CISA and Microsoft Partnership Expands Access to Logging Capabilities Broadly
Access to New Logging by Default Will Enhance Cyber Defense and Incident Response
WASHINGTON – Based on a collaborative partnership between the Cybersecurity and Infrastructure Security Agency (CISA) and Microsoft, many Microsoft customers will now have access to expanded cloud logging capabilities at no additional charge, which will enhance cyber defense and incident response. Microsoft’s decision is a significant step toward advancing security by design principles and a strong example of effective partnership resulting in better cybersecurity at a national scale.
Over the past several years, operational teams at CISA identified several security logs critical for detecting and preventing threat activity that cost extra for organizations utilizing the Microsoft basic enterprise license. For example, in a recent incident, an affected government agency used available logging data to quickly enable remediation actions to limit damage. Going forward, these additional logging capabilities will now be available at no extra cost to federal government customers and Microsoft commercial customers beginning in September.
“After working collaboratively over the past year, I am extremely pleased with Microsoft’s decision to make necessary log types available to the broader cybersecurity community at no additional cost,” said CISA Director Jen Easterly. “While we recognize this will take time to implement, this is truly a step in the right direction toward the adoption of Secure by Design principles by more companies. We will continue to work with all technology manufacturers, including Microsoft, to identify ways to further enhance visibility into their products for all customers.”
"Today’s announcement comes as a result of our close partnership with CISA, who have called for the industry to take action in order to better protect itself from potential cyber-attacks,” said Vasu Jakkal, Corporate Vice President, Security, Compliance, Identity, and Management at Microsoft. “It also reflects our commitment to engaging with customers, partners, and regulators to address the evolving security needs of the modern world.”
For more information on CISA’s work to create an environment where technology products are designed with secure features built in for the benefit of all customers, visit CISA’s Secure by Design webpage.
###