Microsoft 365 is the #1 choice for organizations looking to allow users to be productive anywhere. However, with data, applications, and users moving to the cloud, visibility into user activity and data sharing can be lost. At the same time, many security teams lack the resources and expertise to assess, implement and manage the security and privacy of Microsoft 365 and Azure environments.
Unlock the Potential of the Microsoft Cloud Services
From start to finish our Microsoft security expertise to help your organization assess, define, implement, and optimize secure Microsoft environments. Our seasoned security professionals will help you develop a Microsoft security strategy that transforms your digital workplace experience while streamlining costs. Using native security capabilities in Microsoft 365 and Azure along with our proprietary solutions, we’ll help you simplify IAM and protect & control data. We’ll also improve threat visibility, help you defend against advanced threats, and maintain a robust security posture for your modern enterprise.
Secure Your Modern Workplace
We leverage native Microsoft 365 security capabilities to protect your organization from unauthorized access and identity threats while maintaining an integrated and simple user experience.
We safeguard client data automatically with Azure Information Protection while enabling user productivity and secure collaboration across devices and locations.
Detect Advanced Threats
Detect and respond to the most advanced threats in minutes—not hours or days—with our native cloud security monitoring service for Microsoft 365 and Azure environments.
Our comprehensive suite of advisory, professional, and managed security services makes the route to Microsoft 365 compliance simple and streamlined.
Consolidate your security spend onto the same technology ecosystem that powers your business.
The Kudelski Security Advantage
Trusted Security Microsoft Partner
Kudelski Security is a Microsoft Security Partner and trusted independent leader in cybersecurity.
End-to-End Secure Workplace
From gap analysis to managed security services, our Microsoft 365 and Azure expertise help you design and maintain a robust security posture as well as meet regulatory requirements
We continually refine our systems, policies, and procedures to ensure we detect and contain cyber threats no matter where they arise.
Our cutting-edge Cyber Fusion Center provides 24/7/365 protection against the latest, most advanced cyber threats.
Microsoft Security: Passwordless Authentication
A brief overview of passwordless authentication in the Azure Active Directory.
A brief overview of the information protection capabilities in Office 365.
CurveBall: Microsoft Windows CryptoAPI Spoofing Vulnerability Webcast
Kudelski Security’s Francisco Donoso, Director – Global Security Strategy, provides a brief webcast overview of CurveBall, the Microsoft Windows cryptographic API vulnerability.
You Suck at Office 365 Logging
One of the misconceptions about cloud services is that you have to surrender all control when you sign-up. While it is true that you may no longer have racks of servers with blinking lights humming away in your data center, it doesn’t mean that you no longer have any visibility into how your users use and interact with the service.
Microsoft Advisory: Microsoft Server Message Block 3 (SMBv3) Vulnerability
On March 10th, a critical Remote Code Execution (RCE) vulnerability in the Microsoft Server Message Block (SMBv3) protocol was inadvertently disclosed. The vulnerability, known as CVE-2020-0796, is caused by how newer Windows operating systems handle certain requests, specifically compressed SMBv3 packets.
CVE-2020-0601: The ChainofFools/CurveBall Attack Explained with PoC
Let us explain the flaw, and demonstrate it with a POC, which we provide along with a test website and all the code to reproduce it at home. As usual in the cryptographic community, where flaws can be far-reaching, we disclose all the details that we can and released our PoC on our Github page. (This is particularly important here, since Microsoft and the NSA did not disclose any details.)
Get in Touch
Talk to one of our experts to learn how our award-winning cyber-security services can act as a force multiplier for your your organization.