Microsoft Security Saturday – 08/22/2020

New data from Microsoft shows how the pandemic is accelerating the digital transformation of cyber-securityMicrosoft recently concluded a survey of nearly 800 business leaders of companies of more than 500 employees in India (IN), Germany (DE), the United Kingdom (UK) and the United States (US) to better understand their views of the pandemic threat landscape, implications for budgets and staffing, and how they feel the pandemic could reshape the cyber-security long-term.

Microsoft Security | Fall 2020 Public Webinars editionAnother excellent opportunity for our public community to join for free, and be part of the journey that our Microsoft security engineering teams will be sharing through their experiences and provide their recommendations for our security products.

Introducing EDR in block mode: Stopping attacks in their tracksEndpoint detection and response (EDR) in block mode is a new capability in Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) that turns EDR detections into blocking and containment of malicious behaviors.

Microsoft Threat Protection now uses more descriptive incident namesThe new incident naming feature in Microsoft Threat Protection now lets you understand an incident’s scope at a glance!

MSTIC Notebooklets – Fast Tracking CyberSec Jupyter NotebooksWe’re very happy to announce, after a several months work, the release of a new Python/Jupyter notebooks package — MSTICnb, or MSTIC notebooklets.

Classification Depth Private PreviewThe set of upcoming features would help you improve accuracy of your policies across M365 S+C solutions and increase coverage. We have improved accuracy of the out-of-the-box Sensitive information types, introduced confidence levels to simplify policy creation and added new capabilities to customize SITs which will allow you to fine-tune your SITs to reduce False positives & False negatives. In addition, we are adding new Sensitive information types that will allow you to increase your policy coverage. 

What’s New: Query line numbering, Azure Sentinel in the schema paneEvery second counts. Some security incidents are unstoppable, but when prevention isn’t possible, the right investigation and response is everything. To help SOC analysts’ quickly reason over copious amount of security volume, we are delighted to introduce a set of enhancements that enrich and improve the investigation experience in Azure Sentinel.

Threat Protection for SQL IaaS VMs running on-premises using Azure Security CenterThis blog post continues the series about Azure Security Center threat protection for SQL IaaS VMs. As you learnt in this blog post, Azure Security Center protects SQL servers hosted on either Azure VMsAzure Arc and on-premises. This post will focus on SQL running on-premises and how to leverage ASC threat protection for SQL in this type of scenario.