Microsoft Security Saturday – 04/03/2021 (Baseball Season has begun)

It’s that time of the year in the United States where my life revolves around baseball season and hence the day delay of getting this edition out.

New Security Signals study shows firmware attacks on the rise. How Microsoft is working to help eliminate this entire class of threatsRecently, Microsoft commissioned a study that showed how attacks against firmware are outpacing investments targeted at stopping them. The March 2021 Security Signals report showed that more than 80% of enterprises have experienced at least one firmware attack in the past two years, but only 29% of security budgets are allocated to protect firmware.

Zero Trust: 7 adoption strategies from security leadersToday, we are publishing the “Examining Zero Trust: An executive roundtable discussion” eBook as a result of those conversations. The eBook describes how the Zero Trust security model involves thinking beyond perimeter security and moving to a more holistic security approach.

Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alertingIn this blog we’ll outline a probabilistic graphical modeling framework used by Microsoft 365 Defender research and intelligence teams for threat actor tracking. Microsoft Threat Experts, our managed threat hunting service, utilizes this model to enhance our ability to quickly notify customers about attacks in their environments through targeted attack notifications.

Helping protect against AS-REP Roasting with Microsoft Defender for IdentityOne of the huge advantages of using Microsoft Defender for Identity to help protect your on-premises identities from advanced attacks, is that new detections, features and improvements are being added all the time. After some recent updates, we thought that we’d take some time to properly introduce one of these new detections and give it the attention it deserves!

March identity updates – Public preview of AD FS sign-in activity in Azure AD reporting and moreI’m excited to share the latest Active Azure Directory capabilities that will streamline your hybrid identity, monitoring, and B2B user experiences. These updates help you achieve a more unified identity management from a single control plane and enrich experiences to help provide seamless and secure collaboration with guest users.

Confidently modernize to cloud authentication with Azure AD staged rollout, now generally availableI’m excited to announce that staged rollout to cloud authentication is now generally available! This feature allows you to selectively test groups of users with cloud authentication methods, such as pass-through authentication (PTA) or password hash sync (PHS), while all other users in the federated domains continue to use federation services, such as AD FS, Ping Federate, Okta, or any other federation services to authenticate users.

General availability and public preview of Microsoft unified DLP key features April 2021 updateToday we are excited to announce the general availability of 27 new controls (conditions and actions) for DLP policies in Microsoft Exchange.

Azure Security Center: Public preview updates for March 2021In March 2021, the following public preview updates and enhancements were made to Azure Security Center:

New Detections for Azure Firewall in Azure SentinelRecent attacks highlight the fact that in addition to implementing appropriate security protection controls to defend against malicious adversaries, continuous monitoring, and response for every organization.  To implement security monitoring and response from a networking perspective, you need visibility into traffic traversing through your network devices and detection logic to identify malicious patterns in the network traffic.  This is a critical piece for every infrastructure/network security process.

Role Based Access Control for Azure FirewallNetwork security requirements involve providing limited access and granting administrative permissions to users within a network. Role assignments are the way you control access to Azure back end and infrastructure resources. If the built-in roles do not meet the specific needs of your organization, Azure Role Based Access Control (RBAC) allows account owners to create custom roles  that an administrator can assign to Users/User groups.

Unified DLP WebinarThis webinar provides an overview of Microsoft’s unified DLP solution and covers the new features that have been released to help better protect your data.

Network isolation and Security: Use private endpoints for your Azure Purview accountEarlier this week, we released a feature in Purview to use private endpoints for your accounts.

Help shape information governance and records managementIf you want to influence the platform with features and capabilities that you want, need, and like, this is the time to make it happen and share your feedback.

How to build a successful application security programThe security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Tanya Janca, Founder of We Hack Purple Academy and author of the best-selling book “Alice and Bob Learn Application Security.”

Security baseline for Office 365 ProPlus (v2103, March 2021) – DRAFTMicrosoft is pleased to announce the draft release of the recommended security configuration baseline settings for Microsoft Office 365 ProPlus, version 2103. We invite you to download the draft baseline package (attached to this post), evaluate the proposed baselines, and provide us your comments and feedback below.

Security baseline for Microsoft 365 Apps for enterprise (v2103, March 2021) – DRAFTMicrosoft is pleased to announce the draft release of the recommended security configuration baseline settings for Microsoft 365 Apps for enterprise, version 2103. We invite you to download the draft baseline package (attached to this post), evaluate the proposed baselines, and provide us your comments and feedback below