惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threat Research - Cisco Blogs
博客园 - 聂微东
小众软件
小众软件
P
Proofpoint News Feed
Security Archives - TechRepublic
Security Archives - TechRepublic
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
TaoSecurity Blog
TaoSecurity Blog
博客园 - 司徒正美
罗磊的独立博客
N
News and Events Feed by Topic
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
S
Security Affairs
S
Security @ Cisco Blogs
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
The GitHub Blog
The GitHub Blog
月光博客
月光博客
S
Secure Thoughts
P
Proofpoint News Feed
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Forbes - Security
Forbes - Security
H
Heimdal Security Blog
W
WeLiveSecurity
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
L
LangChain Blog
T
The Blog of Author Tim Ferriss
NISL@THU
NISL@THU
Google DeepMind News
Google DeepMind News
Cloudbric
Cloudbric
H
Hacker News: Front Page
The Last Watchdog
The Last Watchdog
Hacker News - Newest:
Hacker News - Newest: "LLM"
C
Cisco Blogs
博客园 - 三生石上(FineUI控件)
博客园_首页
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
S
Schneier on Security
Project Zero
Project Zero
SecWiki News
SecWiki News
爱范儿
爱范儿
The Register - Security
The Register - Security
AI
AI
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Y
Y Combinator Blog
L
Lohrmann on Cybersecurity
Application and Cybersecurity Blog
Application and Cybersecurity Blog
P
Privacy International News Feed
J
Java Code Geeks
S
Securelist
C
Cyber Attacks, Cyber Crime and Cyber Security
V
Visual Studio Blog

