Microsoft Security Saturday – 2/29/2020

You can sign-up here to have this delivered to your inbox every Saturday.

Microsoft Defender ATP for Linux is coming! …And a sneak peek into what’s nextThe Microsoft Defender ATP team is thrilled to announce public preview of Microsoft Defender ATP for Linux and a sneak peek into our mobile threat defense capabilities for Android and iOS!

Microsoft Azure Information Protection Secures Power BI Data Exports for a Seamless DLP StrategyBusiness Intelligence and Analytics are often restricted in Healthcare organizations due to regulatory concerns about sensitive data such as Personally Identifiable Information (PII). Report viewers often want to export data from reports, but until now there has been no way to effectively track and protect exported files of data. Also, allowing access to reports from un-managed devices has often been an all-or-nothing approach. Microsoft Information Protection and Cloud App Security tools are now in Preview for Power BI as part of your enterprise Data Loss Prevention strategy.

Public preview of Azure AD support for FIDO2 security keys in hybrid environmentsUsers can now use FIDO2 security keys to sign in to their Hybrid Azure AD joined Windows 10 devices and get seamless sign-in to their on-premises and cloud resources.  Since the launch of the public preview of FIDO2 support for Azure AD joined devices and browser sign ins, this has been the top most requested feature from our passwordless customers.

Announcing automatic labeling in Office Apps using ready-to-use classifiers – Limited PreviewAs part of this preview, the Microsoft 365 Compliance Center will allow you to create sensitivity labels and corresponding automatic or recommended labeling policies in Office apps using ready to use classifiers.

A secure foundation for IoT, Azure Sphere now generally availableToday Microsoft Azure Sphere is generally available. Our mission is to empower every organization on the planet to connect and create secured and trustworthy IoT devices. General availability is an important milestone for our team and for our customers, demonstrating that we are ready to fulfill our promise at scale.

Microsoft Partners with Terranova Security for Security Awareness TrainingMicrosoft is pleased to announce a strategic partnership with Terranova Security to provide world-class security training to end users. Through this partnership, we will address our customers’ most significant risk vectors – phishing driving risky end user behaviors. 

Fileless attack detection for Linux is now in previewAs attackers increasing employ stealthier methods to avoid detection, Azure Security Center is extending fileless attack detection for Linux, in addition to Windows. Fileless attacks exploit software vulnerabilities, inject malicious payloads into benign system processes, and hide in memory.

Protecting users from potentially unwanted applications in Microsoft Edge – In the new Microsoft Edge (beginning with 80.0.338.0), we’ve introduced a new feature to prevent downloads that may contain potentially unwanted apps (PUA), by blocking those apps from downloading.

Azure Sentinel Insecure Protocols Workbook Implementation GuideIn this blog series, we’ll examine the Insecure Protocols Workbook and how, with minimal on-premise configuration, you can leverage its capabilities. In this first blog, I’ll provide a mostly “bare bones” instructional configuration set that you can follow in order to use the IP Workbook. In the coming months, we’ll examine each protocol, the attack vectors it comprises, and how you can finally remove it by leveraging the IP Workbook.

Azure Security Center for IoT real-time operating system supportAzure Security Center for IoT now extends support for Azure real-time operating system (RTOS) in addition to Linux (Ubuntu, Debian) and Windows 10 IoT core operating systems.

Obtaining the Direct Link to Security RecommendationsAs customers continue their journey to improve their security posture in Azure by leveraging Azure Security Center Secure Score, they are realizing that collaboration among different teams is critical. The reason behind this statement is because usually the Security Team that manages Azure Security Center may not have privileges to change the settings in the workload in order to remediate a recommendation.