Microsoft SFI Report: 99.97% Phishing-Resistant MFA, PQC by 2029

Microsoft’s July 10, 2026 Secure Future Initiative progress report says the company has pushed phishing-resistant multifactor authentication to 99.97% of user/device pairs, removed public exposure from more than 732,000 resources, expanded AI-led vulnerability discovery, and set a 2029 post-quantum transition target for critical products and services. The numbers are enormous, but the report’s real argument is architectural: Microsoft believes modern security failures emerge from combinations of weak identity, exposed infrastructure, stale software, permissive build systems, and fragmented detection—not from one missing patch. Two years into the Secure Future Initiative, Microsoft is trying to replace periodic hardening campaigns with a continuously enforced security operating model. The unanswered question is whether its measurements demonstrate durable risk reduction or merely extraordinary activity inside an extraordinary estate.

Futuristic cybersecurity dashboard featuring cloud protection, biometrics, encryption, AI, and secure data systems.Microsoft Is Turning Security from a Campaign into an Operating System​

Microsoft opens the July report with a blunt premise: “Security is never finished.” It is familiar corporate language, but the substance behind it marks an important change from conventional security programs, which often organize work around audits, remediation deadlines, maturity targets, and temporary executive attention.
The Secure Future Initiative, or SFI, instead treats security as a permanent system of engineering constraints. The latest report groups that system into three themes—secure foundations, proactive defense, and future-ready security—while tying them to culture, governance, engineering principles, and customer-facing defaults.
That structure matters because Microsoft’s estate is too large to secure through heroic intervention. Manual reviews, one-off cleanups, and individual product teams cannot reliably govern millions of applications, resources, pipelines, identities, package sources, containers, and cryptographic dependencies. At Microsoft’s scale, a control that depends on someone remembering to apply it is already a control waiting to fail.
The strongest parts of the report are therefore not the raw cleanup totals. They are the examples in which Microsoft says it has converted security decisions into defaults: pipelines blocked from unapproved package endpoints, public access removed from resources, unused applications decommissioned, credentials isolated across boundaries, and phishing-resistant authentication applied to almost every user/device pair.
This is security as infrastructure rather than instruction. Instead of repeatedly telling engineers to avoid dangerous configurations, Microsoft is attempting to make those configurations difficult or impossible to create. Instead of waiting for an audit to find drift, it wants controls continuously evaluating whether production still matches the intended security state.
The three themes are distinct, but the report presents them as a chain rather than a collection of projects.
SFI themeImmediate objectiveReported evidencePractical effect
Secure foundationsReduce exposure and constrain access99.97% phishing-resistant MFA coverage; more than 732,000 resources stripped of public access; 1.4 million unused apps removedFewer identities, assets, and pathways available to an attacker
Proactive defenseDiscover and remediate composite weaknesses earlierMore than 90% of AI-system findings confirmed; more than 350 total detections; over 550,000 high-risk open-source vulnerabilities remediatedFaster prioritization and greater remediation throughput
Future-ready securityPrepare systems before emerging risks become operational crisesPQC measured as an engineering requirement; ML-KEM and ML-DSA available across major platforms; critical-product transition targeted by 2029Earlier cryptographic migration and less dependence on a last-minute conversion
The table also exposes the central dependency in Microsoft’s strategy. AI-led discovery cannot compensate for uncontrolled identities and assets, while a hardened current estate cannot protect long-lived data from future cryptographic failure. Each layer assumes that the others are functioning.

