Microsoft Security Saturday – 02/20/21

Turning the page on Solorigate and opening the next chapter for the security communityThe Microsoft Security Research Center (MSRC), which has shared learnings and guidance throughout the Solorigate incident, confirmed today that following the completion of our internal investigation we’ve seen no evidence that Microsoft systems were used to attack others. There was also no evidence of access to our production services or customer data.  

New and enhanced security capabilities for Microsoft Power BIToday we are announcing new and enhanced security capabilities for Microsoft Power BI to ensure the highest levels of data security while bringing data insights to everyone across the organization. 

Protecting sensitive information on devicesEndpoint DLP is a native integrated experience that identifies and protects sensitive information accessed by information workers in the applications they use every day. It is part of Microsoft Information Protection, an intelligent, unified, and extensible solution to know your data, protect your data, and prevent data loss across all the touchpoints within an enterprise – including Microsoft 365 apps and services, on-premises file stores, endpoint devices, and third-party SaaS applications and services. 

Apply M365 Sensitivity Labels across your data assets in Azure PurviewWith Azure Purview, you can now extend the reach of Microsoft 365 sensitivity labels to operational and analytical data! Label Power BI workspaces and database columns with the same ease as labelling a word doc, thanks to Azure Purview!

The Toolkit for Data-Driven SOCsBuilding a Security Operations Center (SOC) from scratch or revamping one is a daunting challenge. We have developed a “Toolkit” to help SOC managers and analysts improve performance. The toolkit is a powerful set of 3 workbooks, all customizable and easily accessible, that help you gauge the most fundamental metrics. With these workbooks, you can measure analysts’ efficiency, detection coverage, alert performance, and more.

Microsoft Defender for Endpoint Now Available for GCC customersWe are excited to announce that Microsoft Defender for Endpoint is now available for customers in the Government Community Cloud (GCC).  Microsoft Defender for Endpoint in GCC supports the Federal Risk and Authorization Management Program (FedRAMP) accreditation at a High Impact level.

MITRE ATT&CK Techniques now available in the device timelineWe are excited to announce the public preview of MITRE ATT&CK techniques and sub-techniques in the Microsoft Defender for Endpoint device timeline.

What’s new: User and Entity Behavior Analytics (UEBA) insights in the entity page!This blog post covers a new feature of the Azure Sentinel entity pages: four new UEBA-related insights to the insights panel.

Azure Firewall Premium now in previewAzure Firewall Premium provides next-generation firewall capabilities that are required for highly sensitive and regulated environments.

Afternoon Cyber Tea podcast: evaluating risk in a pandemicOur discussion really examines how the pandemic has pushed organizations toward greater cost efficiencies and a new mainstreaming of cybersecurity—democratizing the language and tools to make it part of everyone’s “9 to 5” experience.

Forrester Consulting TEI Study: Azure Security Center delivers 219 percent ROI over 3 years and a payback of less than 6 monthsAzure Security Center is a critical tool to secure our multi-cloud workloads in the new world of remote work we find ourselves in today. We are excited to share that Forrester Consulting has just conducted a commissioned Total Economic Impact (TEI) study on behalf of Microsoft, which involved interviewing existing customers to create an accessible framework for organizations to evaluate the financial impact of Azure Security Center.

Azure Front Door enhances secure cloud CDN with intelligent threat protectionTo address these customer requirements, we’re introducing the preview of two new SKUs to the Azure Front Door family, which combines capabilities of Azure Front Door, Azure Content Delivery Network (CDN) standard, and Azure Web Application Firewall (WAF) into a single secure cloud CDN platform with intelligent threat protection and a simple to understand pricing model.

Use Microsoft Azure Sentinel and Anomali Match for actionable threat detectionAnomali Match is a high-performance security solution that detects threats within Sentinel observed data and identifies the point of origin of an attack, going back more than 5 years. With this intelligence, Match gives security teams the ability to investigate associated global threats, actors, techniques and potential future attacks and their impact on an organization’s security posture.