Microsoft Security Saturday 10-26-19

 Wow, wow, wow..What a week. MCAS was recognized by Gartner as a leader in the CAS-B market. Also, in addition to that news there was really good content published around Zero Trust and Microsoft’s push to secure endpoints down to the firmware level. Happy reading.

Gartner names Microsoft a Leader in CASB MQ 2019

mcas gartner

New Secured-core PC requirements designed to protect against targeted firmware attacks

To combat threats specifically targeted at the firmware and operating system levels, we’re announcing a new initiative we’ve been working on with partners to design what we call Secured-core PCs. These devices, created in partnership with our PC manufacturing and silicon partners, meet a specific set of device requirements that apply the security best practices of isolation and minimal trust to the firmware layer, or the device core, that underpins the Windows operating system. These devices are designed specifically for industries like financial services, government and healthcare, and for workers that handle highly-sensitive IP, customer or personal data, including PII as these are higher value targets for nation-state attackers.

Going to Microsoft Ignite 2019? Join us in the Microsoft 365 Compliance sessions!

Did you know that Microsoft can help you with your risk management, data protection and compliance requirements? Join us at Microsoft Ignite in the Microsoft 365 Compliance sessions to stay up to date with the latest tools and best practices.

Integrating Azure Security Center with Azure Sentinel

Before explaining how Azure Security Center integrates with Azure Sentinel, it is very important to understand the use case of each one of those solutions. Knowing how to positioning them, will help you to understand the key problems that each solution is addressing and how this reflects to your own scenario.

Microsoft Intune helps high-security customers authenticate using derived credentials on mobile

Many high-security organizations offer secure passwordless access to corporate data using smart cards. The end user does not have their username and password. Employees and contractors use physical smart card readers to authenticate themselves for secure access to desktops and laptops.

Introducing new videos on security and risk fundamentals of the Microsoft cloud environment

We are excited to announce some great new videos to help you familiarize yourself with the Microsoft Cloud security, privacy and risk practices!

Assessing your Zero Trust readiness with the Microsoft Maturity Model

As we digitally transform our companies, we need to transform our security model to one which assumes breach. The model should explicitly verify activities and automatically enforce security controls using all available signal, and employ the principle of least privileged access. This model is commonly referred to as “Zero Trust.”

Accessing Azure Security Center Alerts in Splunk using Graph Security API Integration

In August a new Microsoft Graph Security API add-on for Splunk for introduced, and you can read this article for more information on how to configure it. After finishing configuring this integration, the alerts from Azure Security Center will be start flowing to Splunk. Here are the core steps that you can use to access these alerts:

Security baseline (DRAFT) for Chromium-based Microsoft Edge, version 78

Microsoft is pleased to announce the draft release of the recommended security configuration baseline settings for the next version of Microsoft Edge based on Chromium, version 78. Please evaluate this proposed baseline and send us your feedback through the Baselines Discussion site.

Guarding Against Physical Attacks:  The Xbox One Story

ASOS enhances app security with automated user provisioning in Azure Active Directory

In the online fashion world, few companies come close to the scale and reach of ASOS. But that scale also creates some significant security challenges. To overcome these challenges, ASOS adopted Microsoft Azure Active Directory to automate provisioning and deprovisioning of user accounts across its extensive software as a service (SaaS) app landscape.