Microsoft Security Saturday – 04/11/2020

To receive Microsoft Security Saturday in your inbox you can sign-up here.

CVP Jared Spataro details commitment to privacy and security in Microsoft TeamsNow more than ever, people need to know that their virtual conversations are private and secure. At Microsoft, privacy and security are never an afterthought. It’s our commitment to you—not only during this challenging time, but always.

Microsoft shares new threat intelligence, security guidance during global crisis – Our inboxes, mobile alerts, TVs, and news updates are all COVID-19, all the time. It’s overwhelming and attackers know it.

Secure remote access to on-premises appsAs COVID-19 continues to require social distancing to ensure everyone’s safety, we have seen many companies support their employee’s needs and promote safety by allowing them to work from home and use online tools to collaborate. 

Turning collaboration and customer engagement up with a strong identity approachBalancing friction-less collaboration and highly targeted engagement with privacy and security is not easy, but you don’t have to go it alone.

Protecting your data and maintaining compliance in a remote work environmentBusiness continuity is an imperative, and you must rely on your employees to stay connected and productive outside of the traditional digital borders of business. In doing so, identifying and managing potential risks within the organization is critical to safeguarding your data and intellectual property (IP), while supporting a positive company culture.

Mobile security—the 60 percent problemWhat percentage of endpoints in your organization are currently protected?

Enable remote work while keeping cloud deployments secureAzure Security Center security controls can help you monitor your security posture as usage of cloud assets increases.

Hunt more broadly and effectively with new Microsoft Threat Protection features on previewThe Microsoft Threat Protection team has been working hard to make your advanced hunting experience even more straightforward, interesting, and productive.

Azure ATP now detects SMBGhostThe SMB vulnerability CVE-2020-0796, also known as “SMBGhost” or “CoronaBlue”, was published a few days ago. This CVE is about a potential remote code execution due to a buffer overflow vulnerability in the way SMBv3 (3.1.1) handles SMBv2 compression requests.

Announcing public preview of auto classification with sensitivity labels in Microsoft 365 servicesAt Microsoft, our goal is to provide a built-in, intelligent, unified, and extensible solution to protect sensitive data across your digital estate – in Microsoft 365 cloud services, on-premises, third-party SaaS applications, and more.

App Protection Policies and Shared/Delegate Mailboxes with Outlook mobileI regularly receive questions regarding Outlook mobile’s support for shared and delegate mailbox scenarios, especially when Intune App Protection Policies are in play.

Securing Authenticated SMTP in Exchange OnlineThe SMTP AUTH protocol is used to submit millions of emails every day. The majority of the clients connecting to Exchange Online like this are devices such as multi-function printers or some piece of software that send automated emails. 

Azure Security Center – automating Change Requests in ServiceNow using Workflow automation.In this blog post we will explore how to use Azure Security Center’s – Workflow automation (now generally available) to identify a recommendation and create a Change Request in ServiceNow.

Azure Sentinel Sigma & SOC Prime Integration (Part 2)In the second installment of this blog we focus on the second integration point with SOC Prime, that is, the ability to advance your security analytics with SOC Prime’s extensive threat detection marketplace.

Azure Sentinel Data Enrichment – Walk-through with Scripting, KQL and PlaybooksOrganizations are migrating over to Azure Sentinel as their primary cloud SIEM solution and they’re looking at ways to enrich their data that’s being connected via service-to-service.