by Contributed | Jan 11, 2021 | Technology
This article is contributed. See the original author and article here.
We are excited to announce that endpoint detection and response (EDR) capabilities in Microsoft Defender for Endpoint on Linux server are now generally available.
Over the course of the last year, Microsoft Defender for Endpoint was extended to support all major platforms (Windows, Linux, macOS, Android, and iOS). Today we are taking the next step by adding endpoint detection and response (EDR) for Linux. EDR is essential for navigating today’s Linux threat landscape.
The full set of Microsoft Defender for Endpoint (Linux) preventive and detection and response capabilities are supported across the six most common Linux server distributions:
- RHEL 7.2+
- CentOS Linux 7.2+
- Ubuntu 16 LTS, or higher LTS
- SLES 12+
- Debian 9+
- Oracle Linux 7.2
The Linux solution can be deployed and configured using Puppet, Ansible, or using your existing Linux configuration management tool.
Our customers have joined us on this evolution and given us feedback in every step of the way. For this, we are truly grateful and look forward to the continued partnership.
“The upcoming release is an amazing milestone providing us a 360 view on all our platforms for our threat hunting strategy “
- Guy Fridman, Head Of Security Operation And Response
Detections with context
About 6 months ago, we announced the availability of Microsoft Defender for Endpoint (Linux) with preventive antivirus capabilities. Customers can better protect Linux servers, get these devices onboarded in the same portal as their Windows, macOS, and mobile devices, and expand the single pane of glass experience to include Linux-related alerts. With the newly enabled EDR support, security operations can view detections with even richer context. The below device timeline example demonstrates this enriched capability.
The timeline tab includes information about process creation, network connections, file creations and login events.
In the Microsoft Defender for Endpoints (Linux) EDR public preview announcement, we also discussed the post-breach detection capability with an example scenario that customers can use to experience the feature. The below “Suspicious process launched from a world-writable directory” alert is another post-breach detection example.
Unified investigation experience
The timeline is just one piece of the investigation story. Microsoft Defender for Endpoint’s popular advanced hunting tool allows customers to perform free-form investigations using a powerful query engine and an ever-growing set of useful shared queries. Now, customers can use this capability to search for threats across Linux servers, exploring up to 30 days of raw data.
The well designed architecture also seamlessly enables custom detections on top of the advanced hunting capabilities.
The rest of the investigation experience, such as the hyperlinked exploration between the different monitored entities, is consistent with the familiar experience for Windows devices. The monitored entities (e.g. files, processes, network connections, alerts) are available for exploration on Linux devices. Here are a few examples:
File page
IP Address Page
How to get started
Microsoft Defender for Endpoint (Linux) requires the Servers license. You can find this information in our product terms. Please reach out to your account team for more information and eligibility.
To get started, visit our documentation. If you are already evaluating public preview of Microsoft Defender for Endpoint (Linux) EDR, make sure you update the agent to a released version 101.18.53 or higher.
If you are already running Microsoft Defender for Endpoint (Linux) preventive AV in production, your devices will seamlessly receive the new EDR capability as soon as you update the agent to version 101.18.53 or higher.
If you’re not yet taking advantage of Microsoft’s industry leading security optics and detection capabilities for endpoints, sign up for a free trial of Microsoft Defender for Endpoint today.
Microsoft Defender for Endpoint team
by Contributed | Jan 11, 2021 | Technology
This article is contributed. See the original author and article here.
We are excited to announce that endpoint detection and response (EDR) capabilities in Microsoft Defender for Endpoint on Linux server are now generally available.
Over the course of the last year, Microsoft Defender for Endpoint was extended to support all major platforms (Windows, Linux, macOS, Android, and iOS). Today we are taking the next step by adding endpoint detection and response (EDR) for Linux. EDR is essential for navigating today’s Linux threat landscape.
The full set of Microsoft Defender for Endpoint (Linux) preventive and detection and response capabilities are supported across the six most common Linux server distributions:
- RHEL 7.2+
- CentOS Linux 7.2+
- Ubuntu 16 LTS, or higher LTS
- SLES 12+
- Debian 9+
- Oracle Linux 7.2
The Linux solution can be deployed and configured using Puppet, Ansible, or using your existing Linux configuration management tool.
Our customers have joined us on this evolution and given us feedback in every step of the way. For this, we are truly grateful and look forward to the continued partnership.
“The upcoming release is an amazing milestone providing us a 360 view on all our platforms for our threat hunting strategy “
- Guy Fridman, Head Of Security Operation And Response
Detections with context
About 6 months ago, we announced the availability of Microsoft Defender for Endpoint (Linux) with preventive antivirus capabilities. Customers can better protect Linux servers, get these devices onboarded in the same portal as their Windows, macOS, and mobile devices, and expand the single pane of glass experience to include Linux-related alerts. With the newly enabled EDR support, security operations can view detections with even richer context. The below device timeline example demonstrates this enriched capability.
The timeline tab includes information about process creation, network connections, file creations and login events.
In the Microsoft Defender for Endpoints (Linux) EDR public preview announcement, we also discussed the post-breach detection capability with an example scenario that customers can use to experience the feature. The below “Suspicious process launched from a world-writable directory” alert is another post-breach detection example.
Unified investigation experience
The timeline is just one piece of the investigation story. Microsoft Defender for Endpoint’s popular advanced hunting tool allows customers to perform free-form investigations using a powerful query engine and an ever-growing set of useful shared queries. Now, customers can use this capability to search for threats across Linux servers, exploring up to 30 days of raw data.
