Showing category results for Security

Mobile security goes beyond verifying user identity. If an attacker steals a valid token, how will your backend distinguish a legitimate request from one reproduced in an emulator or cloned environment? This is a gap in traditional authentication flows when applied to the mobile environment. By linking each request to hardware-backed keys genera...

In today's fast-paced digital world, keeping the Visual Studio Marketplace secure and trustworthy is extremely important. We know how crucial it is to protect your extensions, so we're always working on new ways to keep things safe. We'd like to share an update on the existing safeguards and upcoming investments that ensure VS Marketplace remain...

With the launch of custom integrations in Claude, developers and enterprises can now extend Claude’s capabilities by connecting their own hosted Model Context Protocol (MCP) servers as native integrations. This capability allows Claude and any of its agents to perform complex tasks by invoking a variety of APIs exposed through MCP servers. Devel...

In this blog post, we will provide some guidelines on how to mitigate prompt injection attacks in Model Context Protocol (MCP) and share the steps Microsoft has taken to address emerging risks such as this one for our customers. MCP is an open protocol spearheaded by Anthropic that defines a standardized interface for connecting Large Language M...

If you’ve used any applications that required connecting your personal Microsoft or Entra ID account, you’re probably familiar with the typical “authentication dance” – you see a browser window pop up, you enter your credentials, then you can close the browser, and the application is magically authenticated. The next application you launch does the...