{"id":2466,"date":"2018-06-06T16:00:31","date_gmt":"2018-06-06T16:00:31","guid":{"rendered":"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/?p=83095"},"modified":"2018-06-06T16:00:31","modified_gmt":"2018-06-06T16:00:31","slug":"cybersecurity-reference-architecture-security-for-a-hybrid-enterprise","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/","title":{"rendered":"Cybersecurity Reference Architecture: Security for a Hybrid Enterprise"},"content":{"rendered":"<p>The <a href=\"https:\/\/aka.ms\/MCRA\">Microsoft Cybersecurity Reference Architecture<\/a> describes Microsoft\u2019s cybersecurity capabilities and how they integrate with existing security architectures and capabilities. We recently updated this diagram and wanted to share a little bit about the changes and the document itself to help you better utilize it.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-large wp-image-83098 aligncenter\" src=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/2018\/06\/SRA-1024x569.png\" alt=\"\" width=\"1024\" height=\"569\"\/><\/p>\n<h2>How to use it<\/h2>\n<p>We have seen this document used for several purposes by our customers and internal teams (beyond a geeky wall decoration to shock and impress your cubicle neighbors).<\/p>\n<ul>\n<li><strong>Starting template for a security architecture<\/strong> \u2013 The most common use case we see is that organizations use the document to help define a target state for cybersecurity capabilities. Organizations find this architecture useful because it covers capabilities across the modern enterprise estate that now spans on-premise, mobile devices, many clouds, and IoT \/ Operational Technology.<\/li>\n<li><strong>Comparison reference for security capabilities<\/strong> \u2013 We know of several organizations that have marked up a printed copy with what capabilities they already own from various Microsoft license suites (many customers don\u2019t know they own quite a bit of this technology), which ones they already have in place (from Microsoft or partner\/3rd party), and which ones are new and could fill a need.<\/li>\n<li><strong>Learn about Microsoft capabilities<\/strong> \u2013 In presentation mode, each capability has a \u201cScreenTip\u201d with a short description of each capability + a link to documentation on that capability to learn more.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-83101 aligncenter\" src=\"https:\/\/cloudblogs.microsoft.com\/uploads\/prod\/2018\/06\/screentip.png\" alt=\"\" width=\"322\" height=\"130\"\/><\/p>\n<ul>\n<li><strong>Learn about Microsoft\u2019s integration investments<\/strong> \u2013 The architecture includes visuals of key integration points with partner capabilities (e.g. SIEM\/Log integration, Security Appliances in Azure, DLP integration, and more) and within our own product capabilities among (e.g. Advanced Threat Protection, Conditional Access, and more).<\/li>\n<li><strong>Learn about cybersecurity<\/strong> \u2013 We have also heard reports of folks new to cybersecurity using this as a learning tool as they prepare for their first career or a career change.<\/li>\n<\/ul>\n<p>As you can see, Microsoft has been investing heavily in security for many years to secure our products and services as well as provide the capabilities our customers need to secure their assets. In many ways, this diagram reflects Microsoft massive ongoing investment into cybersecurity research and development, currently over $1 billion annually (not including acquisitions).<\/p>\n<h2>What has changed in the reference architecture and why<\/h2>\n<p>We made quite a few changes in v2 and wanted to share a few highlights on what\u2019s changed as well as the underlying philosophy of how this document was built.<\/p>\n<ul>\n<li><strong>New visual style<\/strong> \u2013 The most obvious change for those familiar with the first version is the simplified visual style. While some may miss the \u201cvisual assault on the senses\u201d effect from the bold colors in v1, we think this format works better for most people.<\/li>\n<li><strong>Interactivity instructions<\/strong> \u2013 Many people did not notice that each capability on the architecture has a quick description and link to more information, so we added instructions to call that out (and updated the descriptions themselves).<\/li>\n<li><strong>Complementary content<\/strong> \u2013 Microsoft has invested in creating cybersecurity reference strategies (success criteria, recommended approaches, how our technology maps to them) as well as prescriptive guidance for addressing top customer challenges like Petya\/WannaCrypt, Securing Privileged Access, and Securing Office 365. This content is now easier to find with links at the top of the document.<\/li>\n<li><strong>Added section headers<\/strong> for each grouping of technology areas to make it easier to navigate, understand, and discuss as a focus area.<\/li>\n<li><strong>Added foundational elements<\/strong> \u2013 We added descriptions of some core foundational capabilities that are deeply integrated into how we secure our cloud services and build our cybersecurity capabilities that have been added to the bottom. These include:\n<ul>\n<li><strong>Trust Center<\/strong> \u2013 This is where describe how we secure our cloud and includes links to various compliance documents such as 3rd party auditor reports.