{"id":32215,"date":"2019-12-09T17:00:03","date_gmt":"2019-12-09T17:00:03","guid":{"rendered":"https:\/\/www.microsoft.com\/security\/blog\/?p=90266"},"modified":"2019-12-09T17:00:03","modified_gmt":"2019-12-09T17:00:03","slug":"improve-cyber-supply-chain-risk-management-with-microsoft-azure","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/","title":{"rendered":"Improve cyber supply chain risk management with Microsoft Azure"},"content":{"rendered":"<p>For years, Microsoft has tracked threat actors exploiting federal cyber supply chain vulnerabilities. <a href=\"https:\/\/docs.microsoft.com\/en-us\/windows\/security\/threat-protection\/intelligence\/supply-chain-malware\" target=\"_blank\" rel=\"noopener noreferrer\">Supply chain attacks<\/a> target software developers, systems integrators, and technology companies. Tactics often include obtaining source code, build processes, or update mechanisms to compromise legitimate applications. This is a key concern for government cybersecurity in the cloud, as the expanding digital estate requires movement towards a <a href=\"https:\/\/www.microsoft.com\/en-us\/itshowcase\/implementing-a-zero-trust-security-model-at-microsoft\" target=\"_blank\" rel=\"noopener noreferrer\">Zero Trust security model<\/a>.<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1.png\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-90267 size-full\" src=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1.png\" alt width=\"1076\" height=\"607\" srcset=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1.png 1076w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1-300x169.png 300w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1-768x433.png 768w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1-1024x578.png 1024w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1-539x303.png 539w\" sizes=\"auto, (max-width: 1076px) 100vw, 1076px\"><\/a><\/p>\n<p>There are several techniques to attack cyber supply chains in Information Communications and Technology (ICT) products and services. Supply chain attacks are most concerning because they target vulnerabilities in your infrastructure before you even deploy your assets and software.<\/p>\n<p>Attackers can:<\/p>\n<ul>\n<li>Compromise software building tools to ensure that their malware is imprinted into all software generated from the building tools.<\/li>\n<li>Replace software update repositories with malicious replicas that distribute malware across entire software ecosystems.<\/li>\n<li>Steal code-signing certificates to make malicious software appear as legitimate code.<\/li>\n<li>Intercept hardware shipments to inject malicious code into hardware, firmware, and field-programmable gate arrays (FPGAs).<\/li>\n<li>Pre-install malware onto IoT devices before they arrive to target organizations.<\/li>\n<\/ul>\n<h3>Managing Supply Chain Risk Management (SCRM) to defend against supply chain attacks<\/h3>\n<p>Defending against supply chain attacks requires a comprehensive approach to managing Supply Chain Risk Management (SCRM). Federal risk managers must deploy strong code integrity policies and technical screening controls to ensure their software complies with organizational directives such as applying NIST SP 800-53A security controls for Federal Information Security Management Act (FISMA) compliance. Code integrity requires full non-repudiation of software to validate information producer associations, identity, and chain of custody for systems and components (NIST SP 800-161, 2015). One critical opportunity for addressing code integrity in your supply chain is to implement and adhere to a secure software development lifecycle for applications that you develop in-house and that you acquire from third-party supply chain partners.<\/p>\n<p>Microsoft continues to use the <a href=\"https:\/\/www.microsoft.com\/en-us\/securityengineering\/sdl\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security Development Lifecycle<\/a>, a fundamental process of continuous learning and improvement in the security, integrity, and resiliency of our enterprise applications. We require supply chain providers to adhere to these practices as well.<\/p>\n<p>Organizations should employ asset monitoring and tracking systems such as radio-frequency identification (RFID) and digital signatures to track hardware and software from producers to consumers to ensure system and component integrity. <a href=\"https:\/\/csrc.nist.gov\/publications\/detail\/fips\/200\/final\" target=\"_blank\" rel=\"noopener noreferrer\">FIPS 200<\/a> specifies that federal organizations \u201cmust identify, report, and correct information and information system flaws in a timely manner while providing protection from malicious code at appropriate locations within organizational information systems\u201d (FIPS 200, 2006).<\/p>\n<h3>How Microsoft fights against malware<\/h3>\n<p>Microsoft understands how to fight malware and have worked hard for many years to offer our customers leading endpoint protection to defend against increasingly sophisticated attacks across a variety of devices. These efforts have been recognized, for example, in this year\u2019s <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2019\/08\/23\/gartner-names-microsoft-a-leader-in-2019-endpoint-protection-platforms-magic-quadrant\/\" target=\"_blank\" rel=\"noopener noreferrer\">2019 Gartner Endpoint Protection Platforms Magic Quadrant<\/a>. In addition, <a href=\"https:\/\/www.microsoft.com\/en-us\/microsoft-365\/windows\/microsoft-defender-atp\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Defender Advanced Threat Protection (ATP)<\/a> integrates directly with <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/security-center\/\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Azure Security Center<\/a> to alert your security teams of threat actors exploiting your vulnerabilities.