MonAideCyber, la start-up d'État qui aide les organisations peu matures à sécuriser leurs systèmes
Incubée au sein de l'Anssi, la start-up publique MonAideCyber s'adresse aux organisations peu expérimentées dans la sécurisation de leurs...-Cybersécurité
Explore the key differences between human and non-human identities in cloud security, focusing on their behaviors, interactions, and management strategies.
Microsoft is reporting that its AI systems are able to find new vulnerabilities in source code: Microsoft discovered eleven vulnerabilities in GRUB2, including integer and buffer overflows in filesystem parsers, command flaws, and a side-channel in cryptographic comparison. Additionally, 9 buffer overflows in parsing SquashFS, EXT4, CramFS, JFFS2, and symlinks were discovered in U-Boot and Barebox, which require physical access to exploit. The newly discovered flaws impact devices relying on UEFI Secure Boot, and if the right conditions are met, attackers can bypass security protections to execute arbitrary code on the device...
Google Cloud: Top 5 Priorities for Cybersecurity Leaders Today
Experts at the Google Cloud Next event set out how security teams need to adapt their focuses in the wake of trends such as rising cyber-attacks and advances in AI
Friday Squid Blogging: Squid and Efficient Solar Tech - Schneier on Security
Researchers are trying to use squid color-changing biochemistry for solar tech. This appears to be new and related research to a 2019 squid post. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.
Imagine that all of us—all of society—have landed on some alien planet and need to form a government: clean slate. We do not have any legacy systems from the United States or any other country. We do not have any special or unique interests to perturb our thinking. How would we govern ourselves? It is unlikely that we would use the systems we have today. Modern representative democracy was the best form of government that eighteenth-century technology could invent. The twenty-first century is very different: scientifically, technically, and philosophically. For example, eighteenth-century democracy was designed under the assumption that travel and communications were both hard...
The Ultimate Guide to Microsoft Security at RSAC 2025
So you just finished watching Microsoft Secure. That means by now, you’ve heard about our new protections for AI and Microsoft Security Copilot agents. These innovations will be the focus of Microsoft Security’s sessions and activities at RSACTM 2025 Conference (RSAC 2025).
The can’t-miss conference is just around the corner. Microsoft Security is bringing an exciting lineup of sessions, expert panels, and exclusive networking opportunities to empower security professionals in the era of AI. Our entire presence at RSAC 2025 is designed to help you boost your AI skills so you can stay ahead of threats and manage security more effectively.
Whether you're interested in protecting all your AI investments, AI-driven security, threat intelligence, or securing cloud environments, we’ve got something for you. To help you plan your time from Sunday, April 27 to Thursday, May 1, 2025, in San Francisco, here’s a quick and easy guide to all the key Microsoft Security moments at RSAC 2025.
Microsoft Security Event Schedule at RSAC 2025
🔹 Sunday, April 27
📍 Microsoft Pre-Day | 4:00 PM – 6:00 PM | Palace Hotel
For the fourth year in a row, Microsoft Pre-Day kicks off the full lineup of Microsoft events and activities throughout RSAC 2025. We will host these at the Microsoft Security Hub at Palace Hotel, just a short walk from Moscone Center.
Hear directly from Microsoft Security leaders as they share reporting on emerging cyberthreat trends and the product innovations designed to protect against them. See the lineup below:
Vasu Jakkal, Corporate Vice President (CVP), Microsoft Security Business
Charlie Bell, Executive Vice President, Microsoft Security
Sherrod DeGrippo, Director of Threat Intelligence Strategy
Dorothy Li, Corporate Vice President (CVP), Microsoft Security Copilot
Ann Johnson, Corporate Vice President (CVP) and Deputy CISO
And more.
Register for Pre-Day today.
📍 Networking Reception | 6:00 PM – 8:30 PM | Microsoft Security Hub, Palace Hotel, Second Floor
Stick around after Microsoft Pre-Day to attend the Networking Reception—a lively evening designed to connect with the security community, engage with Microsoft leaders, and exchange ideas in a relaxed atmosphere. It’s the perfect way to kick off an inspiring week at RSAC 2025.