<\/li>\n<li><strong>Compliance Manager<\/strong> is a powerful (new) capability to help you report on your compliance status for Azure, Office 365, and Dynamics 365 for General Data Protection Regulation (GDPR), NIST 800-53 and 800-171, ISO 27001 and 27018, and others.<\/li>\n<li><strong>Intelligent Security Graph<\/strong> is Microsoft threat intelligence system that we use to protect our cloud, our IT environment, and our customers. The graph is composed of trillions of signals, advanced analytics, and teams of experts hunting for malicious activities and is integrated into our threat detection and response capabilities.<\/li>\n<li><strong>Security Development Lifecycle (SDL)<\/strong> is foundational to how we develop software at Microsoft and has been published to help you secure your applications. Because of our early and deep commitment to secure development, we were able to quickly conform to ISO 27034 after it was released.<\/li>\n<\/ul>\n<\/li>\n<li><strong>Moved Devices\/Clients together<\/strong> \u2013 As device form factors and operating systems continue to expand and evolve, we are seeing security organizations view devices through the lens of trustworthiness\/integrity vs. any other attribute.\n<ul>\n<li>We reorganized the Windows 10 and Windows Defender ATP capabilities around outcomes vs. feature names for clarity.<\/li>\n<li>We also reorganized windows security icons and text to reflect that Windows Defender ATP describes all the platform capabilities working together to prevent, detect, and (automatically) respond and recover to attacks. We added icons to show the cross-platform support for Endpoint Detection and Response (EDR) capabilities that now extend across Windows 10, Windows 7\/8.1, Windows Server, Mac OS, Linux, iOS, and Android platforms.<\/li>\n<li>We faded the intranet border around these devices because of the ongoing success of phishing, watering hole, and other techniques that have weakened the network boundary.<\/li>\n<\/ul>\n<\/li>\n<li><strong>Updated SOC section<\/strong> \u2013 We moved several capabilities from their previous locations around the architecture into the Security Operations Center (SOC) as this is where they are primarily used. This move enabled us to show a clearer vision of a modern SOC that can monitor and protect the hybrid of everything estate. We also added the Graph Security API (in public preview) as this API is designed to help you integrate existing SOC components and Microsoft capabilities.<\/li>\n<li><strong>Simplified server\/datacenter view<\/strong> \u2013 We simplified the datacenter section to recover the space being taken up by duplicate server icons. We retained the visual of extranets and intranets spanning on-premises datacenters and multiple cloud provider(s). Organizations see Infrastructure as a Service (IaaS) cloud providers as another datacenter for the intranet generation of applications, though they find Azure is much easier to manage and secure than physical datacenters. We also added Azure Stack capability that allows customers to securely operate Azure services in their datacenter.<\/li>\n<li><strong>New IoT\/OT section<\/strong> \u2013 IoT is on the rise on many enterprises due to digital transformation initiatives. While the attacks and defenses for this area are still evolving quickly, Microsoft continues to invest deeply to provide security for existing and new deployments of Internet of Things (IoT) and Operational Technology (OT). Microsoft has announced <a href=\"https:\/\/blogs.microsoft.com\/iot\/2018\/04\/04\/microsoft-will-invest-5-billion-in-iot-heres-why\/\">$5 billion of investment over the next four years for IoT<\/a> and has also recently announced an end to end certification for a secure IoT platform from MCU to the cloud called <a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/introducing-microsoft-azure-sphere-secure-and-power-the-intelligent-edge\/\">Azure Sphere<\/a>.<\/li>\n<li><strong>Updated Azure Security Center<\/strong> \u2013 Azure Security Center grew to protect Windows and Linux operating system across Azure, on-premises datacenters, and other IaaS providers. Security Center has also added powerful new features like Just in Time access to VMs and applied machine learning to creating application whitelisting rules and North-South Network Security Group (NSG) network rules.<\/li>\n<li><strong>Added Azure capabilities<\/strong> including Azure Policy, Confidential Computing, and the new DDoS protection options.<\/li>\n<li><strong>Added Azure AD B2B and B2C<\/strong> \u2013 Many Security departments have found these capabilities useful in reducing risk by moving partner and customer accounts out of enterprise identity systems to leverage existing enterprise and consumer identity providers.<\/li>\n<li><strong>Added information protection<\/strong> capabilities for Office 365 as well as SQL Information Protection (preview).<\/li>\n<li><strong>Updated integration points<\/strong> \u2013 Microsoft invests heavily to integrate our capabilities together as well as to ensure use our technology with your existing security capabilities. This is a quick summary of some key integration points depicted in the reference architecture:\n<ul>\n<li><strong>Conditional Access<\/strong> connecting info protection and threat protection with identity to ensure that authentications are coming from a secure\/compliant device before accessing sensitive data.