Microsoft Security Saturday – 01/22/22

Microsoft Defender for Cloud PoC Series – Microsoft Defender for ContainersIn this blog, I continue the Microsoft Defender PoC series by providing you with guidelines and considerations for how to successfully perform a proof of concept for the new Microsoft Defender for Containers plan. With the release of the new Microsoft Defender for Containers plan, we have merged the previous Microsoft for Kubernetes and Microsoft for Container Registries into one offering. 

Achieving Zero Trust readiness in your apps #2: Designing for Least PrivilegeThis is the second post in our series on why Zero Trust matters for developers. In the previous post, I introduced the Zero Trust principles and how they apply to identity and access management. In this post, I will focus on how you can design apps using the principle of least privileged access with the Microsoft identity platform.

Destructive malware targeting Ukrainian organizationsMicrosoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022.

Custom assessments and standards in Microsoft Defender for Cloud for AWS workloads (Preview)Microsoft Defender for Cloud implements AWS security recommendations in the Defender for Cloud portal right alongside Azure recommendations. There are more than 160 out-of-box recommendations for IaaS and PaaS services as well as support for regulatory standards including CIS, PCI and AWS Foundational Security Best Practices.

Microsoft Defender for Office 365 Ninja Training: January 2022 UpdateWe have published a few Microsoft Defender for Office 365 resources over the past few months, and these are now included in the Ninja Training. If you want to refresh your knowledge and get updated, here is what has been added since the last release in September 2021.

External Identities B2C supports Authenticator apps, and new data residency pricingToday I’m excited to announce two Azure AD External Identities updates including the public preview of multi-factor authentication (MFA) with time-based one-time passcode (time-based OTP) for B2C users and an important change to our support for data residency in Azure AD B2C directories.

Security Trends for 2022In 2021, the effects of ransomware and data breaches were felt by all of us.  This trend will likely continue in 2022 as attackers continue to seek out vulnerabilities in our most critical systems. One thing is clear, the threat isn’t going away.