Another exciting month of product announcements, enhancements and guidance for Microsoft Security that wrapped up with RSA last week.  As always, all the content is great but I would prioritize the articles in italics.

If you would like to receive a version of this newsletter on a weekly basis, you can sign-up here.

General News

• Ghost in the shell: Investigating web shell attacks
• Microsoft at RSA Conference 2020: News resources in advance of next week’s big security event
• Microsoft Graph Security API add-on is now available for Splunk Cloud!
• Afternoon Cyber Tea podcast: Ann Johnson interviews author and business founder Jane Frankland about AI in cybersecurity
• #SecureDevelopment: Security for Developers
• Defending the power grid against supply chain attacks—Part 1: The risk defined
• Guarding against supply chain attacks—Part 2: Hardware risks
• Microsoft Intelligent Security Association partnership program for IoT security vendors
• Protecting users from potentially unwanted applications in Microsoft Edge
• Mattress Firm deployed Azure Active Directory to securely connect Firstline Workers to their SaaS apps and to each other
• Unifying security policy across all mobile form-factors with Wandera and MicrosoftChanging the Monolith—Part 4: Quick tech wins for a cloud-first world

Azure Security & Compliance News

• Azure Sentinel uncovers the real threats hidden in billions of low fidelity signals
• Securing your organization in an evolving IoT threat landscape
• Using Azure Security Center API for Workflow Automation
• Bring your threat intelligence to Azure Sentinel
• Closing an Incident in Azure Sentinel and Dismissing an Alert in Azure Security Center
• New Azure Firewall certification and features in Q1 CY2020
• The Adventure of Automating Azure Security Center Part 1
• Azure Firewall Manager now supports virtual networks
• Scaling Up Syslog CEF Collection with Azure Sentinel
• Azure Security Center for IoT RSA 2020 announcements
• Free import of AWS CloudTrail logs through June 2020 and other exciting Azure Sentinel updates
• What’s New: Reduce alert noise with Incident settings and alert grouping in Azure Sentinel
• Be Aware, Azure Security Center CSV Reports is Now Generally Available!
• Obtaining the Direct Link to Security Recommendations
• Fileless attack detection for Linux is now in preview
• Azure Security Center for IoT real-time operating system support
• Azure Sentinel Insecure Protocols Workbook Implementation GuideNERC CIP compliance in Azure

Microsoft 365 Security (All Up News)

• What’s new in the public preview for Microsoft Secure Score
• How to operationalize Microsoft Secure Score in your organization
• Secure productivity expands with previews of Safe Documents, Application Guard integration with Office 365 ProPlus
• Microsoft Partners with Terranova Security for Security Awareness Training

M365 Identity & Data Protection (Azure AD, Intune, AIP, MCAS)

• Securing Sensitive Data with the AIP Unified Labeling Scanner
• Inside Identity: How Microsoft and F5 are partnering for a more inclusive platform
• Three ways Azure AD Conditional Access balances security and productivity
• Moving to unified labeling webinar
• Microsoft Information Protection and Compliance Webinar Page
• Preview of Active Directory authentication support on Azure Files
• Microsoft Azure Information Protection Secures Power BI Data Exports for a Seamless DLP Strategy
• Public preview of Azure AD support for FIDO2 security keys in hybrid environmentsAnnouncing automatic labeling in Office Apps using ready-to-use classifiers – Limited Preview

M365 Threat Protection (Office ATP, Windows Defender ATP, Azure ATP/ATA)

• Microsoft Threat Protection stops attack sprawl and auto-heals enterprise assets with built-in intelligence and automation
• Enable tamper protection in Threat & Vulnerability Management to increase your security posture
• Announcing GA of O365 ATP Campaign Views and Compromise User Detection and Response
• Microsoft Defender ATP for Linux is coming! …And a sneak peek into what’s next
• Webinar: Bringing IT and security together: Microsoft Defender ATP Threat & Vulnerability
• [UPDATED]  Introducing remote deployment guidance for Microsoft Defender ATP and Office 365 ATPPut regulation fears to rest when deploying Microsoft Defender ATP

M365 Compliance & Governance

• How Microsoft 365’s new solution uses machine learning to stop data leaks and insider attacks
• Power faster and more effective forensic and compliance investigations
• Announcing the general availability of Communication ComplianceNew capabilities for eDiscovery now available