Microsoft bounty program now includes any flaw impacting its services

Microsoft now pays security researchers for finding critical vulnerabilities in any of its online services, regardless of whether the code was written by Microsoft or a third party.
Security Boulevard

Microsoft’s December Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On December 10, NSFOCUS CERT detected that Microsoft released the December Security Update patch, which fixed 57 security issues involving widely used products such as Windows, Microsoft ...

Should you stop logging in through Google and Facebook? Consider these SSO risks vs. benefits

Passkeys aren't simply an alternate way to authenticate with your favorite relying parties. Passkeys are about all users raising their personal operational security (aka "secop") to a higher level, ...
InfoWorld

Microsoft’s Dev Proxy puts APIs to the test

Building distributed apps requires specialized tools. Microsoft delivers with an API simulator that supports complex mocks ...