Microsoft Security Saturday – 4/23/2022

New Reporting Functionality for Device Control and Windows Defender FirewallWe are excited to announce the new Endpoint reporting capabilities within the Microsoft 365 Defender portal. This work brings new endpoint reports together so you can see what is happening in your environment with just a couple clicks. Our reports are designed to provide insight into device behavior and activity while allowing you to take full advantage of the integrated experiences within Microsoft 365 Defender portal, such as device timeline and advanced hunting.

Azure DDoS Protection for BYOIPs now availableFollowing the announcement of the general availability of the Bring Your Own IP addresses (BYOIP) function to Azure in all public regions, we’re excited to share that public IP ranges brought to Azure via Custom IP Prefixes can be protected with Azure DDoS Protection Standard

Become a Insider Risk Management NinjaWe are very excited and pleased to announce this edition of the Ninja Training Series. There are several videos and resources available, and the overall purpose of the Insider Risk Management Ninja training is to provide the relevant resources to get started and become more proficient in this area. 

Announcing continuous assessments in Microsoft Purview Compliance ManagerRegulatory compliance can be challenging. Most companies still rely on manual processes. Internal compliance teams are frequently understaffed, and there is constant pressure to do more with less resources. With over 250 updates from regulatory bodies per day1, it is difficult to stay current. Additionally, complying with a multitude of standards in a hybrid world is now a board level topic2. Many organizations struggle with protecting people and data in a multi-cloud, multi-platform, and multi-regulatory environment.

Announcing multi-stage retention in Microsoft Purview Data Lifecycle ManagementManaging the data lifecycle can be complex. Not only do you have to manage retention, deletion, and protection policies for your data, but often these requirements will change for the same file over time as it moves through its lifecycle. As an example, let’s say you’re preparing a press release for a major brand announcement. While drafting the release, you want to use a retention policy to ensure it isn’t accidentally deleted but allows for collaboration. You also want to protect the file so only certain people can view it. Then, when the news event happens, you want to prevent any changes to the release file and change the file protection so everyone can view it. Today we are making a few announcements to align with this vision of data lifecycle management.

Safeguard your people and data across new ways of working, with Communication ComplianceIt’s no secret that hybrid work has fundamentally changed how we communicate, collaborate, and share information. Employees are no longer sitting together within traditional office building environments; they’re interacting with work and their peers in virtual spaces. As organizations adapt to the evolving needs of this space, they must seek out communication and collaboration tools that not only empower employees to do their best work, but scale necessary risk and compliance controls across our new ways of working, as well.  

Become a Communication Compliance NinjaIn this Ninja page, we share the top resources for Communication Compliance users to become more proficient with the Microsoft Purview Communication Compliance solution.  For official documentation please check

Improving eDiscovery in Microsoft Teams and Legal hold workflows with Microsoft Purview eDiscoveryToday we are excited to announce some additional capabilities in public preview, which improve the identification and collection of relevant data in Microsoft Teams, and provide the ability to better manage legal holds with new reporting functionality and improving the custodial communication process.  

Announcing general availability of Microsoft Purview Data Loss Prevention for macOS endpointsToday we are extremely pleased to announce the general availability of Microsoft Purview Data Loss Prevention for macOS endpoints, enabling organizations to extend their endpoint DLP insights and controls to devices running macOS (Catalina or higher). We know that macOS is an important platform for our customers and are excited to continue to invest in supporting our customers’ multi-platform strategy.

Introducing Microsoft Purview: The future of compliance and data governance is hereTo meet the challenges of today’s decentralized, data-rich workplace, we’re introducing Microsoft Purview—a comprehensive set of solutions that help you govern, protect, and manage your entire data estate. This new brand family combines the capabilities of the former Azure Purview and the Microsoft 365 Compliance portfolio that customers already rely on, providing unified data governance and risk management for your organization.

Manage Data Risks from Employee Insiders with Microsoft PurviewIn this show, Talhah Mir, lead engineer on the insider risk solutions team at Microsoft, joins Jeremy Chapman to walk through the latest privacy-enabled insider risk management solutions, now part of Microsoft Purview. They’ll show you how these use machine learning to automatically identify high risk incidents such as data theft, and how it provides the context and workflow you need for the right stakeholders to take appropriate actions.

Microsoft announces new collaboration with Red Button for attack simulation testingToday, Microsoft is excited to announce a new collaboration with Red Button, offering our customers an additional DDoS attack simulation testing provider to choose from. With Red Button’s DDoS Testing service suite, you will be able to work with a dedicated team of experts to simulate real-world DDoS attack scenarios in a controlled environment. Simulation testing allows you to assess your current state of readiness, identify gaps in your incident response procedures, and guide you in developing a proper DDoS response strategy.