To help combat emerging threats, Microsoft employs an innovative Assume Breach strategy and leverages highly specialized groups of security experts, known as the Red Team, to strengthen threat detection, response and defense for its enterprise cloud services.

Below is the document that outlines their strategy. Great read, understanding of Microsoft’s “Red Team” Approach.

http://download.microsoft.com/download/C/1/9/C1990DBA-502F-4C2A-848D-392B93D9B9C3/Microsoft_Enterprise_Cloud_Red_Teaming.pdf

Alongside this check out the channel 9 video that was released that discussing the following:

  • Methods of improving Azure security
  • How Azure security operates
  • Understanding emerging threats
  • Red team and blue team roles
  • Model real-world attacks, identify gaps, and demonstrate impact
  • Detect and respond, enhance awareness, and measure readiness and impact

http://channel9.msdn.com/Shows/Azure-Friday/Red-vs-Blue-Internal-security-penetration-testing-of-Microsoft-Azure

Great transparency on the approaches that Microsoft take.