To help combat emerging threats, Microsoft employs an innovative Assume Breach strategy and leverages highly specialized groups of security experts, known as the Red Team, to strengthen threat detection, response and defense for its enterprise cloud services. While these practices have been in place for many years, most customers are unaware of the work being done behind the scenes to harden the Microsoft enterprise cloud. A whitepaper, released today, sheds light on how Microsoft uses Red Teaming to simulate real-world breaches, conduct continuous security monitoring and practice security incident response to validate and improve the security of Microsoft Azure and Office 365.
Red Teaming has become one of the most essential parts of developing and securing Microsoft’s cloud infrastructure, platform, and services. The Red Team takes on the role of sophisticated adversaries and allows Microsoft to validate and improve security, strengthen defenses and drive greater effectiveness of our entire cloud security program. Red Teams enable Microsoft to test breach detection and response as well as accurately measure readiness and impacts of real-world attacks.
The practice of Red Teaming is just one of the many operational processes that are used to provide best-in-class security for Microsoft Azure. Red Teaming goes above and beyond compliance accreditations, and provides Microsoft, and our customers, with the additional assurance that Microsoft is continuously performing security monitoring, testing, and updating. This helps address the constantly changing threats that both customers and Microsoft face.
For more information on security, privacy, and compliance visit the Microsoft Azure Trust Center.