The Most Important Number Is 99.97%, but Not for the Obvious Reason​

Phishing-resistant multifactor authentication now protects 99.97% of Microsoft user/device pairs, according to the report. That is close enough to universal coverage to function as a corporate baseline, but not close enough to let Microsoft declare identity security complete.
Traditional MFA can still leave room for interception, social engineering, approval fatigue, and adversary-in-the-middle attacks. Microsoft’s own SFI guidance treats phishing-resistant methods as the new minimum, using cryptographic credentials and controlled enrollment rather than relying on a code or prompt that a user can be tricked into surrendering.
The critical phrase is user/device pairs. Microsoft is not describing authentication as a property of the user alone; it is binding identity assurance to the device context from which access occurs. For administrators, that distinction points toward a broader operational model in which credentials, endpoint state, Conditional Access rules, onboarding, recovery, and account lifecycle controls must be designed together.
Reaching 99.97% also illustrates the asymmetry of enterprise security. The first broad wave of deployment can be accomplished through mandates, supported platforms, and standardized workflows. The final fraction tends to contain the awkward cases: unusual devices, legacy dependencies, recovery paths, external access, service-like user accounts, emergency procedures, and systems that cannot easily participate in modern authentication.
Microsoft does not claim that the remaining fraction has caused a compromise. It does, however, implicitly acknowledge that near-total coverage is not the same as eliminating identity risk. A sophisticated attacker does not average protections across the estate; the attacker looks for the exception.
This is why Microsoft’s guidance to eliminate legacy authentication protocols is at least as important as the headline percentage. Strong authentication at the front door offers limited comfort if another protocol, automation account, forgotten tenant, or recovery workflow provides a weaker side entrance.
For Windows-focused organizations, phishing resistance is also no longer merely an identity-team project. Device enrollment, Windows Hello deployments, passkey support, account recovery, remote onboarding, help-desk verification, privileged access, and application compatibility all become part of the same control plane.
The practical lesson is not that every organization must immediately reproduce Microsoft’s percentage. It is that administrators should stop reporting “MFA enabled” as if all MFA methods offered equivalent protection. The useful measurements are which authentication methods are allowed, where weaker methods remain, how credentials are registered and recovered, and whether policy actually rejects noncompliant access.

Microsoft Is Reducing Risk by Deleting Things​

The least glamorous numbers in the report may be the most persuasive. Microsoft says it decommissioned 1.4 million unused applications, revoked public access from more than 732,000 resources, and expanded network isolation across 1 million resources.
Security organizations frequently describe improvement in terms of new products, new detections, and new policy layers. Microsoft’s report instead gives substantial weight to subtraction: fewer applications, fewer publicly reachable resources, fewer unapproved dependencies, and fewer credentials crossing boundaries.
That is significant because old applications and forgotten resources are not neutral. They preserve permissions, secrets, endpoints, dependencies, ownership ambiguities, and assumptions about networks that may no longer exist. Even when dormant, they expand the search space defenders must monitor and the opportunity space attackers can explore.
Removing 1.4 million unused applications is therefore more than an estate-cleanliness exercise. It reduces the number of objects that can hold excessive privilege, retain stale credentials, expose an abandoned endpoint, or complicate incident response. It also reduces the chance that an emergency investigation will be slowed by uncertainty over whether a mysterious application is critical, obsolete, or malicious.
Revoking public access from more than 732,000 resources applies the same logic at the network boundary. Public reachability is not automatically a vulnerability, but it creates an opportunity for probing and exploitation. When a resource does not need internet exposure, removing that exposure prevents entire classes of attack traffic from reaching the service in the first place.
Network isolation across 1 million resources then limits what happens after an attacker gains an initial foothold. Segmentation does not guarantee that compromise will be contained, but it can narrow the blast radius by reducing the number of systems directly reachable from the compromised point.
Microsoft also reports 98.7% cross-boundary credential isolation. The operational goal is to prevent a credential valid in one security zone from becoming a convenient bridge into another, particularly when production, development, administrative, or service boundaries are supposed to limit lateral movement.
These figures should not be read as interchangeable accomplishments. Removing public access reduces exposure; application retirement reduces stale attack surface; network isolation constrains movement; credential isolation limits authority across boundaries. Their value comes from being layered.
Microsoft makes that argument explicitly: identity informs access governance, governance informs segmentation, segmentation constrains blast radius, and engineering defaults reduce what enters production. A company may perform well on any single measure and still remain exposed if the controls around it do not reinforce the result.

