Microsoft Expands Free Security Tools, Following Backlash

Microsoft is expanding its free security offerings for customers, following recent criticism that its offered services were not sufficient to protect customers.

The announcement comes after the technology company came under fire for a data breach exposing the U.S. State and Commerce Departments’ emails, which was later identified as being due to a vulnerability in Microsoft’s code.

In a blog post, Microsoft said the decision was a “response to the increasing frequency and evolution of nation-state cyberthreats”. Updates include its expansion of cloud logging accessibility and flexibility, as well as access to a wider range of cloud security logs at no additional cost. The expansion is set to take place “over the coming months.”

A statement was released by  Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency, alongside Microsoft's post, applauding Microsoft’s decision.

“Asking organizations to pay more for necessary logging is a recipe for inadequate visibility into investigating cybersecurity incidents,” said Goldstein. “And [it] may allow adversaries to have dangerous levels of success in targeting American organizations…While we understand it will take time to roll out such a major step, this effort will enhance cyber defense and incident response for every Microsoft customer.”

According to Microsoft, it will begin rolling out these logging updates in September 2023 to all government and commercial customers.