Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for cyber-physical systems protection platforms​​

By Jason Weber, Corporate Vice President and Distinguished Engineer, Microsoft Defender for Endpoint


Critical infrastructure is a key target of both physical and cyberattacks. Microsoft has observed an increase in reported attacks on internet-exposed operational technology (OT) devices that control real-world critical processes—like water and wastewater systems, as well as critical functions across industries including healthcare, manufacturing, energy, and more.1 Our previous Microsoft Digital Defense Reports have shown that unfortunately the security of OT devices has not kept pace with the strengthened security of IT hardware and software. As of July 2024, we had identified and shared more than 300 vulnerabilities in third-party OT applications. The initiative contributed to significant improvements in security across the OT industry.1 It highlights a need for organizations to integrate OT devices into their broader endpoint security strategy.  

We are excited to announce that Gartner has named Microsoft a Leader in the 2025 Gartner® Magic Quadrant™ for Cyber Physical Systems Protection Platforms. Gartner defines cyber-physical systems (CPS) as “engineered systems that orchestrate sensing, computation, control, networking and analytics” that connect the digital and physical worlds. They span industrial control systems (ICS), OT devices, Internet of Things (IoT) devices, and more.   

CPS devices are an inherent component to any security strategy, and as the only security platform vendor now recognized as a Leader in both endpoint and CPS security, it highlights, in our opinion, our commitment to providing customers with holistic endpoint security on any platform. Our cross-platform strategy is key to making continued progress in helping organizations protect their endpoints against the latest, and most sophisticated cyberattacks as they span operating systems and cross into CPS infrastructure, while driving continued efficiency for security operations center (SOC) teams. Read the report here.  

  

Gartner, Magic Quadrant for CPS Protection Platforms, 127 February 2025, By Katell Thielemann, Wam Voster, Ruggero Contu

Meeting the unique OT security needs of organizations in every major industry  

The core of Microsoft’s CPS offering to help secure OT environments is Microsoft Defender for IoT, which provides CPS capabilities though purpose-built sensors, and combined with Defender for Endpoint, helps provide holistic endpoint security to organizations worldwide. Both are native components of our unified security operations platform.  

CPS security is deeply embedded into Microsoft’s approach to securing devices across the platforms our customers operate on. Defender for Endpoint uses its network traffic insights to discover devices that it centralizes in a unified device inventor; we provide holistic vulnerability management for software on both user, as well as CPS devices, and bring information together in a unified incident investigation experience to enable analysts to investigate endpoint-focused attacks end-to-end.

Further, Microsoft is deeply committed to helping customers achieve cost efficiencies through our strategic Microsoft 365 E5 Security bundles, while equally allowing maximum purchasing flexibility through our standalone offers for each solution.  

Secure your enterprise IoT devices with Microsoft Defender for IoT

Innovations that drive better defense strategies  

Over the last 12 months, Microsoft has delivered significant innovations that help defenders gain the upper hand against OT and other cyberthreats including:   

Microsoft’s unified security operations platform brings the foundational tools a SOC needs into a single experience, with a consistent data model, unified capabilities, and broad protection. This unified experience helps SOCs close critical security gaps and streamline their operations, delivering better overall protection, reducing their response time by 88%, and improving overall efficiency.2 Defender for IoT is core to this platform, which combines the power of leading solutions in security information and event management (SIEM), extended detection and response (XDR), and Generative AI for security. It enables security teams to detect and respond to cyberthreats across OT environments and get key insights into their OT security posture, detect cyberthreats, and understand them in context of broader incidents.  

The unified agent combines protection across endpoints, OT devices, identities and data loss prevention (DLP) to help security teams streamline deployment and protection. The sensor is the software component that monitors and protects critical infrastructure, serving as one of the first lines of defense against cyberthreat actors. With our platform approach that brings together Microsoft Sentinel and Microsoft Defender XDRwe now have the first platform-level platform-level agent that unifies protection across four solution areas. The streamlined agent simplifies how you activate and manage core capabilities to more easily and swiftly reap the benefits of our AI-powered protection. Read more about the unified agent platform on the Microsoft Defender for Endpoint blog.  

Circular diagram displaying Unified platform agent in the middle with Endpoints, OT devices, Data loss prevention, and Identities revolving around the exterior. 