Software Supply-Chain Security Moves into the Pipeline​

Microsoft says engineering defaults now prevent 83% of pipelines from accessing unapproved package endpoints. This may be one of the clearest examples of SFI turning policy into an enforceable technical boundary.
Modern software builds routinely retrieve components from external repositories, internal feeds, mirrors, registries, and language-specific package services. That convenience creates risk when developers can unknowingly retrieve a malicious package, depend on an ungoverned source, or build software from components that bypass normal review and inventory processes.
A written rule telling developers to use approved sources will inevitably be applied inconsistently. A pipeline default that blocks access to unapproved endpoints changes the economics of the problem: the secure path becomes ordinary, while exceptions become visible and must be justified.
The 83% figure also leaves an important gap. Microsoft does not say that every remaining pipeline is unsafe, and some may require exceptions for legitimate engineering reasons. But the uncovered portion should matter to administrators because build systems are unusually valuable targets: they sit between source code, dependencies, credentials, artifacts, signing processes, and production deployment.
Pipeline coverage also demonstrates why percentage-based reporting needs context. An unprotected low-impact test pipeline and an unprotected pipeline capable of producing a critical cloud service are not equivalent. The next level of useful disclosure would distinguish broad coverage from risk-weighted coverage, showing whether the remaining exceptions are concentrated in low-risk or high-consequence systems.
Even without that detail, the direction is sound. Software supply-chain controls work best when package governance, dependency inventory, vulnerability scanning, secret management, provenance, access control, and deployment authorization reinforce one another. Blocking unapproved endpoints closes one route, but organizations still need to know what approved repositories contain and how their contents reach production.

AI Is Being Asked to Find the Attack Path, Not Just the Bug​

The report’s most ambitious claim concerns a multi-agent AI assessment system that examines cloud-service source code, identity configuration, network topology, and runtime state together. Microsoft says more than 90% of the findings reviewed through this system were confirmed by its security engineers.
The idea is more important than the branding. Most security tools divide an environment into analytical layers: source scanners inspect code, identity tools inspect permissions, network systems inspect connectivity, and runtime platforms inspect active behavior. Attackers do not respect those product boundaries.
A moderate code weakness may become critical only when paired with an overprivileged identity. A configuration error may be harmless on an isolated service but dangerous when the service is internet-accessible. A credential may be properly restricted in theory yet exploitable through a runtime path that the identity review never considered.
Microsoft’s multi-agent approach is designed to assemble those relationships into composite attack paths. That is a sensible use of AI because the challenge is not simply detecting more individual anomalies; it is reasoning over a volume of interacting state that quickly overwhelms manual review.
The reported confirmation rate of more than 90% is encouraging, though it should be interpreted carefully. The report does not provide enough methodological detail to treat that figure as a universal accuracy benchmark. Confirmation depends on what qualifies as a finding, which services were assessed, how candidates were selected, how engineers adjudicated them, and whether the system omitted important weaknesses.
A high confirmation rate could indicate that the system is producing unusually relevant findings. It could also reflect a conservative threshold that prioritizes precision over breadth. Without recall data—the weaknesses the system failed to find—readers cannot determine its total detection capability.
Still, the claim matters operationally. Security teams already suffer from alert and vulnerability backlogs whose size exceeds their capacity to investigate. A system that produces fewer but better-contextualized findings could be more useful than one that identifies every theoretical issue without explaining how it becomes exploitable.
The deeper shift is from vulnerability counting to path prioritization. An organization may have thousands of weaknesses and only a much smaller set of plausible routes to high-value systems. If AI can reliably identify those routes, it can help defenders spend scarce engineering time on the combinations that create real exposure.

MDASH Makes AI Part of Microsoft’s Security Production Line​

Microsoft identifies MDASH as its multi-model agentic scanning system for finding, validating, and prioritizing source-code vulnerabilities at scale. The broader multi-agent assessment system builds on that code-scanning foundation by adding identity, configuration, network, and runtime context.
That distinction prevents MDASH from being mistaken for the entire strategy. MDASH examines the software layer; the newer assessment model attempts to understand the deployed service as a connected system. In security terms, one searches for defects while the other tries to determine how defects, permissions, exposure, and live state combine.
The reported use of security engineers to confirm findings is essential. AI-generated security output cannot safely become an autonomous remediation queue merely because it sounds technically plausible. False positives consume engineering time, while an incorrectly prioritized fix can introduce availability problems or distract teams from a more consequential path.
More than 90% confirmation suggests that Microsoft has found a productive human-machine division of labor: agents perform broad correlation and candidate discovery, while experienced reviewers validate the result. The system’s value comes not from removing humans but from directing their attention.
There is nevertheless a new governance problem. As AI becomes embedded in vulnerability discovery, organizations must evaluate the assessment system itself: what code and configuration it can access, how findings are protected, how models are updated, whether prompts and tool calls can be manipulated, and how decisions are logged for review.
An AI security agent with visibility into source code, identities, network topology, and runtime state is powerful precisely because it has access to a highly sensitive map of the environment. Protecting that map and the system that interprets it becomes part of the security architecture.
This is the paradox at the center of AI-led defense. The more context an agent receives, the more useful its analysis may become—and the more damaging its compromise or misuse could be. Context improves detection while increasing the value of the detector as a target.