🔹 Monday, April 28 – Zeroing in on Innovation
On Monday we ease into things by focusing on what’s new all around. We’ll share lots of goodness about agents and our new innovations announced in March.
🕹️Security Demo Experience at the Microsoft Security Booth #5744 | All day, every day | Moscone Center North Expo Hall
Monday is the first day to explore the show floor. Stop by the Microsoft Security Booth #5744 in Moscone Center North Expo Hall to explore live demos, meet Microsoft Security experts, and get hands-on with the latest tools.
Become a defender against cyber threats in a fast-paced, interactive game. You'll be a part of a mission, navigating realistic incident response scenarios using Microsoft Security solutions, including our new AI Agents. Engage in quick skill challenges and wrap up with expert insights. Are you ready to beat the bad actors?
🎤 Keynote: Security in the Age of Agentic AI | 4:40 PM | Moscone Center (West Stage)
Agentic workflows will dramatically reshape what is possible in security. By enabling more complex problem-solving, agent collaboration, and iterative learning, agentic AI will empower a new paradigm for security that was once the domain of science fiction. Vasu Jakkal will take an imaginative look at the future of security AI agents, and the very human-driven way they will change the game.
🔑 Microsoft Sessions at RSAC 2025 | All day | Moscone Center
Our top Microsoft Security experts were chosen by RSAC to share their insights and best practices to help you level up your own security strategy. These sessions are designed for learning, not selling. So, you’ll hear more about what’s happening in the security space and less about products.
Practical Strategies for Security Architecture in a Changing World @ 8:30 AM – 9:20 AM
This session will delve into the core pillars of security architecture and share practical strategies that uphold foundational principles. Will discuss holistic system thinking and provide a practical playbook for navigating the complexities of security architecture while maintaining a focus on the fundamentals and essential considerations for a secure digital environment.
Speaker: Abhilasha Bhargav-Spantzel, Partner Security Architect, Microsoft
RSAC™ Innovation Sandbox @ 9:30 AM – 12:40 PM
Ten of cybersecurity’s boldest new innovators compete in Innovation Sandbox for the title of “Most Innovative Startup.” ISB celebrates 20 years & spotlights startups with potentially game-changing ideas. The Finalists have 3 minutes to share groundbreaking products & solutions with a panel of judges. Interact first-hand with these companies as the judges deliberate before the winner is crowned.
Speakers: Christopher Young, Executive Vice President, Business Development, Strategy and Ventures, Microsoft; David Chan, Managing Director, Morgan Stanley; Dorit Dor, Chief Technology Officer, Check Point Software Technologies; Niloofar Razi Howe, Operating Partner, Capitol Meridian Partners; Hugh Thompson, Executive Chairman & RSAC™ Conference Program Committee Chair, RSAC; Paul Kocher, Researcher, Independent Researcher; and Nasrin Rezai, SVP & CISO, Verizon
AI Era Authentication: Securing the Future with Inclusive Identity @ 1:10 PM – 2:00 PM
This session explores the security and usability risks of authentication techniques for users with diverse needs. Emergence of AI agents, a new user identity acting on our behalf, also necessitates a rethink of authentication methods. Discover AI-era authentication using sensors like location and behavior and learn about the shift from active to passive authentication with prototypes in action.
Speakers: Abhilasha Bhargav-Spantzel, Partner Security Architect, Microsoft and Aditi Shah, Senior Data & Applied Scientist, Microsoft
DPRK Remote IT Workers – Have You Hired One and Are You at Risk? @ 2:20 PM – 3:10 PM
The DPRK actively deploys remote IT workers to generate revenue for the regime while circumventing sanctions. DPRK IT workers pose risks to companies, including insider access, potential intellectual property theft, and exposure to other malicious cyber activity. This panel will discuss best practices for identifying and preventing the hiring of DPRK IT workers.
