And were those incidents detected by the competitor or a client?
> One of the more damaging findings was that Microsoft learned of the attacks only because the State Department had set up an internal alert system after purchasing a G5 license from the company.
Although I mean the lack of on-prem really should be a nonstarter for a lot of large companies. Having a defense in depth where you need to be on the VPN before you can actually authenticate to the services does help. Or in the case of governments; they can run private fiber lines between buildings and then you can't even attack the server from the public web.
Those are bugs in their products, not breaches in their clouds. I'm not aware of a single breach in GCP or AWS. Certainly nothing on the scale of either of Microsoft's.
And were those incidents detected by the competitor or a client?
> One of the more damaging findings was that Microsoft learned of the attacks only because the State Department had set up an internal alert system after purchasing a G5 license from the company.
Although I mean the lack of on-prem really should be a nonstarter for a lot of large companies. Having a defense in depth where you need to be on the VPN before you can actually authenticate to the services does help. Or in the case of governments; they can run private fiber lines between buildings and then you can't even attack the server from the public web.