Microsoft Security Saturday- 07/17/2020 (Sunday Edition)

Out of the office this week and a little delayed in getting this week’s edition of the newsletter out.

Announcing general availability of the new version of Microsoft Secure Score – Earlier this year we blogged about the latest public preview of Microsoft Secure Score and today we’re pleased to announce that we‘ve completed our global roll out making it generally available to all of our commercial customers.

Become a Microsoft Defender ATP NinjaDo you want to become a ninja for Microsoft Defender ATP? We can help you get there! We collected content for two roles: “Security Operations (SecOps)” and “Security Administrator (SecAdmin)”.

Short & sweet educational videos on Microsoft Threat ProtectionMicrosoft Threat Protection (MTP) is an integrated, cross-domain threat detection and response solution. It provides organizations with the ability to prevent, detect, investigate and remediate sophisticated cross-domain attacks within their Microsoft 365 environments. To help you get started with MTP and take advantage of its capabilities we’ve compiled a series of short videos. 

Announcing high value asset tagging in Microsoft Defender ATPThe first use case scenario for this is in threat and vulnerability management. This feature, now in public preview, will help customers differentiate between asset priorities, which results in a more accurate assessment of their overall risk.

Microsoft Endpoint Manager: Create & Audit an ASR PolicyMicrosoft recommends a balanced and pragmatic approach focused on reducing the overall attack surface. Implementing ASR rules is a great place to start.

Johnson Controls makes working from home easier and more secure with Azure AD and Zscaler ZPABy implementing Zscaler Private Access (ZPA) and integrating it with Azure Active Directory (Azure AD), Johnson Controls was able to improve both security and the remote worker experience.

5 cybersecurity paradigm shifts that will lead to more inclusive digital experiencesAt Microsoft, cybersecurity is the underpinning to helping organizations maintain business continuity during times of change.

CISO Stressbusters Post #3: 3 ways to share accountability for security risk managementAlthough I currently work as a Chief Security Advisor at Microsoft, I’ve spent the last decade of my career as a CISO in companies like Eli Lilly and Coca-Cola. I know first-hand how stressful this role can be. Distributing accountability can alleviate some of the pressure.

Prevent and detect more identity-based attacks with Azure Active DirectoryOver the years the Microsoft Security Operations Center (SOC) has learned a lot about how identity-based attacks work and how to reduce them. We’ve leveraged these insights to refine our processes, and we’ve worked with the Azure AD product group to improve Microsoft identity solutions for our customers.

Microsoft Intelligent Security Association expands to include managed security service providers“Today we’re happy to bring a win-win-win offering by enabling MSSPs and managed detection and response partners to sell and deploy not just Microsoft’s security solutions but more importantly our joint solutions with our independent software vendor partners.”

Azure AD Mailbag: Managing and reviewing exception lists more rigorously with access reviewsLet’s say we exclude some users from a Conditional Access policy temporarily for the next week, with good intentions to remove them as soon as the project is done. We often forget that last part, so access reviews help not only with reviewing these exclusions at regular intervals, but also transferring the work from IT admins to the end users themselves to attest they still need that exclusion or access to a resource.

Azure Files support and new updates in advanced threat protection for Azure StorageToday we’re excited to announce the preview of extending advanced threat protection for Azure Storage to support Azure Files and Azure Data Lake Storage Gen2 API, helping our customers to protect their data stored in file shares and data stores designed for enterprise big data analytics.

Creating a Custom Dashboard for Azure Security Center with Azure Resource GraphWhile the Azure Security Center dashboard is extremely rich with detail information about different workloads, recommendations, and alerts, in some scenarios you may need to customize your dashboard to visualize only what is important for your daily activities.

Azure Sentinel: The connectors grand (CEF, Syslog, Direct, Agent, Custom and more)Most network and security systems support either Syslog or CEF (which stands for Common Event Format) over Syslog as means for sending data to a SIEM. This makes Syslog or CEF the most straight forward ways to stream security and networking events to Azure Sentinel.

The Benefits of Advanced Threat Detection in Azure SQL DatabaseOne of the major benefits of Azure SQL Database is that the Azure platform provides additional protection for your database against SQL Injection attacks and Data Exfiltration, amongst other threats.

What’s New: Azure Sentinel Machine Learning Behavior Analytics: Anomalous RDP Login DetectionWe are delighted to introduce the Public Preview for the Anomalous RDP Login Detection in Azure Sentinel’s latest machine learning (ML) Behavior Analytics offering.

Security baseline for Microsoft Edge v84We are pleased to announce the enterprise-ready release of the security baseline for Microsoft Edge version 84!

What’s New: Cross Workspace Hunting is now available!The cross-workspace incident view alleviates the challenge of managing several workspaces and provides the ability to investigate them as if you were connected to the original environment. 

Azure Sentinel Workbooks 101 (with sample Workbook)In Azure Sentinel, Workbooks contain a large pool of possibilities for usage, ranging from simple data presentation, to complex graphing and investigative maps for resources.