\n_In this blog you will hear directly from Microsoft\u2019s Deputy Chief Information Security Officer (CISO) for Azure and operating systems, Mark Russinovich, about how Microsoft operationalized security durability at scale. This blog is part of an ongoing series where our Deputy CISOs share their thoughts on what is most important in their respective domains. In this series you will get practical advice and forward-looking commentary on where the industry is going, as well as tactics you should start (and stop) deploying, and more._<\/p>\n
In late 2023, Microsoft launched its most ambitious security transformation to date, the Microsoft Secure Future Initiative (SFI). An initiative with the equivalent of 34,000 engineers working across 14 product divisions, supporting more than 20,000 cloud services on 1.2 million Azure subscriptions, the scope is massive. These services operate on 21 million compute nodes, protected by 46.7 million certificates, and developed across 134,000 code repositories. <\/p>\n
At Microsoft\u2019s scale, the real challenge isn\u2019t just shipping security fixes\u2014it\u2019s ensuring they\u2019re automatically enforced by the platform, with no extra lift from engineers. This work aligns directly to our Secure by Default principle. Durable security is about building systems that apply fixes proactively, uphold standards over time, and engineering teams can focus on innovation rather than rework. This is the next frontier in security resilience.<\/p>\n
Learn more about the Secure Future Initiative<\/p>\n
## Why \u201cstaying secure\u201d is harder than getting there <\/p>\n
## SFI April 2025 report blog <\/p>\n
Read the blog \u203a<\/p>\n
When SFI began, Microsoft made rapid progress: teams addressed vulnerabilities, met key performance indicators (KPIs), and turned dashboards green. Over time, sustaining these gains proved challenging, as some fixes required reinforcement and recurring patterns like misconfigurations and legacy issues began to re-emerge in new projects\u2014highlighting the need for durable, long-term security practices. <\/p>\n
The pattern was clear: **security improvements weren\u2019t durable**. <\/p>\n
While key milestones were successfully achieved, there were instances where we did not have a clearly defined ownership or built-in features to automatically sustain security baselines. Enforcement mechanisms varied, leading to inconsistencies in how security standards were upheld. As resources shifted post-delivery, this created a risk of baseline drift over time. <\/p>\n
Moving forward, we realized that our teams need to establish explicit ownership, standardize enforcement design, and embed automation at the platform level because it is essential to ensure long-term resilience, reduce operational burden, and prevent regression. <\/p>\n
Read the latest SFI report<\/p>\n
## Engineering for endurance: The making of Microsoft\u2019s durability strategy <\/p>\n
To transform security from a reactive effort into an enduring capability, Microsoft launched a company-wide initiative to operationalize security durability at scale. The result was the creation of the **Security Durability Model** , anchored in the principle to \u201cStart Green, Get Green, Stay Green, and Validate Green.\u201d This framework is not a slogan\u2014it is a foundational shift in how Microsoft engineers build, enforce, and sustain secure systems across the enterprise. <\/p>\n
At the core of this effort are Durability Architects\u2014dedicated Architects embedded within each division who act as stewards of persistent security. These individuals champion a \u201cfix-once, fix-forever\u201d mindset by enforcing ownership and driving accountability across teams. One example that catalyzed this effort involved cross-tenant access risks through Passthrough Authentication. In this case, users without presence in a target tenant could authenticate through passthrough mechanisms, unintentionally breaching tenant boundaries. The mitigation initially lacked durability and resurfaced until ownership and enforcement were systemically addressed. <\/p>\n
Microsoft also applies a lifecycle framework they call \u201cStart Green, Get Green, Stay Green, Validated Green.\u201d New features are developed in a secure-by-default posture using hardened templates, ensuring they \u201cStart Green.\u201d Legacy systems or existing features are brought into compliance through targeted remediation efforts\u2014this is \u201cGet Green.\u201d To \u201cStay Green,\u201d ongoing monitoring and guardrails prevent regression. Finally, security is verified through automated reviews, and executive reporting\u2014ensuring enduring resilience. <\/p>\n
## Automating for scale and embedding security into engineering culture <\/p>\n
## What is Azure Policy? <\/p>\n
Learn more \u2197<\/p>\n
Recognizing that manual security checks cannot scale across an enterprise of this size, Microsoft has heavily invested in automation to prevent regressions. Tools such as Azure Policy automatically enforce best practices like encryption-at-rest or multifactor authentication across cloud resources. Continuous scanners detect expired certificates or known vulnerable packages. Self-healing scripts autocorrect deviations, closing the loop between detection and remediation. <\/p>\n