<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-2.png\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-90268 size-full\" src=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-2.png\" alt width=\"816\" height=\"819\" srcset=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-2.png 816w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-2-150x150.png 150w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-2-300x300.png 300w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-2-768x771.png 768w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-2-100x100.png 100w\" sizes=\"auto, (max-width: 816px) 100vw, 816px\"><\/a><\/p>\n<p><em>Magic Quadrant for Endpoint Protection Platforms.*<\/em><\/p>\n<p>Endpoint Protection Platforms can support software development and fight malware, but government organizations must follow <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2018\/07\/26\/attack-inception-compromised-supply-chain-within-a-supply-chain-poses-new-risks\/\" target=\"_blank\" rel=\"noopener noreferrer\">recommendations for software vendors and developers<\/a> by applying patches for operating systems and software, implementing mandatory integrity controls, and requiring Multi-Factor Authentication (MFA) for administrators.<\/p>\n<p><a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/security-center-recommendations\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Security Center Recommendations<\/a> help government organizations eliminate security vulnerabilities before an attack occurs by facilitating actions to secure resources, including OS vulnerability detection, mandatory controls, and enforcing authentication with <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/security-center-identity-access\" target=\"_blank\" rel=\"noopener noreferrer\">MFA<\/a> and secure access with <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/security-center\/security-center-just-in-time\" target=\"_blank\" rel=\"noopener noreferrer\">just-in-time (JIT)<\/a> virtual machine access.<\/p>\n<p>When you remediate recommendations, your Secure Score and your workloads\u2019 security postures improve. Azure Security Center automatically discovers new resources you deploy, assesses them against your security policy, and provides new recommendations for securing them.<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-3.png\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-90269 size-full\" src=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-3.png\" alt width=\"1676\" height=\"1017\" srcset=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-3.png 1676w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-3-300x182.png 300w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-3-768x466.png 768w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-3-1024x621.png 1024w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-3-440x268.png 440w\" sizes=\"auto, (max-width: 1676px) 100vw, 1676px\"><\/a><\/p>\n<p>Azure Security Center also facilitates cyber learning through gamification. Secure Score allows your SecOps and Security Governance Risk &amp; Compliance (SGRC) teams to remediate vulnerabilities through a points-based system. This capability can enhance system configurations and reinforce supply chain risk management in a single pane of glass for your infrastructure security posture, and even includes a <a href=\"https:\/\/azure.microsoft.com\/en-us\/blog\/regulatory-compliance-dashboard-in-azure-security-center-now-available\/\" target=\"_blank\" rel=\"noopener noreferrer\">regulatory and compliance dashboard<\/a> to facilitate federal compliance requirements and can be tailored to your organization.<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-4.png\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-90270 size-full\" src=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-4.png\" alt width=\"1474\" height=\"982\" srcset=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-4.png 1474w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-4-300x200.png 300w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-4-768x512.png 768w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-4-1024x682.png 1024w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-4-293x195.png 293w\" sizes=\"auto, (max-width: 1474px) 100vw, 1474px\"><\/a><\/p>\n<p>Security of federal information systems requires compliance with stringent standards such as NIST SP 800-53, FISMA, CIS Benchmarks, and FedRAMP Moderate. <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/blueprints\/\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Blueprints<\/a> facilitates compliance with these standards ensuring a secure-by-design approach to federal information security. Azure Blueprints enable cloud architects and information technology groups to define a repeatable set of Azure resources that implements and adheres to an organization\u2019s standards, patterns, and requirements.<\/p>\n<p>Azure Blueprints are a declarative way to orchestrate the deployment of various resource templates and other artifacts such as role assignments, policy assignments, and <a href=\"https:\/\/azure.microsoft.com\/en-us\/features\/resource-manager\/\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Resource Manager<\/a> templates. Azure Blueprints also provide recommendations and a framework to directly apply compliance requirements to your environment while monitoring configurations through Continuous Monitoring (CM).