Detection Is Shifting from Signatures to Behavior​

Microsoft says it added more than 100 detections during the year, bringing the total to more than 350, with emphasis moving from signature-based detection toward behavioral and baseline-driven methods.
Signature detection remains useful when malicious code, infrastructure, or activity is already known. Its weakness is that attackers can alter observable details while preserving the underlying behavior. Baseline-driven detection instead asks whether an identity, workload, service, or network relationship is behaving differently from its established pattern.
This approach is particularly relevant in cloud environments, where legitimate administrative tools and APIs can be abused without deploying recognizable malware. The malicious action may consist of an unusual sequence of otherwise valid operations: authenticating through an unexpected route, querying sensitive resources, modifying policy, creating persistence, or moving data.
Behavioral detection is not automatically better. Poor baselines can convert normal change into noise, and highly variable systems may be difficult to model. Attackers may also operate slowly enough to blend into accepted patterns or use compromised privileged accounts whose actions appear superficially legitimate.
The report’s emphasis nonetheless aligns with the larger SFI thesis. Static controls and signatures address known states; continuous validation and behavioral analysis look for changing relationships. As Microsoft automates more of its estate, its monitoring must become capable of recognizing not only known bad artifacts but dangerous deviations inside authorized systems.
The total number of detections should therefore not be interpreted as a score. One high-quality detection for a consequential attack path can be more valuable than dozens of narrowly scoped rules. Administrators should focus on coverage, validation, response integration, and signal quality rather than simply counting analytics.

Vulnerability Management Becomes an Industrial Process​

Microsoft reports remediating more than 550,000 critical and high-risk open-source vulnerabilities. It also says automation patches about 3 million container vulnerabilities per month.
At first glance, those figures demonstrate scale. At second glance, they reveal the uncomfortable condition of contemporary software: vulnerabilities are being discovered and reproduced across dependencies at a rate that makes purely manual remediation impossible.
A single vulnerable component can appear in many images, versions, services, and deployment environments. The same underlying defect may therefore generate a vast number of vulnerable container instances. A monthly patch figure in the millions does not necessarily mean millions of unique flaws; it shows how dependency reuse multiplies remediation work across an estate.
Automation is the only plausible response at that volume, but successful automation requires more than applying a newer package. Teams must rebuild artifacts, test compatibility, preserve provenance, deploy updates, verify the running state, and detect workloads that remain on an obsolete image.
There is also a risk in celebrating throughput without measuring recurrence. If vulnerable components are repeatedly reintroduced by old templates, abandoned branches, stale base images, or ungoverned package sources, patch automation can become a conveyor belt that treats the symptom while the build system recreates the problem.
This is where the pipeline restriction and application-retirement figures connect to the vulnerability totals. Approved package endpoints can reduce dependency chaos; removing unused applications shrinks the patching population; automated container remediation addresses vulnerable instances; AI assessment helps identify which combinations produce serious exposure.
The numbers become persuasive when read as a closed loop: control what enters, inventory what exists, remove what is no longer needed, patch what remains, and verify the deployed result. Any organization borrowing Microsoft’s model should copy that loop rather than fixating on Microsoft-sized remediation counts.

