Microsoft claims it is making progress on its Safe Future Initiative, though there is still work to be done.

Microsoft has released its November update for the Secure Future Initiative, a program designed to address critical security challenges and vulnerabilities the company has faced, particularly following incidents involving state-sponsored threat actors that compromised U.S. government data. This update is the second since the initiative's introduction, which made progress in September 2024 when various security-focused changes were implemented, such as linking security to performance assessments and creating a Security Training Academy.

The company has reported new advancements in its six engineering pillars, aimed at ensuring "security above all" to protect users, businesses, and contractors. In the first pillar, "protecting identities and secrets," the protection of signing keys for access tokens in Microsoft Entra ID, Microsoft Account, and Microsoft Active Directory Federation Services has been improved, along with the introduction of phishing-resistant credentials in production environments.

Among the important updates, multifactor authentication (MFA) has been enabled by default in the Microsoft Azure Portal, the Microsoft Entra admin center, the Intune admin center, and the Microsoft 365 admin center for new tenants. MFA has also been implemented in Microsoft's production environments to reduce the risk of phishing and credential theft.

In the second pillar, "protecting tenants and isolating production systems," lifetime management and secure default configurations for Microsoft Entra ID accounts have been introduced. In this process, approximately 5.75 million tenants and 440,000 resources were removed.

On the other hand, in the third pillar, "protecting networks," over 99% of Microsoft’s network devices have been configured to a baseline standard, and centrally configured network policies have been implemented. The company also highlighted virtual network encryption in Azure and the public preview availability of Domain Name System security extensions.

The security of the fourth pillar, "protecting engineering systems," has been strengthened by tracking software assets in production environments and applying policies to secure code repositories. With the introduction of GitHub Advanced Security, customers can scan Azure DevOps repositories for secret exposures.

The fifth pillar, "monitoring and detecting threats," has been enhanced with the introduction of service-level security audit logs in standard libraries and a centrally enforced log retention period. The November update also included consistent audit logging across all services, extending the retention period to two years.

Finally, in the sixth pillar, "accelerating response and remediation," Microsoft has managed to address 90% of critical cloud vulnerabilities within a reduced timeframe and has published 800 CVEs (Common Vulnerabilities and Exposures) in the cloud. Additionally, the company announced the Windows Resilience Initiative, which aims to optimize the security of business devices and increase the adoption of Windows 11 by reducing the number of administrative privileges required by applications and improving security controls for the operation of applications and drivers.