Post AxVDxONlFcByZFoaau by tyil@fedi.tyil.nl
 (DIR) More posts by tyil@fedi.tyil.nl
 (DIR) Post #AxNB2eVQsPIqtZXZ0i by fthy@mastodon.green
       2025-08-19T12:25:21Z
       
       0 likes, 1 repeats
       
       Microsoft openly admitting they have not(!) had MFA, network segmentation, least privilege, software lifecycle, jump-servers, asset- and software-inventory etc for Azure PROD for years and they are not there yet.This whole report is just so scary. At the same time, good that they are finally working on it and making it transparent.Source: https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcorp/microsoft/final/en-us/microsoft-brand/documents/sfi-april-2025-progress-report.pdf#Microsoft #azure #infosec
       
 (DIR) Post #AxVDxONlFcByZFoaau by tyil@fedi.tyil.nl
       2025-08-24T18:09:08.693Z
       
       0 likes, 0 repeats
       
       @fthy@mastodon.green The report isn't very scary on its own. Its scary to think that supposedly professional systems and software engineers were somehow under the impression Microsoft is trustworthy on anything. I'm pretty sure anyone who cared already knew the stuff in the report. It sure isn't the first time I'm hearing about it.