Microsoft Security Exposure Management is part of the unified security operations portal and provides a unified view of security posture across company assets and workloads. Security initiatives are an experience that provides a simple way to assess security readiness for a specific security area or workload, and to constantly track and measure exposure risk over time. The OT Securityinitiative improves your OT site security posture by monitoring and protecting OT environments in the organization, and employing network layer monitoring. This initiative identifies devices and ensures that systems are working correctly, and data is protected. Your security teams can use the OT Security initiative to identify unprotected devices and harden posture across sites through vulnerability assessments, with actionable guidance to help remediate at-risk devices. Read more about security initiatives.   

Reduce risk and optimize your security posture with Microsoft Security Exposure Management

Thank you to all our customers. You inspire us as together we work to create a safer world.  

Learn more with Microsoft Security

Visit Microsoft Defender for IoT to learn how your organization can get real-time asset discovery, vulnerability management, and cyberthreat protection for your Internet of Things (IoT) and industrial infrastructure, such as industrial control systems (ICS) and operational technology (OT).   

Are you a regular user of Microsoft Defender for Endpoint or Defender for IoT? Review your experience on Gartner Peer Insights™ and get a $25 gift card.      

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.  

1Microsoft Digital Defense Report, Microsoft. 2024.
2The Total Economic Impact™ Of Microsoft SIEM And XDR, August 2022.

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Microsoft.  

Gartner does not endorse any vendor, product, or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.  

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved.  

Gartner, Magic Quadrant for CPS Protection Platforms, 17 February 2025, By Katell Thielemann, Wam Voster, Ruggero Contu

/by

Join us for the end-to-end Microsoft RSAC 2025 Conference experience

By Dasha Zenkovich, Senior Product Marketing Manager

AI adoption is picking up speed. Many companies are growing their technology estates by embracing powerful new solutions like generative AI. But to maximize the benefits of new technology with confidence, security professionals need to stay compliant with the evolving regulatory and audit requirements in the age of AI. It is in this spirit that Microsoft invites you to join us at RSACTM 2025 Conference in San Francisco, where we will showcase end-to-end security designed to help organizations accelerate the secure adoption of AI with ready-to-go security and governance tools and solutions to multiply security teams’ productivity.

Across the Microsoft Security portfolio, our innovations, together with world-class threat and regulatory intelligence, will help give security experts the advantage they need in the era of AI. From our signature Pre-Day to hands-on demos and one-on-one meetings, join the Microsoft experience at RSAC 2025 designed just for you.

A group of men standing around a table with laptops

Microsoft at RSAC

From our signature Pre-Day to hands-on demos and one-on-one meetings, discover how Microsoft Security can give you the advantage you need in the era of AI.

Explore events 

Kick things off at Microsoft Pre-Day

The Microsoft experience at RSAC 2025 begins with Microsoft Pre-Day on Sunday, April 27, 2025, at the Palace Hotel, just around the corner from the Moscone Center. For the fourth year running, the keynote speech held on Microsoft Pre-Day will kick off the full lineup of Microsoft events and activities throughout RSAC 2025. By joining us on Sunday, you’ll have the chance to hear directly from Microsoft Security business leaders—including Vasu Jakkal, Corporate Vice President, Microsoft Security Business; Charlie Bell, Executive Vice President, Microsoft Security; Sherrod DeGrippo, Director of Threat Intelligence Strategy; and other Microsoft Security leaders as they share reporting on emerging cyberthreat trends and the product innovations designed to protect against them. Vasu will also take the RSAC 2025 stage on Day 1 for the conference keynote.

At Pre-Day, attendees will hear Microsoft Security threat intelligence on emerging trends, explore new AI-first tools, demos, and best practices, and attain a better understanding of how Microsoft can help them secure and govern their AI deployments. Attend to discover how the adaptive, end-to-end security platform from Microsoft, including Microsoft Security Copilot, can help your team catch what others miss, speed up remediation, lower your total cost of ownership, and boost—rather than burden—you and your teams.

Stick around after Pre-Day for the reception—an evening of fun, networking, and entertainment, celebrating the vibrant security community. This is a unique opportunity to meet Microsoft security leaders, expand your professional network, and learn how others are addressing the latest security trends and challenges. Light refreshments will be served. CISOs who register to attend Microsoft Pre-Day will automatically be invited to a chief information security officer (CISO) dinner with Vasu Jakkal.  