Speakers: Greg Schloemer, Senior Threat Intelligence Analyst, Microsoft; Elizabeth Pelker, Special Agent, FBI; Chris Horne, Director, Trust & Safety Intelligence & Investigations, Upwork; Adam Meyers, SVP Intelligence, CrowdStrike; and Bryan Vorndran, Assistant Director, FBI
💡 Microsoft Expert Sessions | All day Monday - Wednesday | Microsoft Security Hub at the Palace Hotel (Second Floor)
Don’t miss our deep-dive sessions happening at the Microsoft Security Hub. Build your AI cybersecurity skills as Microsoft Security experts will share what they've learned and provide insights you can apply in your own organization.
Harnessing Diversity – Strengthening the Cybersecurity Workforce in the Age of AI @ 10:30AM – 11:30AM
Speakers: Amanda Minnich, Principal Research Manager, Microsoft; Nicole Ford VP, Customer Security Officer, Microsoft; Kyla Guru, Founder/CEO, Bits N' Bytes Cybersecurity Education; Tanell Ford, Assistant General Counsel, Microsoft; and Sherrod Degrippo, Directory of Threat Intelligence Strategy, Microsoft
Reshaping SecOps for the Cloud AI Era @ 10:30AM – 11:30AM
Speakers: Scott Woodbridge, General Manager, Product Marketing, Microsoft and Corina Feuerstein, Principal Product Manager for Copilot in Defender and Sentinel
Practical use of CoPilot AutoFix to address Security Backlog @ 12:00PM – 1:30PM
Speakers: Alexis Wales, CISO, GitHub and Marcelo Oliveira, VP, Product Management, GitHub
Executive Lunch: Scaling Compliance for Global Regulations @ 12:00PM – 1:30PM
Speakers: Bret Arsenault, CVP, Chief Cybersecurity Advisor, Microsoft
💻Theatre Sessions | Location: Microsoft Security Booth #5744
Here’s where we talk products. These 15-20 minute informal, come-and-go sessions run all day at the Microsoft Security booth. They’re demo-heavy product showcases to help you learn how to better use the tools you’ve got now.
Identity Security in the Era of AI with Security Copilot @ 5:35PM – 5:55 PM
Security Copilot Agents: Autonomous, adaptive, with you in control @ 6:05PM – 6:25 PM
From Risk to Resilience: The Next Evolution in Multicloud Security @ 6:35 PM– 6:55PM
🏆MISA Awards| Location: Microsoft Security Hub at the Palace Hotel (Second Floor)
It’s time to suit up in heroic attire for an epic celebration at the 6th annual Microsoft Security Excellence Awards! Just like the Avengers, assembling to save the world, we’re coming together to honor the extraordinary achievements of our MISA members who work so diligently to protect customers from external threats! Congratulations to the incredible finalists for the sixth annual Microsoft Security Excellence Awards presented by MISA!
🤝 Customer Meetings | Location: Microsoft Security Hub at the Palace Hotel (Second Floor)
Take advantage of the opportunity to connect with Microsoft Security experts and enhance your cybersecurity knowledge. From April 28 to April 30, 2025 customers and CISOs can schedule one-on-one meetings at the Palace Hotel to discuss your most pressing security product a...
Nakasone on Cyber Command, NSA firings and the future of the ‘dual-hat’ relationship
Nakasone said he didn’t know “what really occurred” and has not spoken to either Haugh or Noble since the presidential decisions were made, but he lauded both of them as “extraordinary leaders."
Martin delves into how threat actors exploit chaos, offering insights from Talos' 2024 Year in Review on how to fortify defenses against evolving email lures and frequently targeted vulnerabilities, even amidst economic disruption.
Hackers exploit WordPress plugin auth bypass hours after disclosure
Hackers started exploiting a high-severity flaw that allows bypassing authentication in the OttoKit (formerly SureTriggers) plugin for WordPress just hours after public disclosure.