To embed durability into the operational fabric, review cadences and executive oversight play a critical role. Security KPIs are reviewed at weekly or biweekly engineering operations meetings, with Microsoft\u2019s top leadership, including the Chief Executive Officer (CEO), Executive Vice Presidents (EVPs), and engineering leaders receiving regular updates. Notably, executive compensation is now directly tied to security performance metrics\u2014an accountability mechanism that has driven measurable improvements in areas such as secret hygiene across code repositories. <\/p>\n
Rather than building fragmented solutions, Microsoft focuses on shared, scalable security capabilities. For example, to maintain a clean build environment, all new build queues will now default to a virtualized setup. Customers will not have the option to revert to the classic Artifact Processor (AP) on their own. Once a build is executed in the virtualized CloudBuild environment, any previously allocated resources in the classic CloudBuild will be either decommissioned or reassigned. <\/p>\n
Finally, durability is now a built-in requirement at development gates. Security fixes must not only remediate current issues but be designed to endure. Teams must assign owners, undergo gated reviews or durability, and build enforcement mechanisms. This philosophy has shifted the mindset from one-time patching to long-term resilience. <\/p>\n
## The path to durable security: A maturity framework <\/p>\n
Durable security isn\u2019t just about fixing vulnerabilities\u2014it\u2019s about ensuring security holds over time. As Microsoft learned during the early days of its Secure Future Initiative, lasting protection requires organizations to mature operationally, culturally, and technically. The following framework outlines how to evolve toward security durability at scale: <\/p>\n
**1\\. Stages of security durability maturity:** Security durability evolves through distinct operational phases that reflect an organization\u2019s ability to sustain and scale secure outcomes, not just achieve them temporarily. <\/p>\n
* Reactive: Durable outcomes are rare. Fixes are implemented manually and inconsistently. Drift and regressions are common due to a lack of enforcement or oversight. <\/p>\n
* Define: Security fixes are codified in basic processes. Teams may implement fixes, but durability is still dependent on individual vigilance rather than systemic support. <\/p>\n
* Managed: Security controls are embedded in standardized workflows. Durable design patterns are introduced. Baseline drift is measured, and early automation begins to prevent regression. <\/p>\n
* Optimized: Durability becomes part of engineering culture. Secure-by-default templates, guardrails, and metrics reduce variance. Real-time enforcement prevents security drift. <\/p>\n
* Autonomous and predictive: Systems proactively enforce durability. AI-assisted controls detect and self-remediate regressions. Durable security becomes self-sustaining and adaptive to change. <\/p>\n
<\/p>\n
**2\\. Dimensions of security durability:** To embed durability across the enterprise, organizations must mature along five integrated dimensions: <\/p>\n
* Resilience to change: Security controls must remain stable even as infrastructure, tools, and organizational structures evolve. This requires decoupling controls from fragile, manual systems. <\/p>\n
* Scalability: Durable security must scale effortlessly across expanding environments, including new regions, services, and team structures\u2014without introducing regressions. <\/p>\n
* Automation and AI readiness: Durability depends on machine-powered enforcement. Manual reviews alone cannot guarantee persistence. AI and automation provide speed, consistency, and fail-safes. <\/p>\n
* Governance integration: Durability must be wired into governance platforms to provide traceability, accountability, and risk closure across the control lifecycle. <\/p>\n
* Sustainability: Durable security solutions must be lightweight and operationally viable. If controls are too burdensome, teams will circumvent them, undermining long-term resilience. <\/p>\n
**3\\. Key milestones in security durability evolution:** Microsoft’s implementation of durable security revealed critical transformation points that signal organizational maturity: <\/p>\n
* Establish durable security baselines (identity hygiene, patching, config hardening).<\/p>\n
* Enforce controls through automated policy and self-healing. <\/p>\n
* Build durability-aware platforms like Govern Risk Intelligent Platform (GRIP) to track regressions and closure loops. <\/p>\n
* Embed durability reviews into engineering checkpoints and risk ownership cycles.<\/p>\n
* Drive a durability mindset across teams\u2014from development to operations. <\/p>\n
* Create feedback loops to evaluate what holds and what regresses over time. <\/p>\n
* Deploy AI-powered agents to detect drift and initiate remediation. <\/p>\n
<\/p>\n
