Microsoft Security Saturday – 2/15/2020

You can sign-up to have Microsoft Security Saturday posts delivered via email here.

Mattress Firm deployed Azure Active Directory to securely connect Firstline Workers to their SaaS apps and to each otherA connected workforce is fundamental to business. Learn how Azure AD protects Mattress Firm employees’ identities across the business.

What’s new in the public preview for Microsoft Secure ScoreWhile the overall mission of Microsoft Secure Score remains unchanged our focus has. In our first iterations we focused on how we surfaced the score itself and the experiences of navigating through a large set of recommendations. With this release and those to come we’re shifting Microsoft Secure Score from simply being a of threat prioritized recommendations to one that we hope will become the killer productivity app for security administrators. In the public preview, you’ll see that shift already well under way with features that will help security administrators.

Secure productivity expands with previews of Safe Documents, Application Guard integration with Office 365 ProPlusToday, we‘re announcing two new Microsoft 365 capabilities that will help organizations stay both secure and productive at the same time. The power of these capabilities comes from the seamless integration between Windows 10, Office 365 ProPlus, and Microsoft Defender Advanced Threat Protection (ATP). We previously gave a “sneak peak” at Ignite and are excited to share publicly now.

Afternoon Cyber Tea podcast: Ann Johnson interviews author and business founder Jane Frankland about AI in cybersecurity (podcast) – Jane and I talked about how important it is for defenders to think like an attacker and the security challenges facing chatbots and other artificial intelligence (AI) technologies. One critical concern that we need to address is the replication of cultural bias in our AI.

Put regulation fears to rest when deploying Microsoft Defender ATPIn some countries, data collection can be a cause for concern. Organizations and roles such as German Workers Council and Data Protection Officers (DPO) want to know exactly what happens with the data found on an end-user’s computer. One of the main concerns of the Workers Council is that such technologies must not be used to analyze user performance. To address these concerns, it’s critical for the Workers Council and Data Protection Officers to understand what user data is being collected, how the user data is being analyzed, and how its protected.

Changing the Monolith—Part 4: Quick tech wins for a cloud-first worldTransformation is a daunting task. In this series, I explore how change is possible when addressing the components of people and technology that make up an organization.

Office 365 Email Activity and Data Exfiltration DetectionThis article shows how to use Office 365 message trace to analyze email activity and detect various security use cases like data exfiltration in Azure Sentinel.

[UPDATED]  Introducing remote deployment guidance for Microsoft Defender ATP and Office 365 ATPIn today’s heterogeneous environments, security is becoming more and more complex. Customers are facing a growing attack surface and need help speeding up deployment of their protection tools at scale. 

Bring your threat intelligence to Azure SentinelWithin a Security Information and Event Management (SIEM) solution like Azure Sentinel, the most utilized form of CTI is threat indicators, often referred to as Indicators of Compromise or IoCs. Threat indicators are data that associates observations such as URLs, file hashes, or IP addresses with known threat activity such as phishing, botnets, or malware.

#SecureDevelopment: Security for DevelopersEven if software security isn’t your full-time job, people are going to expect you, as a developer, to know what is going on. The good news is there are amazing security innovations happening right now, like using machine learning to analyze security threats with Azure Sentinel and Semmle’s semantic understanding engine to defend against cybersecurity vulnerabilities in open source code on GitHub.

NERC CIP compliance in AzureMicrosoft has made substantial investments in enabling our Bulk Electric System (BES) customers to comply with NERC CIP in Azure.