This article is contributed. See the original author and article here.
It was super busy month in September with normal fury of announcements but this month also included a lot of exiting news from Ignite. In the sections below, I have called out the Ignite announcements for each of the product areas. In addition, I have attached a deck that includes the Ignite news along with links to sessions.
General News
Microsoft report shows increasing sophistication of cyber threats
Industry-wide partnership on threat-informed defense improves security for all
Microsoft Security: Use baseline default tools to accelerate your security career
Microsoft Security—detecting empires in the cloud
Microsoft Security: 6 tips for enabling people-centric cybersecurity with security training
STRONTIUM: Detecting new patterns in credential harvesting
Azure Defender & Sentinel News
Ignite Announcements
Stay ahead of threats with new innovations from Azure Sentinel
- UEBA + Entity Profile
- Threat Intelligence
- Watchlists
- Enterprise-Wide Data Collection
- Machine Learning
- IoT/OT
Azure Defender for IoT: Agentless Security for OT
Azure Security Benchmark v2 is now available with expanded security control assessments
Protect multi-cloud workloads with new Azure security innovations
- CyberX integration for Azure Defender
- Multi-cloud security posture management for Azure Security Center
- Managed hardware security module for Azure Key Vault
- Additional service support for Customer Lockbox for Azure
- Double Encryption for data at rest and transit
Other Announcements
Azure Security Center—News and updates for September 2020
Analysing Web Shell Attacks with ASC data in Azure Sentinel
Enriching Windows Security Events with Parameterized Function
Auditing Azure Sentinel activities
Understanding Microsoft Teams Data Schema in Azure Sentinel – Analyst / Researcher View
Security Controls in Azure Security Center: Manage Access and Permissions
Security capabilities in Azure Kubernetes Service on Azure Stack HCI
Assigning Permissions in Azure Security Center
Secure your IoT Edge compute today with enclaves
What’s new: Office 365 Advanced Threat Protection connector in Public Preview
What’s new: Analytics FileHash entity hits GA!
Build a scalable security practice with Azure Lighthouse and Azure Sentinel
Azure Sentinel Incident Bi-directional sync with ServiceNow
How to Protect Office 365 with Azure Sentinel
Introducing the Azure Network Security Tech Community and Github Repo
What’s new: Azure DDoS Protection connector in Public Preview for Azure Sentinel
Security Alerts For Synapse Analytics In Azure Security Center
Microsoft Teams logs in Azure Sentinel (public preview)
How to integrate vulnerability management in Azure Sentinel
Continuously export security findings from vulnerability assessment solution recommendations
Security Controls in Azure Security Center: Enable Endpoint Protection
What’s New: Azure Firewall Connector in Public Preview!
Giving Specific Analysts Access to Specific Azure Sentinel Playbooks
Accelerate your adoption of SIEM using Azure Sentinel and a new offer from Microsoft
Microsoft 365 Security (All Up News)
Changes to improve security for Windows devices scanning WSUS
Force firmware code to be measured and attested by Secure Launch on Windows 10
M365 Identity & Device Protection (Azure AD, Intune)
Ignite Announcements
What’s new in Azure Active Directory at Microsoft Ignite 2020
- Azure AD Conditional Access API is now generally available in Microsoft Graph
- Azure AD Application Proxy so that in addition to configuring SSO to legacy on-premises apps, you can connect apps that use header-based authentication, the most popular legacy authentication protocol
Microsoft Endpoint Manager announces support for Windows Virtual Desktop machines
Introducing Microsoft Tunnel for remote access to corporate resources from iOS and Android
Other Announcements
New enhancements to Security Baselines in Microsoft Endpoint Manager
Azure Active Directory External Identities goes premium with advanced security for B2C
Securing a remote workforce with Zero Trust
M365 Defender (Defender for Office, Defender for Endpoint, Defender for Identity)
Ignite Announcements
Microsoft delivers unified SIEM and XDR to modernize security operations
Microsoft Defender for Endpoint adds depth and breadth to threat defense across platforms
- Mobile threat defense for iOS
- Threat and vulnerability management for macOS will go into public preview this week
Announcing Priority Account Protection in Microsoft Defender for Office 365
Keeping users safe and productive with Microsoft 365 Apps for enterprise
- Antimalware Scan Interface (AMSI) integration for Excel 4.0 (XLM) macros
- Security Policy Advisor analyzes how individuals use Microsoft 365 Apps for enterprise and then recommends specific policies to boost an organization’s security profile.
- Enabling protected access to untrusted files
Announcing Attack Simulation Training in Microsoft Defender for Office 365
Other Announcements
Announcing Tamper Protection for Configuration Manager Tenant Attach clients
451 Research publishes a report about Microsoft Defender for Endpoint
Announcing new Endpoint Security Antivirus reports!
Microsoft Defender ATP Ninja Training: September 2020 update
M365 Compliance & Governance
Ignite Announcements
Continuing Momentum with Microsoft Information Protection (MIP)
- Integrations of MIP with Symantec, McAfee, Relativity, VMWare
Extending the Microsoft Compliance ecosystem with new connectors, APIs and built-in customizations
- Partnership with Globanet and Telemessage to expand our data connector coverage to 25 built-in connectors
- Microsoft Graph API for eDiscovery – Public Preview
- Microsoft Graph API for Teams Export – Public Preview
- New Power Automate connector integration with Insider Risk Management and Communication Compliance solutions
- Advanced eDiscovery now has improved workflows and support for linked content in emails or chat messages.
A unified approach to data loss prevention from Microsoft
- Extension of Microsoft data loss prevention to Microsoft Cloud App Security (MCAS)
- Microsoft Graph API for Teams DLP GA
Improving eDiscovery workflows and enhancing your forensic investigations
- 45 new and 11 improved sensitive information types, covering key regulations in Asia Pacific and in Europe.
- Automated on-premises network discovery
- Protecting sensitive information in Office apps GA
- Customer Key support for Teams
- Double key Encryption GA
Effectively managing insider risks with integrated collaboration solutions including Microsoft Teams
What’s new in Microsoft Information Governance and Records Management
- Create in-place retention policies for Yammer and Teams meeting recordings
- Manage regulatory records with strict immutability requirements
- Leverage SharePoint Syntex to manage records intelligently
- Fine-tune trainable classifiers with the new feedback loop capabilities
Improving eDiscovery workflows and enhancing your forensic investigations
- Support for collecting, reviewing and exporting linked content from OneDrive and SharePoint Online in Advanced eDiscovery (GA)
- First set of Graph APIs for Advanced eDiscovery (Public Preview)
- New audit events in Advanced Audit (GA)
- 10-year retention add-on in Advanced Audit (GA)
Other Announcements
Microsoft Advanced Compliance Solutions in Zero Trust Architecture
Improving eDiscovery workflows and enhancing your forensic investigations
Request for Manager Action using MCAS & Power Automate
Secure external collaboration using sensitivity labels
Enhanced regulatory, legal and forensic investigation capabilities now in the Government Cloud
Best practices to simplify governing employee access across your applications, groups and teams
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
Recent Comments