<\/li>\n<li><strong>Advanced Threat Protection<\/strong> integration across our SOC capabilities to streamline detection and response processes across Devices, Office 365, Azure, SaaS applications, and on Premises Active Directory.<\/li>\n<li><strong>Azure Information Protection<\/strong> discovering and protecting data on SaaS applications via Cloud App Security.<\/li>\n<li><strong>Data Loss Protection (DLP)<\/strong> integration with <strong>Cloud App Security<\/strong> to leverage existing DLP engines and with <strong>Azure Information Protection<\/strong> to consume labels on sensitive data.<\/li>\n<li><strong>Alert and Log Integration<\/strong> across Microsoft capabilities to help integrate with existing Security Information and Event Management (SIEM) solution investments.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Feedback<\/h2>\n<p>We are always trying to improve everything we do at Microsoft and we need your feedback to do it! You can contact the primary author (Mark Simos) directly on <a href=\"https:\/\/aka.ms\/markslist\">LinkedIn<\/a> with any feedback on how to improve it or how you use it, how it helps you, or any other thoughts you have.<\/p>\n<p> READ MORE <a href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/06\/06\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Microsoft Cybersecurity Reference Architecture describes Microsofts cybersecurity capabilities and how they integrate with existing security architectures and capabilities. We recently updated this diagram and wanted to share a little bit about the changes and the document itself to help you better utilize it. How to use it We have seen this document used for Read more READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":2467,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[254],"class_list":["post-2466","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-secure","tag-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Cybersecurity Reference Architecture: Security for a Hybrid Enterprise 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cybersecurity Reference Architecture: Security for a Hybrid Enterprise 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-06-06T16:00:31+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"569\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Cybersecurity Reference Architecture: Security for a Hybrid Enterprise\",\"datePublished\":\"2018-06-06T16:00:31+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\\\/\"},\"wordCount\":1455,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/06\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise.png\",\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\\\/\",\"name\":\"Cybersecurity Reference Architecture: Security for a Hybrid Enterprise 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/06\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise.png\",\"datePublished\":\"2018-06-06T16:00:31+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/06\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2018\\\/06\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise.png\",\"width\":1024,\"height\":569},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/uncategorized\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cybersecurity Reference Architecture: Security for a Hybrid Enterprise\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cybersecurity Reference Architecture: Security for a Hybrid Enterprise 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/","og_locale":"en_US","og_type":"article","og_title":"Cybersecurity Reference Architecture: Security for a Hybrid Enterprise 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-06-06T16:00:31+00:00","og_image":[{"width":1024,"height":569,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Cybersecurity Reference Architecture: Security for a Hybrid Enterprise","datePublished":"2018-06-06T16:00:31+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/"},"wordCount":1455,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise.png","articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/","url":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/","name":"Cybersecurity Reference Architecture: Security for a Hybrid Enterprise 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise.png","datePublished":"2018-06-06T16:00:31+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/06\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise.png","width":1024,"height":569},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-reference-architecture-security-for-a-hybrid-enterprise\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Uncategorized","item":"https:\/\/www.threatshub.org\/blog\/tag\/uncategorized\/"},{"@type":"ListItem","position":3,"name":"Cybersecurity Reference Architecture: Security for a Hybrid Enterprise"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/2466","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=2466"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/2466\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/2467"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=2466"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=2466"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=2466"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}