Microsoft Security Saturday – 04/04/2020

To receive this weekly post in your email you can sign-up here.

PSA!!!!!, Basic Authentication and Exchange Online – April 2020 UpdateIn response to the COVID-19 crisis and knowing that priorities have changed for many of our customers we have decided to postpone disabling Basic Authentication in Exchange Online for those tenants still actively using it until the second half of 2021. We will provide a more precise date when we have a better understanding of the impact of the situation.

Technical guidance from across Microsoft for security strategy and architecture Check out the new security docs site Microsoft just published to make it easier for #cybersecurity professionals to do their job. Central place for resources + bonus 55 new videos on Security Best Practices! (security architecture recommendations section)

Zero Trust Assessment tool now live!For many organizations, there are two options: route all remote traffic through a strained legacy network architecture, resulting in poor performance and user productivity; or relax restrictions and risk losing protection, control, and visibility. Many organizations are turning to Zero Trust security framework to better support remote work and manage risk.

Frequent questions about using Conditional Access to secure remote accessOrganizations asking employees to work from home to slow the spread of COVID-19 are making huge organizational and process changes in a matter of weeks, not years. For them, quickly enabling remote work while keeping company data safe presents new challenges and amplifies old ones.

Help for Security Operations Centers facing new challengesCOVID-19 is forcing many organizations to adapt almost overnight to the new reality of social distancing and orders to stay home. As organizations act quickly to enable remote workers, students, customers, and other constituents, many are turning to cloud services and platforms for solutions. For many organizations, this includes enabling new cloud technologies or significantly increasing use of existing solutions almost overnight.

Secure your remote workforce with Microsoft Defender ATPTo help rapidly expand protection to the growing number of remote worker devices, we’re offering guidance, recommendations, and tips so that you can stay protected, get the most out of your investment, and unlock additional tools that are available for you.

Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to doAs part of intensified monitoring and takedown of threats that exploit the COVID-19 crisis, Microsoft has been putting an emphasis on protecting critical services, especially hospitals. Now more than ever, hospitals need protecting from attacks that can prevent access to critical systems, cause downtime, or steal sensitive information.

Azure AD pass-through and password hash authentication support for SQL DB, DW and Managed InstanceWe are announcing support for Azure AD pass-through and password hash authentication for Azure SQL DB (single database and database pools), Managed Instance, and Azure Synapse (formerly SQL DW).

Azure Sentinel To-Go: Sentinel Lab w/ Prerecorded Data & a Custom Logs Pipe via ARM Templates This post is part of a two-part series where I will show you how to deploy your own Azure Sentinel solution in a lab environment via Azure Resource Management (ARM) templates along with a custom logs ingestion pipeline to consume pre-recorded datasets and other resources for research purposes.

Enable remote collaboration quickly and securely with Azure ADIf you’re looking to enable your workforce and partners to collaborate effectively from remote locations, here are some things to keep in mind.

Access Azure Sentinel Log Analytics via API (Part 1)In this blog, I want to discuss a use case that is not very well documented, “… how do I use the Log Analytics API to connect to my Sentinel’s Workspace and query the data?”

Protecting your Teams with Azure SentinelRecent events have forced many organizations (including Microsoft) to move to a work from home model for their users. In order to ensure their users remain connected and productive they are turning to productivity tools such as Microsoft Teams.

What’s New: Improved Incident Closing Experience is now Available!This installment is part of a broader series to keep you up to date with the latest features in Azure Sentinel. The installments will be bite-sized to allow you to easily digest the new content.

Enabling security research & hunting with open source IoT attack dataAt Microsoft the data from attacks that we see against our cloud services informs our security research and investments. Microsoft uses this data, and other sources, to track emerging threats as well as to improve the detection coverage of our security offerings. The results of this benefits customers through products such as Azure Security Center and Azure Sentinel.