Microsoft Security Saturday – 08/01/2020

Boost security of your remote workers with confidence using Security Policy AdvisorThis post will show you how to leverage the Security Policy Advisor (SPA) to identify slack in your security configuration, make changes to your policy settings and validate the new config first before enforcing them, reducing the risk to impact user productivity. The data-driven service allows you to make decisions based on facts like actual feature usage or if your users are already under attack by e.g. malicious Office documents being sent to them, rather than just guessing what the impact of a change might be.

Inside Microsoft Threat Protection: Solving cross-domain security incidents through the power of correlation analyticsMicrosoft Threat Protection continuously and seamlessly scours endpoints, email and docs, cloud app, and identity activities for suspicious signals. Through deep correlation logic, Microsoft Threat Protection automatically finds links between related signals across domains.

Empower your analysts to reduce burnout in your security operations centerEffective cybersecurity starts with a skilled and empowered team. In a world with more remote workers and an evolving threat landscape, you need creative problem solvers defending your organization. Unfortunately, many traditional security organizations operate in a way that discourages growth, leading to burnout and high turnover.

Asset inventory experience in Azure Security CenterA novel asset management experience providing you with full visibility over all your Security Center monitored resources.   This enables you to explore your security posture data in a much deeper and meaningful way with enhanced capabilities to filter, export, cross reference with different resource properties in addition to ASC generated insights.  

Azure AD Application Proxy now supports the Remote Desktop Services web clientToday we’re announcing the public preview of Azure AD Application Proxy (App Proxy) support for the Remote Desktop Services (RDS) web client.

Guiding principles of our identity strategy: staying ahead of evolving customer needsYour experiences and insights have helped shape the investments we’re making in our identity services for the coming year and beyond. Today, I’m sharing with you the updated set of guiding principles we’re following to deliver a secure and scalable identity solution that’s seamless for your end-users.

Fileless Attack Detection for Linux Preview is ExpandingThe Security Center team is excited to share that the Fileless Attack Detection for Linux Preview, which we announced earlier this year, is expanding to include all Azure VMs and non-Azure machines enrolled in Azure Security Center Standard and Standard Trial pricing tiers. 

Azure Sentinel: What’s New: Incident Auto-refresh hits GA!The Auto-refresh feature will enable your SOC analyst to automatically refresh the incidents queue in Sentinel to make sure analysts have an updated list of incidents to triage. The feature, when turned on, will check for new incidents every 30 seconds and update the queue if new ones are found/update those that already exist in the list.

Enhanced support for Azure AD Guest Users for Azure SQLWe are announcing public preview of a new capability that enables creation of Azure AD guest users directly as database users and setting Azure AD guest users as Active Directory admin for SQL for Azure SQL Database, Managed Instance and Synapse Analytics, without the requirement of adding them to an Azure AD group first.

**Picture courtesy of