Microsoft provides complimentary security logs amidst criticism from the State Department due to a hack event
In a recent development, Microsoft has announced enhancements to its cloud security log features, following a series of state-linked email hacks that affected 25 of its customers, including the U.S. State Department. This move comes after days of withering criticism and calls for improved cybersecurity practices.
The announcement was made just a week after the Cybersecurity and Infrastructure Security Agency (CISA) partnered with Microsoft to provide cloud logging features by default to customers. Eric Goldstein, executive assistant director for cybersecurity at CISA, stressed the importance of having access to key logging data for swiftly mitigating cyber intrusions.
One of the significant changes includes the free provision of Microsoft Sentinel, a threat intelligence platform, to new customers. During the 31-day free trial, customers can enable Sentinel on an Azure Monitor Log Analytics workspace and ingest the first 10 GB per day of analytics logs without any cost.
Moreover, customers using Defender for Servers Plan 2 will benefit from an ongoing daily allowance of 500 MB of free data ingestion per protected server node for security-related data. This free data ingestion helps reduce costs without compromising security insights.
Microsoft has also introduced two log storage plans for Sentinel - Analytics logs and Auxiliary logs. The Analytics logs offer high-performance, active retention up to 90 days, extendable to 2 years, while the Auxiliary logs are designed for long-term, low-cost archival up to 12 years.
However, criticism of Microsoft's cybersecurity practices is not new. Adam Meyers, head of intelligence at CrowdStrike, has been critical of Microsoft's security operation for several years, labeling it as anachronistic. Following the recent state-linked email hacks, Meyers further emphasized the need for software makers to build products that are secure by design, following the public push by federal leaders.
Sen. Ron Wyden, D-Ore., also criticized Microsoft for its cybersecurity practices, stating that the company has an incentive to deliver insecure products and upsell cybersecurity add-ons. Meyers echoed similar concerns, stating that relying on one monolithic vendor for technology, products, services, and security can lead to disaster.
Despite these criticisms, the latest enhancements to Microsoft's cloud security log features provide customers with cost-effective tools for cloud security monitoring and compliance. The company's commitment to improving its cybersecurity practices is evident in its efforts to work closely with CISA and other authorities to ensure security by design, without the need for additional fees.
[1] - https://docs.microsoft.com/en-us/azure/sentinel/sentinel-free-trial [2] - https://docs.microsoft.com/en-us/defender/defender-for-cloud/defender-for-cloud-plans-and-pricing [3] - https://docs.microsoft.com/en-us/azure/sentinel/sentinel-data-ingestion [4] - https://docs.microsoft.com/en-us/azure/sentinel/sentinel-logs-architecture
- Microsoft's recent announcement about enhancements to its cloud security log features, in response to state-linked email hacks, underscores the company's growing focus on cybersecurity, a crucial aspect of technology in the modern world.
- In collaboration with the Cybersecurity and Infrastructure Security Agency (CISA), Microsoft has also introduced free access to its threat intelligence platform, Microsoft Sentinel, as part of its effort to bolster cloud security and privacy.
- The ongoing debate about Microsoft's cybersecurity practices, with critics such as Adam Meyers labeling the company's security operations as anachronistic and Sen. Ron Wyden asserting that Microsoft has an incentive to deliver insecure products, suggests a need for improved transparency and collaboration in the technology industry, especially when it comes to matters of national politics and general news.
