Microsoft has announced its intention to enhance cloud logging and improve security visibility for customers in response to the increasing frequency of nation-state cyber threats.
write to blog post Announced on July 19, 2023, the tech giant will elevate the secure-by-default baseline for cloud platforms through close collaboration with commercial and government customers and the U.S. Cybersecurity and Infrastructure Security Agency (CISA). said.
From a technical perspective, cloud logging is essential for incident response as it provides detailed and auditable insight into how different identities, applications, and devices access customer cloud services.
Data logging cannot prevent attacks, but it plays an important role in digital forensics and incident response, and helps investigate potential intrusions.
For more information on log-targeted attacks, see Infostealer Malware Surge: 670% Increase in Stolen Logs in Russian Market
As part of the effort, Microsoft has confirmed that it will extend cloud log access and flexibility for customers around the world at no additional cost. Over the next few months, customers will be able to access a wider range of cloud security logs previously only available at the premium subscription level.
In addition, the default retention period for Audit Standard customers will be extended from 90 days to 180 days.
Commercial and Government customers with E5/G5 licenses and already using Microsoft Purview Audit (Premium) can access all available audit logs, including Intelligent Insights and longer default retention periods Maintain access to events.
In a blog post, the company said the decision to expand cloud logging and make the log types needed by the broader cybersecurity community available to the broader cybersecurity community came out of working closely with. CISA.
“After more than a year of working together, we are very happy with Microsoft’s decision to provide the broader cybersecurity community with the types of logs they need at no additional cost,” said Jen Easterly, CISA Director. I commented.
“We know this will take time to implement, but this is a real step in the right direction for more companies to adopt secure-by-design principles.”
Microsoft plans to begin rolling out the log update to all government and commercial customers in September 2023. For existing and new logs, Microsoft Purview Compliance Portal.