Each milestone builds a stronger foundation for durability and aligns incentives with sustained security excellence. <\/p>\n
**4\\. Measuring security durability:** Tracking the stickiness of security work requires a shift from traditional risk metrics to durability-focused indicators. Microsoft uses the following to monitor progress: <\/p>\n
* Percentage of controls enforced automatically versus manually <\/p>\n
* Baseline drift rate (how often known-good states erode) <\/p>\n
* Mean time to regress (how quickly fixes unravel)<\/p>\n
* Volume of self-healing actions triggered and resolved <\/p>\n
* Percentage of fixes that meet \u201cnever regress\u201d criteria <\/p>\n
* Durability metadata coverage in systems like GRIP (ownership, status, and closure) <\/p>\n
* Percentage of engineering teams integrated into durability reporting cadences <\/p>\n
## Results: From short-term wins to sustained gains <\/p>\n
By February 2025, the durability push resulted in: <\/p>\n
* 100% multi-factor authentication (MFA) enforcement or legacy protocol removal remained stable for months. <\/p>\n
* Teams use real-time dashboards to catch any KPI dips\u2014addressing them before they spiral. <\/p>\n
Where previous improvements faded, new ones held firm\u2014validating the durability model. <\/p>\n
Get the latest Secure Future Initiative updates<\/p>\n
## Lessons for any enterprise <\/p>\n
Microsoft\u2019s journey offers valuable takeaways for organizations of all sizes. <\/p>\n
### Durability requires programmatic support <\/p>\n
Security doesn\u2019t persist by accident. It needs: <\/p>\n
* Roles for durability and accountability.<\/p>\n
* Durable design patterns. <\/p>\n
* Empowering technologies (automation and policy enforcement). <\/p>\n
* Regular leadership and architect reviews. <\/p>\n
* Standardized workflows. <\/p>\n
Teams across security, development, and operations must be aligned and coordinated\u2014using the same metrics, tools, and gates. <\/p>\n
## Culture and leadership matter <\/p>\n
Security must be everyone\u2019s job\u2014and leadership must reinforce that relentlessly. At Microsoft, security became part of performance reviews, executive dashboards, and everyday conversation. <\/p>\n
As EVP Charlie Bell put it: _\u201cSecurity is not just a feature, it\u2019s the foundation.\u201d_ <\/p>\n
That mindset\u2014combined with consistent leadership pressure\u2014is what transforms short-lived security into long-term resilience. <\/p>\n
## Security that endures <\/p>\n
The Secure Future Initiative proves that **durable security** is achievable\u2014even at hyperscale. <\/p>\n
Microsoft is showing that lasting security can be achieved by investing in: <\/p>\n
* **People** (clear ownership and champions). <\/p>\n
* **Processes** (repeatable metrics and reviews). <\/p>\n
* **Platforms** (shared tooling and automation). <\/p>\n
The playbook isn\u2019t just for tech giants. Any organization\u2014whether you’re securing 20 cloud services or 20,000\u2014can adopt the principles of security durability <\/p>\n
Because in today\u2019s cyberthreat landscape, fixing isn\u2019t enough. <\/p>\n
## Secure Future Initiative<\/p>\n
A new world of security.<\/p>\n
Follow along<\/p>\n
<\/p>\n
## Learn more with Microsoft Security<\/p>\n
To see an example of the Microsoft Durability Strategy in action, read this case study in the appendix below. Learn more about the Microsoft Security Future Initiative and our Secure by Default principle. <\/p>\n
\u200b\u200bTo learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity. <\/p>\n
* * *<\/p>\n
## **Appendix:**<\/p>\n
**Security Durability Case Study** <\/p>\n
**Eliminating pinned certificates: A durable fix for secret hygiene in MSA apps**<\/p>\n
**SFI Reference:** [SFI-ID4.1.3]
**Initiative Owner:** Microsoft Account (MSA) Engineering Team <\/p>\n
**Overview** <\/p>\n
As part of the **Secure Future Initiative (SFI)** , the Microsoft Account (MSA) team addressed a critical weakness identified through **Software Security Incident Response Plans (SSIRPs)** : the unsafe use of pinned certificates. By eliminating this legacy pattern and embedding preventive guardrails, the MSA team set a new bar for **durable secrets management** and **secure partner onboarding**. <\/p>\n
**The challenge: Pinned certificates and hidden fragility**<\/p>\n
Pinned certificates were once seen as a strong trust enforcement mechanism, ensuring that only specific certificates could be used to establish connections. However, they became a **security and operational liability** : <\/p>\n
* **Difficult to rotate** : If a pinned certificate expired or was compromised, coordinating a fast and seamless replacement across services was challenging. <\/p>\n
* **Onboarding risk** : New services had no safe, scalable path to onboard without replicating this fragile pattern. <\/p>\n
* **Lack of durability** : Without controls, the risk of regression and repeated misuse remained high. <\/p>\n
**The durable fix: Secure by default and enforced by design**<\/p>\n
The MSA team implemented a **durability-first solution** grounded in engineering enforcement and operational pragmatism: <\/p>\n
