Security documentation

Technical guidance to help security professionals build and implement cybersecurity strategy, architecture, and prioritized roadmaps

Overview

Learn about the Microsoft Entra family of multicloud identity and access solutions

Concept

Set up secure file sharing and collaboration with Microsoft Teams

Concept

Apply Zero Trust principles to Azure IaaS

Overview

Evaluate and pilot Microsoft 365 Defender

Overview

Guiding principles of Zero Trust, a security strategy

Deploy

Cloud adoption assessments

Concept

The immutable laws of security

Reference

Past news and highlights

Get started

Begin your security journey here

Cybersecurity training - Chief Information Security Officer (CISO) workshop

If you're new to Microsoft Security, start here! Includes principles and recommendations for modernizing security in your organization.

Microsoft Security Best Practices

Are you a security professional? The Zero Trust implementation guidance contains a collection of best practices with actionable guidance for your security architecture.

Security benchmarks

Security recommendations provide a strong starting point for your own planning and deployment.

Microsoft security engineering

Security related documentation and information from across Microsoft.

Security learning paths and modules

Learn new skills and discover the power of Microsoft products with step-by-step guidance.

Security roles and responsibilities

Organizational functions required to manage information security risk in an enterprise.

Security disciplines

Microsoft security best practices that help you improve your security posture

Human-operated ransomware

• Overview
• Rapidly protect against ransomware
• Backup and restore plan for ransomware

Zero Trust Guidance Center

• Zero Trust overview
• Securing identity with Zero Trust
• Get started with Zero Trust identity integrations

Governance and strategy

• Overview
• Modernize security strategy
• Best practices (videos & slides)

Network security

• Overview
• Best practices (videos & slides)
• Network integrations

Identity and access management

• Overview
• Best practices (videos & slides)
• Identity integrations

Storage, data, and encryption

• Overview
• Best practices (videos & slides)
• Data integrations

Applications and services

• Overview
• Secure development best practices
• DevSecOps controls

Security operations

• Overview
• Best practices
• Incident response

Privileged access

• Overview
• Best practices (videos & slides)
• Rapid Modernization Plan

Additional security resources

Security documentation for Microsoft Azure

• Security, compliance, & identity
• Security fundamentals
• Microsoft Defender for Cloud
• Microsoft Sentinel
• Azure Active Directory
• Azure Key Vault
• Azure networking security services

Security documentation for Microsoft 365

• Microsoft 365 security
• Microsoft 365 Defender
• Secure your remote workforce
• Windows security
• Enterprise Mobility + Security
• Microsoft SQL

Security reference

• Security Development Lifecycle (SDL)
• Operational Security Assurance
• Secure DevOps
• Microsoft Security Risk Detection
• Azure secure development

Security programs

• Microsoft Security Response Center
• Cyber Defense Operations Center
• Cybersecurity - Digital Crimes Unit
• Government Security Program

Professional services

• Microsoft Detection and Response Team
• Microsoft cybersecurity reference architectures

Security principles

• Microsoft Trust Center
• Compliance
• Privacy
• Azure governance