDKMS to generate encryption keys outside Azure and then import them into Azure Key Vault (previously, only nCipher nShield HSMs was supported).

Microsoft also released a public preview of notifications for keys, secrets, and certificates, to make it easier for customers to rotate secrets.

Recently, Microsoft announced the general availability of Azure Confidential Computing, which leverages the latest Intel SGX CPU hardware for a new class of VMs that can protect the confidentiality and integrity of customer data while in memory.

Customers can approve or reject data access requests through Customer Lockbox for Microsoft Azure, which now features expanded coverage of services, and is now available in preview for Azure Government cloud customers.

Related: Microsoft Open-Sources COVID-19 Threat Intelligence

Related: Microsoft Releases Azure Security Benchmark

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Jeremy Koppen has left Mandiant after 13 years to become the CISO of Equifax.

Engineering and technology solutions provider Amentum has appointed Max Shier as its CISO.

PAM provider Keeper Security has appointed Shane Barney as its Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.