Microsoft Security Saturday – 7/3/2021

The critical role of Zero Trust in securing our worldMicrosoft has a unique level of access to data on cyber threats and attacks globally, and we are committed to sharing this information and insights for the greater good. As illustrated by recent attacks, we collaborate across the public and private sectors, as well as with our industry peers and partners, to create a stronger, more intelligent cybersecurity community for the protection of all.

Protecting IoT devices Using A Zero Trust Approach is a Security ImperativeMicrosoft recently published a Zero Trust for IoT best practice and maturity model for organizations to use to design their own Zero trust roll-out strategy, based on their unique business needs. The model assumes that you verify every device that connects to your network prior to trusting them. Only after trust has been established would you then verify the security status of each identity, endpoint, network, and any other resources based on all of the available signals and data.

Vulnerability management for Linux now generally availableIn May we announced the support for Linux across our threat and vulnerability management capabilities in Microsoft Defender for Endpoint. Today, we are excited to announce that threat and vulnerability management for Linux is now generally available across Red Hat, Ubuntu, CentOS, SUSE, and Oracle, with support for Debian coming soon. In addition to Linux, the threat and vulnerability management capabilities already support macOS and Windows, with support for Android and iOS coming later this summer to further expand our support of third party platforms.  

MITRE ATT&CK® mappings released for built-in Azure security controlsThe Security Stack Mappings for Azure research project was published today, introducing a library of mappings that link built-in Azure security controls to the MITRE ATT&CK® techniques they mitigate against.

Use Premium Assessments in Microsoft Compliance Manager to Meet Your Regulatory Compliance Needs – To meet customers where they are in their compliance journey, we are excited to announce that Compliance Manager premium assessment templates will no longer require a Microsoft 365 E5 or Office 365 E5 license as a prerequisite. This update enables all enterprise customers to assess compliance with the regulations most relevant to them and meet their unique compliance needs. Starting July 1st, 2021, all Enterprise customers, both commercial and government, can purchase premium assessment templates as long as they have any Microsoft 365 or Office 365 subscription.