Microsoft Security Saturday – 02/22/2020 Part 2 (Pre-RSA News)

As a reminder that you can get Security Saturday posts delivered to your inbox by signing-up here.

Microsoft Threat Protection stops attack sprawl and auto-heals enterprise assets with built-in intelligence and automationGenerally available Microsoft Threat Protection (MTP) provides the built-in intelligence, automation, and integration to coordinate protection, detection, response, and prevention by combining and orchestrating into a single solution the capabilities of Microsoft Defender Advanced Threat Protection (ATP) (endpoints), Office 365 ATP (email), Azure ATP (identity), and Microsoft Cloud App Security (apps).

Announcing the general availability of Communication ComplianceToday, we move to the next phase and are excited to announce the general availability of Communication Compliance. Now, all multi-tenant customers worldwide can access this solution. Communication Compliance helps your organization identify and take action on code of conduct policy violations.

Announcing GA of O365 ATP Campaign Views and Compromise User Detection and ResponseToday, I’m thrilled to announce the general availability of two extremely popular and valuable features in the Office 365 Advanced Threat Protection offering: Campaign Views and Advanced Compromised user detection and response. These features together greatly amplify the protection of organizations by helping security teams detect compromised users sooner, identify configuration weaknesses faster and improve security posture. 

Announcing the general availability of Insider Risk ManagementIn Microsoft 365 helps you and your organization leverage machine learning to identify and action on insider risks. Our born-in-the-cloud multi-tenant solution is designed for scale and is currently processing over 2 billion audit events and emails daily. Since Insider Risk Management went to public preview in mid-January we have had tremendous customer engagement. The primary feedback from customers in the preview was the ability to quickly just get started, even without the need to deploy agents to configure manual data ingestion. 

Power faster and more effective forensic and compliance investigations – We are pleased to share that Advanced Audit for Microsoft 365 is now rolling out. The new set of capabilities are aimed to power faster and more effective forensic compliance investigations. These updates include: Extending the preservation of a user’s audit activities from 90 days to 1 year, Increasing bandwidth access to the Management Activity API, Access to crucial events for investigations

Free import of AWS CloudTrail logs through June 2020 and other exciting Azure Sentinel updatesOur innovation continues, and we have some exciting news to share for the RSA 2020 conference including the ability to import AWS CloudTrail data for free through June 2020, opportunities to win up to $1,000 for community contributions, and many other product updates.

Azure Security Center for IoT RSA 2020 announcementsAzure Security Center for IoT announces the availability of an Azure Sentinel connector that provides onboarding of IoT data workloads into Sentinel from Azure IoT Hub-managed deployments. This integration provides investigation capabilities on IoT assets from Azure Sentinel allowing security pros to combine IoT security data with data from across the organization for artificial intelligence or advanced analysis. With Azure Sentinel connector you can now monitor alerts across all your IoT Hub deployments, act upon potential risks, inspect and triage your IoT Incidents, and run investigations to track attacker’s lateral movement within your network.