As Microsoft closed out it’s fiscal year in June it went out with a bang with amount of security & compliance related news and announcements. As with every month’s newsletter, the articles that italicized should be priority reading.
General News
Lessons learned from the Microsoft SOC—Part 3d: Zen and the art of threat hunting
Exploiting a crisis: How cybercriminals behaved during the outbreak
Blue teams helping red teams: A tale of a process crash, PowerShell, and the MITRE ATT&CK evaluation
A deeper dive into the APT29 MITRE ATT&CK evaluation
11 security tips to help stay safe in the COVID-19 era
Remote Working: Fewer people working on-premises doesn’t mean less risk to their identities
Misconfigured Kubeflow workloads are a security risk
Barracuda and Microsoft: Removing security barriers to faster public cloud adoption
Stay ahead of multi-cloud attacks with Azure Security Center
Modernizing the security operations center to better secure a remote workforce
CISO Stressbusters: Post #2: 4 tips for getting the first 6 months right as a new CISO
Lessons learned from the Microsoft SOC—Part 3d: Zen and the art of threat hunting
The psychology of social engineering—the “soft” side of cybercrime
Azure Security & Compliance News
What’s New: Azure Sentinel Threat Hunting Enhancements
Azure Sentinel Ninja Training: The June 2020 update
Moving to cloud-based SIEM: the cost advantage
Sending enriched Azure Sentinel alerts to 3rd party SIEM and Ticketing Systems
Hunting for anomalous sessions in your data with Azure Sentinel
How do I start improving my security posture in the cloud?
How Secure Score affects your governance
Automating the onboarding on-premises, AWS and GCP VMs on Sentinel with Azure Arc
Stay ahead of attacks with Azure Security Center
Feeling fatigued? Cloud-based SIEM relieves security team burnout
Microsoft acquires CyberX to accelerate and secure customers’ IoT deployments
Using Azure Lighthouse and Azure Sentinel to Investigate Attacks Across Multiple Tenants
Move Your Azure Sentinel Logs to Long-Term Storage with Ease
What's New: Livestream for Azure Sentinel is now released for General Availability
Azure Security Center new security alerts experience
Protecting your GitHub assets with Azure Sentinel
Deliver a Security Score weekly briefing
Sending alerts enriched with supporting events from Azure Sentinel to 3rd party SIEMs
Azure Files enhances data protection capabilities
How to respond to potential Malware uploaded to Azure Storage Blob
Azure Security Center Auto-connect to Sentinel
Azure Sentinel Agent: Collecting from servers and workstations, on-prem and in the cloud
Continuously Export Azure Security Center Alerts and Recommendations via Policy
Security Controls in ASC: Remediate Vulnerabilities
Microsoft 365 Security (All Up News)
Improving defenses against Exchange server compromise
Setting up a secure collaboration environment
Setting up a secure collaboration environment – Security Admin POV
Setting up a secure collaboration environment - End user point of view
Webinar: Empower your remote workforce with data security in OneDrive and SharePoint
M365 Identity & Data Protection (Azure AD, Intune, AIP, MCAS)
General Availability: Microsoft Information Protection sensitivity labels in Teams/SharePoint sites
Announcing general availability of Microsoft Information Protection in Power BI
Inside Identity: Moving to a passwordless world with the FIDO Alliance
How-to: Password-less FIDO2 Security Key Sign-in to Windows 10 HAADJ Devices
Azure AD Mailbag: Frequent questions about using device-based Conditional Access for remote work
“Why are my users not prompted for MFA as expected?”
Give your HR and IT teams more reasons to cheer with improved integration between Workday & Azure AD
MCAS: Malware detection in real-time
Announcing the Android Enterprise security configuration framework
Protect and Secure Cloud-based Applications using Azure MFA
Proactively reduce lateral movement path risk to your organization with Azure ATP
Microsoft Endpoint Manager - Creating a WDAV Policy
Upcoming Exchange Online Device Access and Conditional Access changes with Outlook mobile
Building trust into digital experiences with decentralized identities (DID)
Role-based Access Control in Intune – Identifying Tenant-wide and Delegated Configurations
M365 Threat Protection (Office ATP, Windows Defender ATP, Azure ATP/ATA)
Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint
Microsoft Defender ATP has a new UEFI scanner
Say hello to the new alert page in Microsoft Defender ATP
Web shell threat hunting with Azure Sentinel and Microsoft Threat Protection
Configuring Microsoft Defender Antivirus for non-persistent VDI machines
Webinar: How to get started with Microsoft Defender ATP
Announcing Microsoft Defender ATP for Android
Microsoft Defender ATP for Linux is now generally available!
How to stream Microsoft Defender ATP hunting logs in Azure Data Explorer
Migrate the old Power BI App to Microsoft Defender ATP Power BI templates!
M365 Compliance & Governance
What’s new in Microsoft 365 Compliance and Risk Management
Exact Data Match Upcoming News
Top 4 tips to protect your remote workforce with data compliance in OneDrive
Getting started with Insider Risk Management
Regards,
Jeremy Windmiller | Enterprise Security Architect, CISSP, CEH, ITIL | Microsoft – Healthcare