Microsoft Security Saturday – 05/22/2021

Forrester names Microsoft a Leader in The Forrester Wave™: Cloud Security Gateways, Q2 2021Our continued innovation in Microsoft Cloud App Security is focused on helping you gain visibility of your cloud apps, discover shadow IT, protect sensitive information anywhere in the cloud, enable protection against cyber threats, assess compliance, and manage security posture across clouds.

Gartner names Microsoft a Leader in the 2021 Endpoint Protection Platforms Magic QuadrantWe are so grateful to our customers who have collaborated with us in creating one of the best endpoint security solutions on the market and are thrilled that Gartner has recognized this work and the journey we’ve taken alongside our customers by naming Microsoft a Leader in the 2021 Endpoint Protection Platforms (EPP) Magic Quadrant, positioned highest on the ability to execute.

Microsoft and Darktrace partnership will help keep organizations secure using AI that learns ‘self’The technology works “on the job” to learn from data, users and activity across all enterprise environments, learning a sense of “self” to distinguish between benign and malicious behaviour. Darktrace provides enterprise-scale, self-learning AI that detects and autonomously responds to novel cyber-threats.

How a positive hybrid work culture can help you to mitigate insider riskThe report also drew a direct correlation between the stressors impacting employees and an increase in insider risk incidents. A positive corporate culture, in which employees are engaged, rewarded, and supported, can decrease both malicious and inadvertent insider risks, such as data loss, data theft, insider trading, and others.

Adopt a Zero Trust approach for security — Essentials Series — Episode 1Based on the principles of “verify explicitly”, “apply least privileged access” and “always assume breach”, Zero Trust establishes a comprehensive control plane across multiple layers of defense.

Zero Trust Identity Controls – Essentials Series – Episode 2 – Join our host, Jeremy Chapman, as he unpacks the foundational layer of the model with identity. As the primary control plane for Zero Trust, it acts as the front door for people, service accounts, and devices as each requests access to resources. Identity is at the core of the Zero Trust concepts of never trust, always verify and grant the appropriate level of access through the principle of least privilege.

New alert page for Microsoft 365 Defender incident detections!We are excited to introduce a new alert page for these detections. The new page provides additional, enriched information providing greater context into an attack. Security professionals can now see which other triggered alert caused the current alert and all the affected entities and activities involved in the attack, including files, users and mailboxes.

Secure configuration assessment for macOS and Linux now in public previewToday, we’re excited to announce that we’re expanding our secure configuration assessment capabilities to cover macOS and Linux, in addition to existing support for Windows 10 and Windows Server devices. 

Conditional Access GPS-based named locations now in public previewToday, I am excited to share how you can improve your Conditional Access policies and ensure compliance with data regulations thanks to the public preview of GPS-based named locations. This feature helps admins strengthen their security and compliance posture and allows them to restrict access to sensitive apps based on the GPS location of their users.

Introducing Attribute Based Access Control (ABAC) in AzureThe public preview of Attribute Based Access Control (ABAC) in Azure builds on Azure Role-Based Access Control (RBAC) to make it easier for organizations to manage access to Azure resources at scale.

What’s New: Azure Sentinel – SOC Process Framework WorkbookIf you are like me, you are probably excited with how fast Azure Sentinel has grown. This means more capabilities, functions and integrations to work with. So with all that power, how do I build a SOC and operationalize my Security Operations to keep up?

What’s new: Hunting dashboard refreshNow in preview, we refreshed the hunting query experience to help you find undetected threats in your environment more quickly. We also provide new ways to identify which hunting results are most relevant to your environment and your desired attack scenarios.

What’s new: Incident Team – collaborate in Microsoft TeamsThe soaring success of Microsoft Teams and the new challenges of remote work made Teams a tool of choice for many of our customers – which led Azure Sentinel to come up with Microsoft Teams collaboration.

Introducing Azure Sentinel Solutions!Today, we are announcing Azure Sentinel Solutions in public preview, featuring a vibrant gallery of 32 solutions for Microsoft and other products. Azure Sentinel solutions provide easier in-product discovery and single-step deployment of end-to-end product, domain, and industry vertical scenarios in Azure Sentinel.

Azure Arc for Security EngineersAzure Arc and the Azure control plane enables Security Engineers to take care of Cloud Governance and make sure that their hybrid and multi cloud environment are configured in a secure and compliant state. In this blog post, we are going to have a look at Azure Arc for Security Engineers.

Mitigate OT security threats with these best practicesIn this blog, Chris shares best practices to help mitigate the security threats to operational technology (OT) environments.

Video Tutorial: Endpoint Protection Part 3 – BitLocker Integration and ManagementThis session focuses on the BitLocker management capabilities integrated into Configuration Manager. Steve details how to configure the integration, how it works and demonstrates the integration in action.

Announcing Multi-Stage Disposition in Microsoft Records ManagementMany compliance requirements or organizational policies require approval before the deletion of records. Often this review process has multiple phases and involves numerous groups of people. Previously, Microsoft Records Management allowed only one stage of review. Today, we are announcing the public preview of multi-stage disposition approval. Multi-stage disposition approval is available today worldwide in all commercial tenants.

Azure gains 100th compliance offering—protecting data with EU Cloud Code of ConductI’m announcing that Azure has achieved adherence to the EU Cloud Code of Conduct (EU Cloud CoC), developed for cloud providers to align with the EU’s General Data Protection Regulation (GDPR).

Customer Key support for Microsoft Teams now Generally Available!Microsoft 365 provides baseline, volume-level encryption enabled through BitLocker and Distributed Key Manager (DKM) which ensures customer data is always encrypted at rest in the Microsoft 365 service with BitLocker and DKM. Microsoft 365 offers an added layer of encryption at the application layer for content, including data from Exchange Online, SharePoint Online, OneDrive, and Teams, called service encryption.