I’m excited to be reading through the new updated Microsoft Cybersecurity Reference Architectures (MCRA).
The MCRA is part of the Microsoft Security Adoption Framework (SAF) that helps accelerate security modernization and effectiveness.
The SAF provides clear actionable guidance to help guide your security modernization journey to protect business assets across your technical estate. The recommendations and references in SAF are aligned to Zero Trust principles as well as best practices and lessons learned from across Microsoft customers.
December 2023 release
This release evolved MCRA from a ‘collection of technical diagrams’ into an integral component of Microsoft’s Security Adoption Framework (SAF). This MCRA presentation is a subset of the full Microsoft Unified workshop Security Architecture Design Session (ADS) Module 1 – Zero Trust Architecture focused on end to end security using Zero Trust principles.
Changes in this release include:
– Updated presentation content to focus on end to end architecture and related topics
– Restructured main diagram page to include current relevant content and add link to MCRA videos
– Updated technical diagrams with new products, updated products, and product name changes (see slides notes of each diagram for details on changes)
– Added Zero Trust mappings to NIST and The Open Group including slides notes/references
My favorite diagrams are still there and show areas of update in this new version, but now there is much more context on how these capabilities fit into an end to end security architecture, including why this complete approach is important, how to prioritize security, etc.
·
The MCRA also includes Zero Trust models for NIST & Open Group &the mapping of Microsoft capabilities to help you plan those initiatives.
The diagrams outline how Microsoft security capabilities are integrated with both Microsoft and third-part platforms such as:
- Microsoft 365
- Microsoft Azure
- Third-party SaaS apps like ServiceNow and Salesforce
- Third-party platforms including Amazon Web Services (AWS) and Google Cloud Platform (GCP)
- First and third-party AI capabilities
The MCRA includes key information about:
- Antipatterns (common mistakes) and best practices
- Guiding rulesets for end-to-end architecture
- Threat trends, and attack patterns
- Mapping Microsoft capabilities to organizational roles
- Mapping Microsoft capabilities to Zero Trust standards
- Securing privileged access
- Prioritising using attacker return on investment (ROI)
Additionally, the MCRA also includes detailed technical diagrams for:
- Microsoft cybersecurity capabilities
- Zero trust user access
- Security operations (SecOps/SOC)
- Operational technology (OT)
- Multi-cloud and cross-platform capabilities
- Attack chain coverage
- Infrastructure and Development Security
- Security organisational functions
So much great content to ingest and wonderful reference material. I thoroughly recommend everyone with an interest in security to download and read.