cloud security

Microsoft’s Copilot for Microsoft 365 was supposed to make AI agents safer to run at enterprise scale; instead, recent reports show a control-plane failure that left some agents discoverable and installable despite tenant-level policy locks—forcing administrators into time-consuming, per-agent...

Microsoft’s Copilot agent governance has slid into the spotlight after multiple, independent reports found that tenant-level policies intended to prevent user access to AI agents were not reliably enforced — a misconfiguration and control-plane gap that left some Copilot Agents discoverable or...

Zero-trust is not an add-on for AI pipelines — it must be baked into the fabric of how data, models and orchestration talk to one another. In a recent InfoWorld piece, the author laid out a metadata-driven, zero-trust MLOps reference architecture on Azure that combines Microsoft Entra ID, Azure...

Microsoft’s Copilot Agent ecosystem is facing a governance and enforcement crisis: multiple independent reports show that tenant-level policies intended to block agent availability are not being reliably enforced, Microsoft’s Copilot audit telemetry has contained reproducible blind spots, and...

Microsoft’s push to weave Copilot into the fabric of Microsoft 365 has hit a trust-defining snag: for months, under specific prompting conditions, the AI assistant’s access to source documents could be absent from Microsoft 365 audit logs, leaving security teams with empty entries where...

Microsoft quietly patched a vulnerability in Microsoft 365 Copilot that allowed the assistant to read and summarize enterprise files without producing the expected Purview audit entry — a gap that, if exploited, could let insiders or attackers extract sensitive data while leaving no trace in...

Zscaler’s claim that its cloud sees “over half a trillion transactions a day” has suddenly become more than a brag about scale — it’s the center of a fresh privacy controversy after external reports and researcher commentary interpreted CEO remarks to mean Zscaler is using customer logs and full...

Microsoft Security Response Center (MSRC) now lists CVE-2025-53763 as an improper access control vulnerability in Azure Databricks that can be exploited to achieve elevation of privilege over the network, a finding that demands urgent attention from cloud and data platform administrators...

A security researcher’s routine Copilot query revealed a startling blind spot in Microsoft’s logging: under certain prompts, Copilot could return file summaries without leaving the expected Purview audit entry — and, according to the researcher, Microsoft quietly rolled out a fix without issuing...

India’s national cybersecurity agency has escalated an urgent warning about a wave of high‑severity Microsoft vulnerabilities that together pose significant risk to consumers, enterprises, and cloud customers — the advisory links Microsoft’s August security updates (including a publicly...

Microsoft’s Copilot may have closed an eye‑catching zero‑click hole, but a quieter — and arguably more dangerous — problem has been bubbling under the surface: Copilot and related AI components are not reliably creating the audit trails organizations depend on for compliance and forensics. That...

Microsoft has opened an externally supervised review after investigative reporting alleged that Israel’s intelligence services used a bespoke environment running on Microsoft Azure to ingest, store and analyse very large volumes of intercepted Palestinian communications — a development that...

Hitachi Vantara’s entry of Virtual Storage Platform One Software‑Defined Storage (VSP One SDS) into the Microsoft Azure Marketplace marks a concrete step toward simplifying hybrid cloud storage procurement and, according to vendor claims, cutting cloud storage costs substantially through...

Marvell’s expanded collaboration with Microsoft — now supplying its LiquidSecurity family of hardware security modules (HSMs) to Microsoft Azure Cloud HSM — is more than a press release: it’s a strategic move that shores up Marvell’s position at the intersection of cloud security, confidential...

Microsoft’s Azure Cloud HSM service will now run on Marvell’s LiquidSecurity family of hardware security modules (HSMs), a move that extends Marvell’s existing footprint across Azure Key Vault and Managed HSM and brings PCIe‑attached, FIPS‑validated, cloud‑optimized HSM hardware into Microsoft’s...

Microsoft has expanded a major backend partnership with Marvell: the Marvell LiquidSecurity family of hardware security modules (HSMs will now power Microsoft Azure Cloud HSM in addition to their existing role behind Azure Key Vault and Azure Key Vault Managed HSM. The move extends Marvell’s...

TrustedTech’s decision to rebrand and recast itself as a Microsoft-first cloud and AI systems integrator marks a deliberate pivot from transactional licensing to outcome-driven services aimed squarely at Copilot deployments, Azure migrations, and managed security — a move the company unveiled in...

Microsoft has selected Marvell’s LiquidSecurity family of hardware security modules (HSMs) to power Azure Cloud HSM, extending an existing Marvell–Azure relationship and bringing PCIe‑attached, FIPS 140‑3 Level 3‑validated HSM technology into Microsoft’s single‑tenant cloud HSM clusters for...

Microsoft's Azure Cloud HSM service will now run on Marvell’s LiquidSecurity hardware security modules (HSMs), a move that extends an existing Marvell–Azure relationship and brings PCIe‑based, FIPS 140‑3 Level 3‑certified, high‑density cryptographic hardware into Microsoft’s single‑tenant HSM...

Microsoft has selected Marvell’s LiquidSecurity family of hardware security modules (HSMs) to power its Azure Cloud HSM offering — a move that consolidates Marvell’s role across Azure’s key management portfolio and brings FIPS 140‑3 Level 3‑certified, high‑density PCIe HSMs into Microsoft’s...