<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-5.png\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-90271 size-full\" src=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-5.png\" alt width=\"761\" height=\"863\" srcset=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-5.png 761w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-5-265x300.png 265w\" sizes=\"auto, (max-width: 761px) 100vw, 761px\"><\/a><\/p>\n<h3>Employing a comprehensive monitoring program<\/h3>\n<p>Protecting your supply chain also requires a comprehensive monitoring program with cyber incident response and security operations capabilities. <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/azure-sentinel\/\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Sentinel<\/a> is a cloud-native security information and event manager (SIEM) platform that uses built-in artificial intelligence (AI) to help analyze large volumes of data across an enterprise\u2014fast. Azure Sentinel aggregates data from all sources, including users, applications, servers, and devices running on-premises or in any cloud, letting you reason over millions of records in a few seconds.<\/p>\n<p>Azure Sentinel leverages the <a href=\"https:\/\/developer.microsoft.com\/en-us\/graph\/\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Graph<\/a>, which detects threats, reduces false positives, and puts your responders on target. Azure Sentinel Workbooks optimize productivity with dozens of built in dashboards to enhance security monitoring.<\/p>\n<p>Azure Sentinel Analytics allow your cyber defenders to employ proactive alerting to detect threats impacting your supply chain security. Azure Sentinel Playbooks includes over 200 connectors to leverage full automation through <a href=\"https:\/\/azure.microsoft.com\/en-us\/services\/logic-apps\/\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Logic Apps<\/a>. This powerful capability allows federal agencies to compensate for the cyber talent gap with Security Automation &amp; Orchestration Response (SOAR) capabilities while leveraging machine learning and AI capabilities. Azure Sentinel <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/sentinel\/tutorial-investigate-cases\" target=\"_blank\" rel=\"noopener noreferrer\">deep investigation<\/a> allows your incident response teams to dig into incidents and identify the root cause of attacks.<\/p>\n<p><a href=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-6.png\" target=\"_blank\" rel=\"noopener noreferrer\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-90272 size-full\" src=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-6.png\" alt width=\"785\" height=\"344\" srcset=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-6.png 785w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-6-300x131.png 300w, https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-6-768x337.png 768w\" sizes=\"auto, (max-width: 785px) 100vw, 785px\"><\/a><\/p>\n<p>Azure Sentinel\u2019s <a href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/sentinel\/hunting\" target=\"_blank\" rel=\"noopener noreferrer\">powerful hunting search-and-query tools<\/a> are based in the MITRE ATT&amp;K Framework, allowing your responders to proactively hunt threats across the network before alerts are triggered. The <a href=\"https:\/\/aka.ms\/asicommunity\" target=\"_blank\" rel=\"noopener noreferrer\">Azure Sentinel community<\/a> is growing on GitHub and allows your team to collaborate with the information security community for best practices, efficiencies, and security innovation.<\/p>\n<div class=\"interruption interruption-image-type\">\n<div class=\"interruption-image-container\"><img decoding=\"async\" class=\"interruption-image\" src=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/10\/Azure-Sentinal.png\"><\/div>\n<div class=\"interruption-content-wrap\">\n<h3 class=\"interruption-title\">Azure Sentinel<\/h3>\n<p class=\"interruption-text\">Intelligent security analytics for your entire enterprise.<\/p>\n<p><a class=\"interruption-link c-glyph\" href=\"https:\/\/azure.microsoft.com\/en-us\/services\/azure-sentinel\/\">Learn more<\/a><\/div>\n<\/div>\n<p>Cyber Supply Chain Risk Management (SCRM) is a growing concern within the federal sector. Microsoft is committed to bolstering government cybersecurity in the cloud. Microsoft Azure goes the distance to protect your network against supply chain attacks through Microsoft Defender ATP\u2019s industry leading Endpoint Protection Platform, Azure Security Center\u2019s comprehensive continuous monitoring platform, Azure Blueprints approach to rapidly deploying a compliant cloud, and Azure Sentinel\u2019s cloud-native SIEM that harnesses the limitless power of the cloud through threat intelligence, machine learning, AI, and automation.<\/p>\n<h3>Learn more about government cybersecurity in the cloud with Microsoft<\/h3>\n<p>Here are some of the best resource to learn more about government cybersecurity in the cloud with Microsoft:<\/p>\n<p>Also, join us for the <a href=\"https:\/\/www.microsoft.com\/en-us\/ignite-the-tour\/washington-dc\" target=\"_blank\" rel=\"noopener noreferrer\">Microsoft Ignite Government Tour<\/a> in Washington, D.C., February 6, 2020.<\/p>\n<p>Bookmark the <a href=\"https:\/\/www.microsoft.com\/security\/blog\/\" target=\"_blank\" rel=\"noopener noreferrer\">Security blog<\/a> to keep up with our expert coverage on security matters and follow us at <a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noopener noreferrer\">@MSFTSecurity<\/a> or visit our <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/business\" target=\"_blank\" rel=\"noopener noreferrer\">website<\/a> for the latest news and updates on cybersecurity.