Quantum Readiness Is No Longer a Research-Side Concern​

The most forward-looking part of the report is Microsoft’s goal of transitioning critical products and services to post-quantum cryptography by 2029. PQC is now described as an SFI-measured engineering requirement, with work covering network traffic, data stored at rest, and modernization of trust chains.
Outside coverage, including TechRadar’s reporting, has understandably emphasized the accelerated quantum timeline. But the immediate significance is not that a cryptographically relevant quantum computer has suddenly appeared. It is that Microsoft is moving post-quantum preparation into the same measured engineering structure it uses for identity, isolation, pipelines, detection, and remediation.
The risk is summarized by the phrase “harvest now, decrypt later.” An adversary may capture encrypted information today and retain it until future computing capability makes decryption practical. Data with a long sensitivity period therefore faces a risk before the machine capable of breaking its protection exists.
This changes the migration calculation. Organizations cannot wait for a definitive quantum-breaking event and then begin discovering where cryptography is embedded. Certificates, protocols, libraries, devices, signing systems, trust stores, hardware, archives, applications, vendors, and regulatory requirements can make algorithm changes slow and operationally dangerous.
Microsoft says the Microsoft Quantum Safe Program is accelerating that work, and that ML-KEM and ML-DSA are available across major platforms. Their availability is a starting point, not proof that every product, protocol, dependency, or customer workload has completed a safe transition.
The hard problem is cryptographic agility: knowing where algorithms are used and being able to replace them without redesigning the entire system. Many organizations cannot currently produce a complete inventory of certificates and keys, much less map which applications depend on a particular algorithm or library.
The 2029 target gives IT departments a planning horizon, but it should not be mistaken for permission to postpone action. Systems procured, designed, or renewed today may still be operating when post-quantum support becomes mandatory. Contracts signed without migration provisions can preserve a future blocker for years.
The first administrative task is therefore discovery, not immediate wholesale replacement. Organizations need to identify cryptographic dependencies, determine how long protected data must remain confidential, establish ownership, assess vendor roadmaps, and prioritize systems whose migration will be slowest.
Microsoft’s own decision to make PQC an SFI measurement is instructive. Security programs tend to prioritize work that appears on executive scorecards. By converting quantum readiness from research into a measured obligation, Microsoft is attempting to force product teams to account for it before an emergency deadline arrives.

Secure Defaults Finally Reach the Customer Boundary​

Microsoft’s report points to Microsoft 365 Baseline Security Mode as an example of translating SFI’s principles into a customer-facing secure-by-default configuration. It says the mode can be enabled at no additional cost.
The pricing detail matters because security defaults lose much of their force when the practical control is placed behind another license boundary. A baseline that organizations can enable without purchasing an additional tier lowers one barrier, although administrators must still evaluate operational effects, compatibility, policy overlap, and rollout procedures.
Secure defaults are also more consequential than optional recommendations. Documentation can explain the ideal configuration, but many tenants retain old settings because administrators lack time, expertise, confidence, or authority to change them. A product-level baseline can convert a large body of guidance into a repeatable starting state.
That does not eliminate the need for tenant-specific design. A baseline cannot understand every business workflow, regulatory obligation, external collaboration model, legacy application, or exception. It should be treated as a minimum posture and a mechanism for reducing common configuration mistakes, not as a complete security architecture.
The wider SFI message is that customer trust ultimately depends on what products do by default. Microsoft can harden its internal environment, but Windows and Microsoft 365 administrators experience the initiative through authentication requirements, management controls, product behavior, telemetry, configuration baselines, and the cost of operating them.
This is where Microsoft’s promises should be judged most closely. Internal progress figures are valuable, yet the durable test is whether customers receive safer products without needing to discover, purchase, and assemble every essential control themselves.

Governance Remains the Human Control Plane​

More than 99% of Microsoft’s full-time employees completed mandatory Trust Code training, according to the report. Microsoft also points to its Deputy Chief Information Security Officer structure and centralized risk register as mechanisms for distributing accountability.
Training completion is easy to measure and difficult to interpret. It demonstrates reach, but it does not by itself prove that employees recognize risk, make better engineering decisions, escalate problems, or resist pressure to ship insecure systems.
Governance provides the missing enforcement layer. Deputy CISO accountability can connect central security objectives to individual business and engineering organizations, while a centralized risk register gives leadership a shared view of unresolved issues. The value lies in whether risks receive owners, deadlines, resources, and escalation—not merely whether they are documented.
Microsoft’s principles—secure by design, secure by default, and secure in operations—also describe three different failure points. A product can be well designed but ship with weak defaults. It can ship securely but drift into danger during operation. It can be operated carefully while retaining a fundamental architectural weakness.
No scanner, agent, or baseline can resolve conflicts between security and delivery priorities on its own. Those conflicts require executives and engineering leaders to decide which risks are acceptable, which deadlines must move, and which legacy systems should be retired rather than indefinitely protected through compensating controls.
“Security is a team sport,” Microsoft says near the end of the report. The phrase is accurate, provided it does not blur ownership. Team responsibility works only when specific people remain accountable for specific decisions.