Microsoft Security Blog

Unpacking the AsyncAPI npm supply chain compromise and import-time payload delivery | Microsoft Security Blog Turning threat intelligence into decisive action with Defender Experts | Microsoft Security Blog Defending SaaS-based applications against ShinyHunters OAuth abuse | Microsoft Security Blog Microsoft Entra ID security updates: Passkeys are the default authentication method in Entra ID | Microsoft Security Blog Securing our future: July 2026 progress report on Microsoft's Secure Future Initiative | Microsoft Security Blog GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware | Microsoft Security Blog Protecting Microsoft at AI speed: How SFI proactively hardens our cloud   | Microsoft Security Blog 5 insights from Frost & Sullivan’s 2025 Frost Radar™ for Cloud Security Posture Management | Microsoft Security Blog Improving security posture across the Microsoft partner ecosystem | Microsoft Security Blog Microsoft named a leader in the Frost Radar for cloud and application runtime security | Microsoft Security Blog Accelerating the quantum-safe timeline | Microsoft Security Blog ​​What’s new in Microsoft Security: June 2026 | Microsoft Security Blog Securing AI agents: When AI tools move from reading to acting | Microsoft Security Blog Chromium extension uses AI‑related branding to redirect browser search | Microsoft Security Blog Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access | Microsoft Security Blog Microsoft a Leader in The Forrester Wave™ for Endpoint Management Platforms | Microsoft Security Blog CNAPP evolution: How Microsoft aligns with leading cloud risk management platforms | Microsoft Security Blog StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them | Microsoft Security Blog Guarding AI memory | Microsoft Security Blog One intrusion, two cyberattackers: Uncovering parallel threat activity | Microsoft Security Blog AutoJack: How a single page can RCE the host running your AI agent  | Microsoft Security Blog From package to postinstall payload: Inside the Mastra npm supply chain compromise | Microsoft Security Blog Crypto Clipper uses Tor and worm-like propagation for persistence and control | Microsoft Security Blog Beyond the benchmark: Advancing security at AI speed  | Microsoft Security Blog ​​Forrester names Microsoft a Leader in the 2026 Extended Detection and Response Platforms Wave™ report | Microsoft Security Blog AI is accelerating cyberattacks—here’s how to stay ahead Microsoft Defender email security benchmarking: Key insights from one year of data | Microsoft Security Blog Reconstructing AI activity in investigations AI brands as bait: How threat actors are using the AI hype in social engineering Securing CI/CD in an agentic world: Claude Code Github action case Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign Turn specs into evals for any agent with ASSERT Microsoft Build 2026: Securing code, agents, and models across the development lifecycle Malicious npm packages abuse dependency confusion to profile developer environments Microsoft is named a Leader in the 2026 Gartner® Magic Quadrant™ for Endpoint Protection Typosquatted npm packages used to steal cloud and CI/CD secrets The Gentlemen ransomware: Dissecting a self-propagating Go encryptor From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities Microsoft recognized as a Leader in The Forrester Wave™ for Workforce Identity Security Platforms From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence Microsoft Security success stories: How St. Luke’s and ManpowerGroup are securing AI foundations What’s new in Microsoft Security: May 2026 Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft Securing the gaming culture of cultures Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow Exposing Fox Tempest: A malware-signing service operation How Storm-2949 turned a compromised identity into a cloud-wide breach How to better protect your growing business in an AI-powered world Defense in depth for autonomous AI agents When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps Accelerating detection engineering using AI-assisted synthetic attack logs generation Defending consumer web properties against modern DDoS attacks Undermining the trust boundary: Investigating a stealthy intrusion through third-party compromise Active attack: Dirty Frag Linux vulnerability expands post-compromise risk When prompts become shells: RCE vulnerabilities in AI agent frameworks World Passkey Day: Advancing passwordless authentication ​​Microsoft named an overall leader in KuppingerCole Analyst’s 2026 Emerging AI Security Operations Center (SOC) report ​​ ClickFix campaign uses fake macOS utilities lures to deliver infostealers Breaking the code: Multi-stage ‘code of conduct’ phishing campaign leads to AiTM token compromise CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments Microsoft Agent 365, now generally available, expands capabilities and integrations What’s new, updated, or recently released in Microsoft Security Email threat landscape: Q1 2026 trends and insights 8 best practices for CISOs conducting risk reviews Simplifying AWS defense with Microsoft Sentinel UEBA AI-powered defense for an AI-accelerated threat landscape Detection strategies across cloud and identities against infiltrating IT workers Making opportunistic cyberattacks harder by design Cross‑tenant helpdesk impersonation to data exfiltration: A human-operated intrusion playbook Containing a domain compromise: How predictive shielding shut down lateral movement Building your cryptographic inventory: A customer strategy for cryptographic posture management Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise Incident response for AI: Same fire, different fuel The agentic SOC—Rethinking SecOps for the next decade Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees Intent redirection vulnerability in third-party SDK exposed millions of Android wallets to potential risk Inside an AI‑enabled device code phishing campaign Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations Threat actor abuse of AI accelerates from tool to cyberattack surface Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments Mitigating the Axios npm supply chain compromise Critical Infrastructure at Risk | Security Insider
New Forrester study shows customers who unified with Microsoft Security benefited from 124% ROI | Microsoft Security Blog
Vasu Jakkal · 2026-06-19 · via Microsoft Security Blog

Across many industries, organizations are unifying security and putting AI agents to work. Security teams are utilizing agents that reason, decide, and act on their behalf, under their governance. At Microsoft, we see this firsthand—more than 80% of the Fortune 500 are already using AI.1 The promise of this moment is enormous. The responsibility that comes with it is just as significant. This year, Microsoft commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study for our AI-first, end-to-end security platform.

What end-to-end security delivers

Based on in-depth interviews with a survey of 362 customers and 11 security decision-makers using Microsoft Security solutions, the Forrester study revealed the impact of consolidating with Microsoft Security. To model the financial impact, Forrester aggregated insights into a single composite organization—a global business-to-business (B2B) company with 10,000 employees—and constructed a TEI framework that quantifies costs, benefits, and risks. Through its study, Forrester projected that an organization would experience the following over three years.

  • Up to 30% reduction in the likelihood of a breach
    Integrated protection across identities, endpoints, data, and infrastructure helps prevent attacks before they succeed.
  • Up to 25% reduction in cost to remediate remaining attacks
    End-to-end visibility and coordinated response cut the cost of incidents that do occur.
  • Up to 23% reduced annual technology spend
    Consolidating point solutions eliminates redundant tooling and the licensing and services that come with it.
  • Up to 32% avoided headcount growth
    Automation, integration, and self-service let teams scale without scaling proportionally.
  • 20% lower total cost of ownership—$3.0M in TCO savings
    A unified platform reduces the operating drag of running disconnected tools.
Graphic showing results from a commissioned Forrester Total Economic Impact (TEI) study: 124% return on investment, under six-month payback period, and $16.6 million net present value.