Make sure to register for Microsoft Pre-Day to join in on all the day’s activities.

Register for Microsoft Pre-Day at RSAC 2025

Dedicated calendar of events for CISOs

Microsoft will be hosting a number of events tailored to CISOs throughout RSAC 2025. To kick off the week, Microsoft will be hosting a Pre-Day, followed by the exclusive CISO dinner on April 27, 2025. Following, there will be daily lunch and learn opportunities that address some of the primary challenges facing CISOs organizations:

  • Monday April 28, 2025: Innovating Securely CISO LunchLearn insights concerning secure innovation centered around the new AI regulations, including the EU Act, Digital Operational Resilience Act (DORA), and more.
  • Tuesday April 29, 2025: SFI Executive Lunch—Open to all and focused around the needs of Latin America-based CISOs, this lunch will bring together leaders and experts interested in understanding the latest Secure Future Initiative (SFI) progress and exchanging their thoughts on related best practices.
  • Wednesday April 30, 2025Embracing Cyber resilience CISO Lunch—Attendees are invited to network, learn, and exchange their insights regarding cyber resilience as the AI landscape evolves.

Finally, CISOs who attend RSAC 2025 are invited to stay through the end of the conference to attend the Microsoft Post-Day Forum at the Microsoft Experience Center at Silicon Valley on Thursday, May 1, 2025, from 9:00 AM PT to 1:00 PM PT. The day will be full of insightful presentations, interactive discussions, networking opportunities, and a curated CISO roundtable session. This informative day will also include an immersive tour of the unique state-of-the-art Microsoft Experience Center, which highlights larger-than-life solutions that show Microsoft’s cutting-edge technology solving many of today’s challenges. This experience is facilitated by envisioning specialists who spark inspired conversations, creative ideas, and new opportunities for leaders to participate in before returning home.

Sign up for Microsoft experiences at RSAC, including the Pre-Day, the CISO dinner, CISO lunch, and the Post-Day Forum. Request a one-on-one meeting with Microsoft experts to discuss your most pressing questions here.

Discover solutions to your challenges during the keynote speech and Microsoft sessions

Vasu Jakkal speaking at RSAC 2024.

As part of the RSAC agenda, Vasu Jakkal will take the stage on Monday, April 28, 2025, at 4:40 PM PT. During the speech, she will discuss the potential of agentic workflows to dramatically reshape the security landscape. Agentic AI has the power to enable more complex problem-solving, deeper agent collaboration, and iterative learning. All of this leads us toward a previously unheard-of new paradigm for security. Join Vasu Jakkal for an imaginative look at the future of AI security agents and how the people of our security teams will work alongside them to change the game.

​After the keynote and throughout the conference, attendees will be able to split their time between the Microsoft Security sessions included in the RSAC 2025 agenda, live demonstrations at booth #5744 in Moscone North, and a variety of roundtables, one-on-one meetings, and presentations at the Microsoft Security Hub at the Palace Hotel.

Here are two sessions not to miss:

  • Tuesday, April 29, 2025, at 9:40 AM PTShaping the Future of Security with Agentic AI​—In a time of rapidly evolving cyberthreats, agentic AI is emerging as a transformative force in security. Join Dorothy Li, Corporate Vice President of Microsoft Security Copilot and Marketplace, to discover how autonomous decision-making is reshaping our approach to cybersecurity. This session will reveal how agentic AI empowers organizations to proactively mitigate risks, enhance operational efficiency, and elevate the effectiveness of your security tools. Attendees will gain actionable insights and practical strategies for harnessing the potential of agentic AI. Prepare to rethink the future of security and position your organization at the forefront of innovation.​
  • Wednesday, April 30, 2025, at 9:40 AM PT: Accelerate AI Adoption with Stronger Security—AI adoption is accelerating, creating both new opportunities and security challenges. Led by Neta Haiby, Partner Product Manager at Microsoft​, this session covers key AI adoption trends, emerging risks, and common cyberthreats. Discover actionable steps to secure and govern AI, from establishing a dedicated security team for AI to adopting AI-specific solutions, ensuring your organization can innovate with confidence.​

Other well-known Microsoft experts will host session sharing what they’ve learned from their work pioneering and securing AI:

  • Wednesday, April 30, 2025 at 8:30 AM PT: Guardians of the Cyber Galaxy: Allies Against AI-Powered Cybercrime by Sean Farrell, Assistant General Counsel, Digital Crimes Unit.
  • Monday, April 28, 2025 at 1:10 PM PT: AI Era Authentication: Securing the Future with Inclusive Identity by Abhilasha Bhargav-Spantzel, Partner Security Architect, and Aditi Shah, Senior Data and Applied Scientist.
  • Tuesday, April 29, 2025, at 8:30 AM PT: AI Safety: Where Do We Go From Here? by Ram Shankar Siva Kumar, Principal Research Lead, AI Red Team Lead.
  • Tuesday, April 29, 2025, at 2:25 PM PT: Lessons Learned from a Year(ish) of Countering Malicious Actors’ Use of AI by Sherrod DeGrippo, Director, Threat intelligence strategy.

View live demonstrations and discover engaging ways to learn at booth #5744

A woman smiling at the Microsoft booth at RSAC 2024.

At the Microsoft booth, attendees will have the chance to engage with experts, discover ready-to-go security and governance tools built for generative AI, and watch theater sessions showcasing the latest products, innovations, and industry perspectives from Microsoft. They’ll also get to enjoy a fun and interactive gaming experience. 

Microsoft product and partner experts will be on hand to showcase the newest advancements through captivating demonstrations, informative videos, and valuable resources. 

Visit the Microsoft booth theater for exclusive 20-minute demos and expert-led sessions on the latest in security and AI. Explore strategies to protect, govern, and secure AI. Listen in to insights on identity, compliance, privacy, threat defense, data protection, and more. Don’t miss this opportunity to learn from industry leaders and stay ahead in the ever-evolving security landscape.

Meetings and connections at the Microsoft Security Hub

The historic and luxurious Palace Hotel is home base for Microsoft during the week. RSAC 2025 attendees are invited to meet with Microsoft experts and executives, attend thought leadership sessions and roundtable lunches, and join networking opportunities. Detailed information about individual sessions can be found on the Microsoft Security Experiences at RSAC 2025 Landing Page.

Customers are also invited to deepen their understanding of the latest cybersecurity threats, trends, and developments by discussing their most important security product and threat intelligence questions directly with Microsoft security experts through scheduled one-on-one meetings, held from Monday, April 28, 2025, to Wednesday, April 30, 2025, at the Palace Hotel. Request your meeting directly through the Microsoft Security Experiences at RSAC 2025 Home Page.

The Microsoft Intelligent Security Association (MISA) will once again have a considerable presence at RSAC 2025. MISA partners will be featured in the Microsoft Booth #5744 and included in other events happening throughout the week. Additionally, the sixth annual Microsoft Security Excellence Awards, presented by MISA, will be held at the Palace Hotel in San Francisco on April 28, 2025, celebrating our finalists and announcing winners in nine award categories as well as enjoying a time of connecting. 

Activities include:

  • MISA demo station: Stop by the Microsoft Booth to explore the innovative solutions developed by MISA members, which integrate Microsoft Security technology.
  • Theater sessions: Attend one or more of our five theater sessions at the Microsoft booth, led by MISA members, focusing on partner strategies and solutions for cyberthreat protection.
  • View the MISA demo and theater schedule.
  • MISA Partner awards: MISA members are invited to attend the Microsoft Security Excellence Awards on Monday, April 28, 2025, where winners will be announced in nine security award categories.

Get the most by staying through Microsoft Post-Day

Microsoft Post-Day Forum is a unique experience designed to help customers, CISOs, and security leaders dive deep into new concepts, ask questions they need answered about product features, and prepare to realize and enable the AI-first, end-to-end security concepts they’ve learned about throughout RSAC 2025. The Microsoft Post-Day Forum, hosted by Microsoft Security executives, will be held on Thursday, May 1, 2025, from 10:00 AM PT to 1:00 PM PT, at the Silicon Valley Experience Center. Pick up for the event will be held at the Palace Hotel at 8:00 AM PT, with drop off organized for 2:00 PM PT.

We look forward to seeing you at RSAC 2025!

Learn more about the Microsoft experience at RSAC 2025

Customers and partners can register for the events highlighted in this blog as well as other Microsoft ancillary events and more here.

Explore Microsoft Security events at RSAC 2025

/by