I purposely had held off on doing just a February Newsletter knowing that RSA was at the beginning of March and would bring lots of exciting announcements.  However, when I went to go compile the newsletter I realized that not only were there a lot of announcements to pass along but there were also several webinars (see Part 1 of the newsletter) that kicked off that deserved their own communication.  Provided below are the announcements specific to Microsoft Security that occurred over the past 6-8 weeks.

General News

• Microsoft’s Ann Johnson Keynotes RSA 2019
• Microsoft Announces Azure Sentinel – Cloud native Security Information and Event Management (SIEM) service with built-in AI for analytics
• Securing your digital transformation
• Top five cybersecurity tips from our execs
• CISO series: Secure your privileged administrative accounts with a phased roadmap
• CISO series: Lessons learned from the Microsoft SOC—Part 1: Organization
• Securing the future of AI and machine learning at Microsoft
• How Azure Security Center helps you protect your environment from new vulnerabilities
• Announcing new Azure Security Center capabilities at RSA 2019
• Microsoft Graph Security app now available on Cortex by Palo Alto Networks

Microsoft 365 Security (All Up News)

• Introducing the Microsoft 365 security center and Microsoft 365 compliance center
• Introducing new code-free options to connect with Microsoft Graph Security
• Enable Microsoft conditional access to only allow trusted users access to company data on trusted devices using trusted apps (Video)
• Exchange Online and the Security & Compliance Center to comply with SEC Rule 17a-4
• Microsoft and Zscaler enhance the remote user experience for iOS users
• M365 Updated Roadmap

Identity & Data Protection (Azure AD, Intune, AIP, MCAS)

• Azure AD Mailbag is Back – Bookmark this site
• Block OneDrive Downloads and Audit OneDrive Activity! (SharePoint too!)
• Reduce costs and increase efficiency with MDM security baselines
• Azure AD:  the latest on #passwordless auth from the team
• Microsoft Information Protection now extends beyond Rights Management
• AzureAD now supports encrypted SAML tokens!
• Automate information collection to expedite threat response using the new Microsoft Graph Security connector for Azure Logic Apps and  Microsoft Flow.
• Enhancements to the Azure AD combined MFA and password reset registration experience
• Access Reviews update – You can now include multiple groups or apps in a single Azure AD access review for group membership or app assignment
• Information Protection Updates in M365 (video)
• Azure Information Protection helps you to be more secure by automatically discovering credentials

Threat Protection (Office ATP, Windows Defender ATP, Azure ATP/ATA)

• Announcing Microsoft Threat Experts
• Unified SecOps Investigation for Hybrid Environments
• The evolution of Microsoft Threat Protection, March update (video)
• The evolution of Microsoft Threat Protection, February update
• Two new detection alerts to GA (general availability) and one new detection to Preview status Azure Advanced Threat Protection
• Inside SecOps(w/ WDATP): Are we impacted by this new APT campaign?
• Recommendations for deploying the latest Attack surface reduction rules for maximum impact
• Azure ATP detects attempts at Data exfiltration over SMB
• Tutorial overview: Azure ATP security alert lab