**Strategy** | **Action**
—|—
**Code-Level Blocking** | All code paths accepting pinned certificates were hardened to prevent adoption.
**Temporary Allow Lists** | Existing apps using pinned certificates were allow-listed to prevent immediate outages.
**Default Deny Posture** | New apps are automatically blocked from using pinned certificates, enforcing secure defaults. <\/p>\n
This \u201cfix-once, fix-forever\u201d approach ensures the issue doesn\u2019t resurface\u2014even as new partners onboard or systems evolve. <\/p>\n
**Sustained impact and lifecycle integration**<\/p>\n
To maintain progress and ensure **no regression** , the MSA team aligned remediation with each partner\u2019s **SFI KPI milestones**. Services were removed from the allow list only after completing their transition, closing the loop with **full compliance** and **operational readiness**. <\/p>\n
This work reinforced several Security Durability pillars: <\/p>\n
* **Preventive guardrails**<\/p>\n
* **Owner-enforced controls**<\/p>\n
* **Security built into the engineering lifecycle**<\/p>\n
**Lessons and model for the future**<\/p>\n
This case is a model for how Microsoft is shifting from reactive security work to **systemic, enforceable, and scalable durability models**. Rather than patching the same issue repeatedly, the MSA team **eliminated the root cause** , protected the ecosystem, and created a repeatable blueprint for other risky cryptographic practices. <\/p>\n
**Key takeaways**<\/p>\n
* Eliminating pinned certificates reduced fragility and boosted long-term resilience. <\/p>\n
* Durable controls were enforced via code, not just process. <\/p>\n
* Gradual deprecation through partner alignment ensured no disruption. <\/p>\n
* This sets a precedent for eliminating insecure patterns across Microsoft platforms. <\/p>\n
The post Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b appeared first on Microsoft Security Blog.\n<\/p><\/div>\n
View Advisory Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"Security Update News Update Information Title Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b Update ID MSSECURE:C99F320BF27C57C10E221750BE3985A2 Type mssecure Published 2025-06-26T16:00:00 Last…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,34,12,110,13,33,7,11,5],"class_list":["post-7311","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-cvss-00","tag-exploit","tag-mssecure","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n
Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=7311\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b - zero redgem\" \/>\n<meta property=\"og:description\" content=\"Security Update News Update Information Title Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b Update ID MSSECURE:C99F320BF27C57C10E221750BE3985A2 Type mssecure Published 2025-06-26T16:00:00 Last...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=7311\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-06-29T10:31:36+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"12 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7311#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7311\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b\",\"datePublished\":\"2025-06-29T10:31:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7311\"},\"wordCount\":2326,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-0.0\",\"exploit\",\"mssecure\",\"news\",\"NONE\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_news\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=7311#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7311\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7311\",\"name\":\"Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-06-29T10:31:36+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7311#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=7311\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7311#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=7311","og_locale":"en_US","og_type":"article","og_title":"Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b - zero redgem","og_description":"Security Update News Update Information Title Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b Update ID MSSECURE:C99F320BF27C57C10E221750BE3985A2 Type mssecure Published 2025-06-26T16:00:00 Last...","og_url":"https:\/\/zero.redgem.net\/?p=7311","og_site_name":"zero redgem","article_published_time":"2025-06-29T10:31:36+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"12 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=7311#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=7311"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b","datePublished":"2025-06-29T10:31:36+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=7311"},"wordCount":2326,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-0.0","exploit","mssecure","news","NONE","Security","tapic","Vulnerability"],"articleSection":["category_news"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=7311#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=7311","url":"https:\/\/zero.redgem.net\/?p=7311","name":"Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-06-29T10:31:36+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=7311#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=7311"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=7311#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Building security that lasts: Microsoft\u2019s journey towards durability at scale \u200b\u200b"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/7311","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7311"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/7311\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7311"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7311"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7311"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}