<\/p>\n<p>Are you a federal government agency that needs help with cybersecurity? Reach out to <a href=\"https:\/\/www.linkedin.com\/in\/tjbanasik\/\" target=\"_blank\" rel=\"noopener noreferrer\">TJ Banasik<\/a> or <a href=\"http:\/\/www.linkedin.com\/in\/marmci\" target=\"_blank\" rel=\"noopener noreferrer\">Mark McIntyre<\/a> for additional details on the content above, or if you have any other questions about Microsoft\u2019s cybersecurity investments for the federal government.<\/p>\n<p><em>*This graphic was published by Gartner, Inc. as part of larger research documents and should be evaluated in the context of the entire document. The Gartner documents are available upon request from Microsoft. Gartner does not endorse any vendor, product, or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner\u2019s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and\/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.<\/em><\/p>\n<p>READ MORE <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2019\/12\/09\/improve-cyber-supply-chain-risk-management-microsoft-azure\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>To keep government agencies secure in the cloud, we must keep pace and stay ahead of cyber attackers by defending the cyber supply chain with Microsoft Azure.<br \/>\nThe post Improve cyber supply chain risk management with Microsoft Azure appeared first on Microsoft Security. READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[276],"tags":[6426,6419,7220,6717,3677],"class_list":["post-32215","post","type-post","status-publish","format-standard","hentry","category-microsoft-secure","tag-azure-security","tag-endpoint-security","tag-microsoft-defender-advanced-threat-protection","tag-microsoft-defender-atp","tag-zero-trust"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Improve cyber supply chain risk management with Microsoft Azure 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Improve cyber supply chain risk management with Microsoft Azure 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-12-09T17:00:03+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1.png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Improve cyber supply chain risk management with Microsoft Azure\",\"datePublished\":\"2019-12-09T17:00:03+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\\\/\"},\"wordCount\":1406,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.microsoft.com\\\/security\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/12\\\/Cyber-supply-chain-risk-management-1.png\",\"keywords\":[\"Azure Security\",\"Endpoint security\",\"Microsoft Defender Advanced Threat Protection\",\"Microsoft Defender ATP\",\"Zero Trust\"],\"articleSection\":[\"Microsoft Secure\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\\\/\",\"name\":\"Improve cyber supply chain risk management with Microsoft Azure 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.microsoft.com\\\/security\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/12\\\/Cyber-supply-chain-risk-management-1.png\",\"datePublished\":\"2019-12-09T17:00:03+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.microsoft.com\\\/security\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/12\\\/Cyber-supply-chain-risk-management-1.png\",\"contentUrl\":\"https:\\\/\\\/www.microsoft.com\\\/security\\\/blog\\\/wp-content\\\/uploads\\\/2019\\\/12\\\/Cyber-supply-chain-risk-management-1.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Azure Security\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/azure-security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Improve cyber supply chain risk management with Microsoft Azure\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Improve cyber supply chain risk management with Microsoft Azure 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/","og_locale":"en_US","og_type":"article","og_title":"Improve cyber supply chain risk management with Microsoft Azure 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-12-09T17:00:03+00:00","og_image":[{"url":"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1.png","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Improve cyber supply chain risk management with Microsoft Azure","datePublished":"2019-12-09T17:00:03+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/"},"wordCount":1406,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1.png","keywords":["Azure Security","Endpoint security","Microsoft Defender Advanced Threat Protection","Microsoft Defender ATP","Zero Trust"],"articleSection":["Microsoft Secure"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/","url":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/","name":"Improve cyber supply chain risk management with Microsoft Azure 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1.png","datePublished":"2019-12-09T17:00:03+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/#primaryimage","url":"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1.png","contentUrl":"https:\/\/www.microsoft.com\/security\/blog\/wp-content\/uploads\/2019\/12\/Cyber-supply-chain-risk-management-1.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/improve-cyber-supply-chain-risk-management-with-microsoft-azure\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Azure Security","item":"https:\/\/www.threatshub.org\/blog\/tag\/azure-security\/"},{"@type":"ListItem","position":3,"name":"Improve cyber supply chain risk management with Microsoft Azure"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/32215","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=32215"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/32215\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=32215"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=32215"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=32215"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}