Microsoft PCI Data Security Standards Revised for 2016

Today Microsoft announced that it has published it’s 2016 Attestation of Compliance in the Microsoft Trust Center. Several services were added to Microsoft’s attestation, some of which are: Identity and access management, such as Azure Rights Management Analytics services, such as HDInsight Management and security services like Key Vault and our new Management portal Data…


Tim Rains on Encrypting Data at Rest in Microsoft Cloud Services

How does Microsoft secure data at rest in its cloud services ? That’s a great question and we’ve had a lot of people ask us on the Azure Security Engineering team the same thing. Tim Rains, Chief Security Advisor, Microsoft Worldwide Cybersecurity & Data Protection, covers a number of things that we do within to…


Pen Testing Your Applications in Microsoft Azure

Several people in the Azure security community have been asking about pen testing applications that they’ve deployed in Microsoft Azure. It’s a good question and so I put together an answer for you that you can find over at Pen testing your applications hosted in Microsoft Azure. If you have any questions, comments or ideas…