CISO-Toolbox
  • Microsoft CISO PoV
  • M365E5 - CISO PoV
  • Ciberseguridad e Inteligencia Artificial
    • Inteligencia artificial ética y responsable
    • Modelo de responsabilidad compartida de la inteligencia artificial (IA)
    • GPT-RAG Arquitectura de Referencia
    • Inteligencia Artificial como Amenaza
    • Amenazas sobre Inteligencia Artificial
      • AI + Machine Learning security
    • Inteligencia Artificial como Defensa
  • Microsoft Copilot
    • Copilot: Adopción Segura
    • Copilot for Security
  • AI + machine learning
    • Azure-Content-Safety
    • Servicios cognitivos disponibles en Microsoft Azure
  • Microsoft Security
    • Defender
      • Microsoft Defender XDR
      • Automatic attack disruption
      • Data Retention on MDE
      • MDE - MTD (IOs/Android)
    • Azure Security
    • GitHub Security
    • Microsoft Entra
      • EntraID - Identity Protection
      • Risk-based Conditional Access
      • Microsoft-managed policies
    • Sentinel - SOC (SIEM/SOAR)
      • Microsoft Sentinel Technical Playbook for MSSPs
      • Microsoft Sentinel Integrations
    • Intune - EndPoint Mng
    • Purview - Data Protection
    • Copilot Security
    • Consola unificada - XDR
    • Azure network security
    • Ecosistema Ciberseguridad
    • What's New?
  • Licenciamiento Microsoft
  • Soporte y Servicios
    • FastTrack
      • FastTrack Microsoft Defender
    • Soporte Unificado
    • Advanced deployment guides for Microsoft 365 and Office 365 products
  • Microsoft Security Adoption Framework (SAF)
    • Zero Trust
    • Microsoft Cybersecurity Reference Architectures
    • CISO Workshop
    • CISO Threat Framework
    • Security in the Microsoft Cloud Adoption Framework for Azure
    • Diagramas de Arquitectura
    • Secure Score (3)
    • Enterprise Security Assessment
  • Azure cloud solutions
    • Page 1
  • Ciber Resiliencia
    • Ransomware
      • Human-operated ransomware attacks
      • Quickly protect your organization against ransomware attacks
      • Backup and restore plan to protect against ransomware
      • Recovering from systemic identity compromise
    • Ciber Higiene
    • Threat Modeling
      • Integrating threat modeling with DevOps
  • Reportes y Estadísticas
    • Reportes de Inteligencia Microsoft
    • Microsoft Security Blog
    • Microsoft Cyber Signals
    • Reportes de 3ros
  • Microsoft Research
    • Post-quantum Cryptography
      • Post-Quantum TLS
      • Post-quantum Cryptography VPN
      • Post-Quantum SSH
    • AI + Machine Learning
      • Phi-3
  • Estándares y Regulaciones
    • Centro de confianza de Microsoft
    • Organizaciones (Ciber)
    • NIST
    • MITRE
    • CIS
    • Metodologia de Analisis y gestion de riesgos
    • Security baselines - Windows Desktop
    • Azure Blueprints
  • Bibliografia y referencias
    • Analistas de Industria
    • Congresos_Conferencias
    • SCavanna ppts
    • CECIB
    • Libros Recomendados
  • Microsoft Privacy
  • Skilling
    • Skilling
      • Ninja Serie
    • Tools
      • Regex
      • Sysinternals Utilities Index
    • Eventos
  • Social
    • Linkedin-X-Youtube
    • SME's
    • SME On Linkedin-X-Youtube
Powered by GitBook
On this page
  1. Microsoft Security Adoption Framework (SAF)

Microsoft Cybersecurity Reference Architectures

What does the MCRA include?

The MCRA includes key information about:

  • Antipatterns (common mistakes) and best practices

  • Guiding rulesets for end to end architecture

  • Threat trends, and attack patterns

  • Mapping Microsoft capabilities to organizational roles

  • Mapping Microsoft capabilities to Zero Trust standards

  • Securing privileged access

  • Reference plans in SAF (including example of patching modernization)

  • Prioritizing using attacker return on investment (ROI)

  • ...and more

The MCRA also includes detailed technical diagrams for:

  • Microsoft cybersecurity capabilities

  • Zero trust user access

  • Security operations (SecOps/SOC)

  • Operational technology (OT)

  • Multicloud and cross-platform capabilities

  • Attack chain coverage

  • Infrastructure and Development Security

  • Security organizational functions

Last updated 1 year ago

https://learn.microsoft.com/en-us/security/adoption/mcra