The well designed architecture also seamlessly enables custom detections on top of the advanced hunting capabilities.
The rest of the investigation experience, such as the hyperlinked exploration between the different monitored entities, is consistent with the familiar experience for Windows devices. The monitored entities (e.g. files, processes, network connections, alerts) are available for exploration on Linux devices. Here are a few examples:
File page
IP Address Page
How to get started
Microsoft Defender for Endpoint (Linux) requires the Servers license. You can find this information in our product terms. Please reach out to your account team for more information and eligibility.
To get started, visit our documentation. If you are already evaluating public preview of Microsoft Defender for Endpoint (Linux) EDR, make sure you update the agent to a released version 101.18.53 or higher.
If you are already running Microsoft Defender for Endpoint (Linux) preventive AV in production, your devices will seamlessly receive the new EDR capability as soon as you update the agent to version 101.18.53 or higher.
If you’re not yet taking advantage of Microsoft’s industry leading security optics and detection capabilities for endpoints, sign up for a free trial of Microsoft Defender for Endpoint today.
Microsoft Defender for Endpoint team
by Contributed | Jan 11, 2021 | Technology
This article is contributed. See the original author and article here.
Initial Update: Monday, 11 January 2021 18:20 UTC
We are aware of issues within Azure Log Analytics ( Virtual Machine insights) and are actively investigating. Some customers may experience Data Access issues. The performance tab in Azure Monitor for Virtual Machines is returning an error in all public regions. Preliminary investigations point to a service component authentication issue.
- Work Around: <none or details>
- Next Update: Before 01/11 20:30 UTC
We are working hard to resolve this issue and apologize for any inconvenience.
-Arish B
by Scott Muniz | Jan 11, 2021 | Security, Technology
This article is contributed. See the original author and article here.
Microsoft has released a security update to address multiple vulnerabilities in Edge (Chromium-based). An attacker could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the latest entry for Microsoft Security Advisory ADV200002 and apply the necessary updates.
by Contributed | Jan 11, 2021 | Technology
This article is contributed. See the original author and article here.
Data types can help you achieve real-life goals more easily with the power and flexibility of Microsoft Excel. No more pasting from browsers or skimming search results, data types bring facts and data from trusted sources right into Excel.
Our data type templates help get things done faster, from comparing colleges to tracking investments to planning a movie night and more. In this post, we’d like to highlight what you can do with the new data types and provide links to the templates we’ve created to help you get started.
Favorite movie list
|
Curate a list of your favorite movies. Keep a list of the movies you’ve watched or want to watch, enter your rating and notes for each movie, and see each movie’s actors, characters, and more.
|
Periodic table
|
Learn about the elements with this interactive periodic table.
|
Planets & Comets
|
Learn about the planets and comets in our solar system. Perfect for amateur astronomers.
|
Stars & Constellations
|
Learn about the stars and constellations. A great way to explore the universe from the comfort of your couch.
|
U.S. college decision helper
|
Get the help you need to choose a college in the United States. Learn about the colleges you’re interested in, compare colleges to narrow down your choices, and keep track of your applications after you’re decided to apply.
|
Relocation helper
|
Relocate to a new city with confidence. Learn about the cities you’re interested in, compare cities to narrow down your choice, and keep track of the things you need to do after you’ve decided to move.
|
Baby name tracker
|
Pick the perfect name for your little one. Keep a list of the names you’re considering, see historical trends, and find famous people with similar names.
|
Nutrition tracker
|
Get healthier by tracking your nutrition. Set personal dietary and nutrition goals, keep track of the food you eat, and see the calories, carbs, protein, and fats you consume.
|
Recipe analyzer
|
Eat healthier by analyzing your favorite recipes. Enter the ingredients in each recipe, and see the calories, carbs, proteins, and fat each ingredient has.
|
Fitness tracker
|
Get healthier by tracking your activities. Enter some basic info about yourself, keep track of the activities you do each day, and see how many calories and ounces of fat you burn with each activity.
|
Investment tracker
|
Keep an eye on your portfolio by entering stocks and ETF’s you own to monitor trends and compare stocks. The data can be refreshed to make sure you’re always up to date with the current prices.
|
How to use data types
- Open a blank Excel workbook.
- Type “Earth” into A1.
- To convert the text into a data type, select A1, and then select Data > expand the Data Types gallery > select Space .
- See available data you can work with by selecting the icon next to Earth to view the card.
- Insert data into the sheet by hovering over a field in the card and select the Insert Data button that appears. Otherwise, select the cell containing Earth and click the Insert Data button on the top right corner of the cell.
Requirements
To use the new data types and templates, you need:
- A Microsoft 365 Family or Personal subscription with the English editing language added to your Office Language Preferences.
- To have joined the Office Insider program or be using Excel on the Web:
- Windows build 16.0.13426.20184: all subscribers in the Beta Channel and a portion of the subscribers in the Current Channel (Preview) of the Office Insider program.
To learn more about the Office Insiders program, see When do I get the newest features for Microsoft 365?.
Feedback
Send us feedback and suggestions on data types:
- Give feedback in the templates form.
- In Excel for Windows Desktop and Web: Click Help > Feedback.
- In Excel for Mac: Click the Feedback button near the top-right corner in Excel.
Learn what other information you should include in your feedback to ensure it’s actionable and reaches the right people. Ask questions and get answers from us and others in the community by joining our Excel Community. We’re excited to hear from you!
Recent Comments