Microsoft Security Saturday – 2/5/2022

Cyber Signals: Defending against cyber threats with the latest research, insights, and trendsWe’re excited to introduce Cyber Signals, a cyber threat intelligence brief informed by the latest Microsoft threat data and research. This content, which will be released quarterly, offers an expert perspective into the current threat landscape, discussing trending tactics, techniques, and strategies used by the world’s most prolific threat actors.

New performance and logging capabilities in Azure FirewallCurrently, Azure Firewall supports 30 Gbps which is sufficient to meet current throughput demands for many of our customers. However, we are seeing some organizations require even more throughput and towards this, we are announcing new Azure Firewall capabilities as well as updates for January 2022.

Enabling Zero Trust with Azure network security servicesWith the accelerated pace of digital transformation since the COVID-19 pandemic breakthrough, organizations continuously look to migrate their workloads to the cloud and to ensure their workloads are secure. Moreover, organizations need a new security model that more effectively adapts to the complexity of the modern environment, embraces the hybrid workplace, and protects applications and data regardless of where they are.

Microsoft threat & vulnerability management integrates with Vulcan CyberToday, we’re excited to announce the general availability of a new integration between Microsoft threat and vulnerability management and the Vulcan Cyber risk management platform. The integration between these two products provides customers deeper cyber risk awareness, better collaboration tools, and enhanced risk prioritization and mitigation capabilities. 

Attack Simulation Training: User tags based targeting in simulations – now live! We have heard from customers about the requirement to run targeted simulations against a certain section of the organization such as priority accounts and today, we are very excited to announce the general availability of user tags-based targeting capability in Attack Simulation Training.

Improve your security defenses for ransomware attacks with Azure FirewallTo ensure customers running on Azure are protected against ransomware attacks, Microsoft has invested heavily in Azure security and has provided customers with the security controls needed to protect their Azure cloud workloads.

Microsoft Sentinel – continuous threat monitoring for GitHubToday, together with Microsoft Sentinel, you can connect your enterprise-licensed GitHub repository environment to the Microsoft Sentinel workspace and ingest the GitHub audit log – tracking events such as new repository creation or deletion, counting the number of repository clones, and more. The continuous threat monitoring for GitHub solution contains out-of-the-box content, installed automatically to your Microsoft Sentinel workspace when you deploy the solution.

Decentralized identity: The Direct Presentation model – Part one of our series introduced our 5 guiding principles for decentralized identities. In this and subsequential blogs, we will continue to dive deeper into the technical basics of decentralized identity. Read on for part two of this five-part series on decentralized identity.

ACTINIUM targets Ukrainian organizationsIn the last six months, MSTIC has observed ACTINIUM targeting organizations in Ukraine spanning government, military, non-government organizations (NGO), judiciary, law enforcement, and non-profit, with the primary intent of exfiltrating sensitive information, maintaining access, and using acquired access to move laterally into related organizations.

Microsoft Defender for Cloud: General availability updates for January 2022

Microsoft Defender for Cloud: Public preview updates for January 2022