Platform integrity and security overview
The Azure fleet is composed of millions of servers (hosts) with thousands more added on a daily basis. Thousands of hosts also undergo maintenance on a daily basis through reboots, operating system refreshes, or repairs. Before a host can join the fleet and begin accepting customer workloads, Microsoft verifies that the host is in a secure and trustworthy state. This verification ensures that malicious or inadvertent changes have not occurred on boot sequence components during the supply chain or maintenance workflows.
Securing Azure hardware and firmware
This series of articles describe how Microsoft ensures integrity and security of hosts through various stages in their lifecycle, from manufacturing to sunset. The articles address:
- Firmware security
- Platform code integrity
- UEFI Secure Boot
- Measured boot and host attestation
- Project Cerberus
- Encryption at rest
- Hypervisor security
Next steps
Learn how Microsoft actively partners within the cloud hardware ecosystem to drive continuous firmware security improvements.
Understand your shared responsibility in the cloud.