Based on interviews, Forrester’s financial analysis found that a composite organization experiences $30.0 million in benefits over three years versus $13.4 million in costs, resulting in a net present value (NPV) of $16.6 million and an ROI of 124%.

Read the full Forrester TEI study for a complete methodology, assumptions, and detailed financial analysis.

Microsoft Security allows us to deploy modern solutions and be on the leading edge of technologies at enterprise scale.” 

—Senior information security officer, NGO

Value beyond what’s measured

The numbers tell part of the story. What we hear from defenders and what the Forrester study reinforces is that the real value of consolidation shows up in the work itself: faster decisions, less friction, more time spent on the cyberthreats that matter. That’s especially true as AI changes both what cyberattackers can do and what defenders can build.

  • Security for AI – New solutions like Microsoft Agent 365 with foundations of Microsoft Security, extend identity, governance, and control to AI agents, so customers can adopt them with confidence. 
  • AI for Security – Microsoft Security Copilot, together with Microsoft Defender, Entra and Purview provides AI-assisted insights to help defenders investigate, prioritize, and respond to security incidents.
  • Security foundations for Zero Trust – Identity and access controls work consistently across the environment, without stitching together multiple vendors. 
  • Simplified hiring and skill development – Building on tools security teams already know makes it easier to recruit, onboard, and grow talent. 
  • Improved employee experience – Single sign-on and streamlined device onboarding reduce friction, so people can focus on their work. 

I like Microsoft because it’s the only vendor that provides a single view or a single location for all the security needs: cloud posture, endpoint protection management, data loss prevention. You don’t have that many vendors today that have the Swiss Army Knife-style platform.”

—Regional chief information security officer (CISO), engineering

An evolving playbook for the agentic era

An integrated approach to security is especially important as threat complexity grows—some organizations use an average of 45 security tools,2 which can increase operational overhead and limit visibility. At the same time, AI-powered threats are accelerating. As human-led AI agents begin to respond to threats, a connected security model becomes even more critical—extending consistent protections not only to traditional surfaces, but also to emerging layers such as prompts, models, plug-ins, and the agents themselves.

Security as the core primitive of the AI stack

As security systems evolve to meet the demands of the agentic era, we see security differently. In the agentic era, security should be the core primitive of the AI stack—woven into and around every layer, ambient, and autonomous, like the AI it protects.

Diagram of a Microsoft AI-first end-to-end security platform, illustrating integrated solutions including Microsoft Defender, Sentinel, Entra, Intune, and Purview, supported by security services and threat intelligence across agents, people, and foundational layers.

This principle is why we built our platform end-to-end—from identity and endpoint management to data security, compliance, and threat protection—creating an agentic defense platform that unifies the security operations center (SOC) and uses AI to help defenders operate at machine speed with Microsoft Security Copilot. Microsoft Agent 365 extends on this foundation as the control plane for agents, giving security, IT, and business teams the visibility and controls they need to govern agents at scale. Built to work together natively, these aren’t separate products that happen to integrate. They’re a single platform designed for end-to-end security in the age of AI.

Microsoft has done an excellent job developing security agents such as identity and intelligence… Microsoft is innovating as fast as tech startups in the space.” 

—Global CISO, professional services

Built to secure what comes next

The era of agentic AI doesn’t just raise the stakes for security. It changes what security should be. Alongside our customers and our partners, we’re building the future of security. Read the full Forrester Total Economic Impact™ of Microsoft Security study. Explore end-to-end Security for AI to learn how to safeguard your AI platforms, apps, and agents with comprehensive solutions.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.


1Cyber Pulse: An AI Security Report. Microsoft Security Insider.

2Gartner Identifies the Top Cybersecurity Trends for 2025,” March 3, 2025. https://www.gartner.com/en/newsroom/press-releases/2025-03-03-gartner-identifiesthe-top-cybersecuri…