Action checklist for admins​

  • Measure phishing-resistant authentication coverage separately from generic MFA enrollment, and identify every remaining weaker or legacy sign-in path.
  • Inventory and classify tenants, applications, public resources, service identities, package sources, build pipelines, container images, and cryptographic dependencies.
  • Remove unused applications and unnecessary public exposure before purchasing additional monitoring for assets that should not exist or be reachable.
  • Apply network and credential isolation around critical systems, then test whether compromised identities can cross intended boundaries.
  • Restrict engineering pipelines to approved package endpoints and establish a documented, reviewable exception process.
  • Correlate identity, source-code, configuration, network, and runtime findings so remediation is prioritized by attack path rather than isolated severity.
  • Evaluate Microsoft 365 Baseline Security Mode in a controlled deployment and document any necessary deviations.
  • Begin a PQC readiness program now, assigning owners for cryptographic inventory, vendor dependencies, data-longevity analysis, and migration testing.

Microsoft Has Demonstrated Scale, Not Invulnerability​

The July report offers substantial evidence that SFI is producing measurable changes. Near-universal phishing-resistant authentication, large-scale resource isolation, mass application retirement, pipeline restrictions, automated vulnerability remediation, AI-assisted assessment, and a scheduled post-quantum transition are not cosmetic policy updates.
Yet the figures are primarily Microsoft’s own measurements of its own program. The report does not provide the detail needed to translate every percentage into an independently comparable reduction in incidents, attacker dwell time, customer impact, or exploitable pathways.
That limitation does not make the measurements meaningless. Internal security engineering must be managed through leading indicators long before the absence of a breach can be interpreted as success. Identity coverage, public exposure, segmentation, pipeline enforcement, detection deployment, and remediation throughput are legitimate operational measures.
But large totals can create an illusion of completeness. Revoking public access from hundreds of thousands of resources says nothing about the importance of any remaining exposed resource. Patching millions of container vulnerabilities does not prove that obsolete images cannot be redeployed. Confirming more than 90% of AI-generated findings does not reveal what the AI missed.
The most useful next step would be risk-weighted reporting. Readers need to know not only how many assets are covered, but whether the uncovered fraction contains critical services; not only how many vulnerabilities were repaired, but whether recurrence declined; not only how many detections exist, but whether they shortened meaningful investigations.
SFI should therefore be viewed as a security production system rather than a certificate of safety. Its credibility will depend on whether Microsoft continues publishing measurements, explains changes in methodology, identifies where targets remain incomplete, and shows that improvements survive product churn and organizational pressure.

The Measures Worth Carrying into Your Own Estate​

Microsoft’s scale is unusual, but the operating principles in the report apply to far smaller environments. The valuable lesson is not to imitate the size of its numbers; it is to connect controls so that each one reduces the burden on the next.
  • Treat phishing-resistant authentication as the baseline, not an optional enhancement to generic MFA.
  • Delete unused identities, applications, tenants, resources, and images before trying to monitor them forever.
  • Convert security guidance into enforced defaults wherever possible, especially in build and deployment systems.
  • Prioritize combinations of identity, code, configuration, network, and runtime risk over isolated vulnerability counts.
  • Automate remediation, but verify that vulnerable components are not being reintroduced upstream.
  • Start cryptographic inventory and PQC planning before quantum migration becomes a deadline-driven emergency.
Microsoft’s most consequential claim is not that any one of these controls solves security. It is that their compounding effect leaves attackers with fewer viable paths while giving defenders stronger signals and better priorities.
The July 2026 SFI report is strongest when it shows Microsoft replacing discretion with durable engineering boundaries, and weakest where enormous activity figures still lack risk-weighted context. If the company sustains that shift, extends secure defaults to customers, and treats the remaining fractions as seriously as the completed majority, SFI may become more than a response to past failures: it may become the mechanism by which Microsoft prevents its next generation of platforms—AI-driven, cloud-scale, and eventually quantum-safe—from inheriting the same structural weaknesses.

References​

  1. Primary source: Microsoft
    Published: 2026-07-10T17:10:22.381046
  2. Related coverage: techradar.com
  3. Official source: learn.microsoft.com
  4. Official source: quantum.microsoft.com
  5. Official source: techcommunity.microsoft.com
  6. Official source: cdn-dynmedia-1.microsoft.com
  1. Related coverage: assets.beyondtrust.com
  2. Related coverage: axios.com
 

Back
Top