Microsoft is expanding its free security tools following backlash in the aftermath of an attack that saw US government emails accessed by Chinese hackers.

Microsoft is taking heat over a breach that saw US government email accounts breached by Chinese hackers. In the wake of that attack, US officials criticized Microsoft’s stance of keeping some security and logging features behind a paywall, only making them available to Microsoft’s highest-tier cloud subscribers. As a result, while government agencies were able to detect the breach, customers subscribing to lower tiers would have no way of knowing if they were impacted.

“Every organization using a technology service like Microsoft 365 should have access to logging and other security data out of the box to reasonably detect malicious cyber activity,” a senior CISA official said last Wednesday.

It appears Microsoft has received the message loud and clear and is expanding its free security features, according to a company blog post:

Today we are expanding Microsoft’s cloud logging accessibility and flexibility even further. Over the coming months, we will include access to wider cloud security logs for our worldwide customers at no additional cost. As these changes take effect, customers can use Microsoft Purview Audit to centrally visualize more types of cloud log data generated across their enterprise.

The move was praised by CISA officials:

“After working collaboratively for over a year, I am extremely pleased with Microsoft’s decision to make necessary log types available to the broader cybersecurity community at no additional cost,” said CISA Director Jen Easterly. “While we recognize this will take time to implement, this is truly a step in the right direction toward the adoption of Secure by Design principles by more companies. We will continue to work with all technology manufacturers, including Microsoft, to identify ways to further enhance visibility into their products for all customers.”