Securing your Azure workloads has become easier with the release of Azure Security Center (ASC) official PowerShell Module!
Many organizations are looking to automate more tasks, as manual work is prone to human error and creates a potential for duplica ...
Read More
| |
Cloud-hosted workloads offer excellent scalability, ease of deployment, and pre-secured infrastructure for your workloads. However, the workloads themselves may still be susceptible to attack by cybercriminals. To help safeguard your resources in the clou ...
Read More
| |
|
| |
Hi, We are implementing Azure AD b2b collaboration. From 'Access Panel' which is myapps.microsoft.com view, Group Owners can add/delete users within the assigned group only. We have restricted any Guest User access to Azure portal by creating conditional ...
Read More
Hello, Being a group owner and having Guest Inviter Role should be enough from what I know. Does the Group Owners have an AAD P1 license assigned ? As the advanced group fe ...
Read More
| |
Organizations today are constantly under attack. Azure Security Center (ASC) uses advanced analytics and global threat intelligence to detect malicious threats, and the new capabilities that our product team is adding everyday empower our customers to res ...
Read More
| |
Hi, We are using Azure AD B2B collboration feature by sending guest invites to external partners. For this, we have only allowed 2 domains for example, xyz.com and abc.com for partners xyz and abc (screenshot attached). We have created 2 Groups, one for ...
Read More
Hi, you currently cannot restrict the invitations like that with out of box methods. The allowed (and also denied) domain filter of B2B invites is tenant wide. The only way ...
Read More
| |
The future of mobile banking is clear. People love their mobile devices and banks are making big investments to enhance their apps with digital features and capabilities.
As mobile banking grows, so does the one aspect about it that can be wrenching fo ...
Read More
| |
After several tries in order to install Azure ATP sensor on the first domain controller I get an error about ATP service but without clue what it could be the issue. I reviewed event logs, logs from ATP installation. All pre-requisites are ok. Here some i ...
Read More
@Anderson Lacruz wrote:
After several tries in order to install Azure ATP sensor on the first domain controller I get an error about ATP service but without clue what it c
...
Read More
| |
Azure Security Center provides you with visibility across all your resources running in Azure and alerts you of potential or detected issues. The volume of alerts can be challenging for a security operations team to individually address. Due to the volume ...
Read More
| |
Attackers commonly target open ports on Internet-facing virtual machines (VMs), spanning from port scanning to brute force and DDoS attacks. In case of a successful brute force attack, an attacker can compromise your VM and establish a foothold into your ...
Read More
| |
Dear TechComm,
We use the Intune cloud to manage serveral mobile devices.
We set the value of [Intune App Protection] - [policy settings] - restrict cut, copy and paste with other app to policy managed apps and target the policy to the outlook applicat ...
Read More
Hi Robbin, Did you get an answer to this issue, i experience the same issue in my Azure/Intune environment /Morten
Read More
We are experiencing the same issue. Did you ever get this resolved?
| |
Want early access to a feature we're still designing? Check out our Secure DevOps Kit private preview:
https://aka.ms/ASCDevOps
The Azure Security Center team is currently designing a feature that will provide recommendations taken from the Secure De ...
Read More
| |
Microsoft Azure provides a secure foundation for customers to host their infrastructure and applications that spans across physical, infrastructure, and operational security. Part of our operational security includes over 3,500 cybersecurity experts acros ...
Read More
| |
Hi All, I need to know what Office 365 licenses are required to setup Intune, Windows Information Protection (WIP), and Conditional Access. We currently have Enterprise E3 licenses. When I look at one website it shows the E3 license is sufficient https://docs.microsoft.com/en-us/intune/licenses ...
Read More
| |
Hello Azure enthusiasts,
Azure AD login for Linux VMs is a great new feature but there are things to consider when using it. I've written a new blog post about which problems you could face if you're not properly planning for user management on OS basis. H ...
Read More
| |
So new to the Azure AD Identity Protection. So I get the email for Azure AD Identity Protection Weekly Digest. So my user visits Canada and I get the alert and I know he is in Canada, I have confirm it with him and his Admin. Under details, do I mark Reso ...
Read More
I would agree with you that this would be considered a false positive if the user did visit the country noted. I would suggest using "Resolved" if, for example, you foun ...
Read More
| |
Securing your resources is important, which is why we’ve made it even simpler for you to do. Azure Security Center is available in public preview in the subscription experience.
In just a few clicks, you can enable Security Center and quickly assess the ...
Read More
| |
So I'm working on expanding the data stored about User Objects in an Active Directory, but we are looking for possible candidates to store the data in, as a lot of the fields have already been used.
We found the fields 'extensionAttribute(1-15)' and looked ...
Read More
Hi,
You can use extension attributes to store additional data like 'employee ID' etc.
Just document the change, so you know what it was used for.
They will not be ...
Read More
| |
Do you want early access to a cutting-edge security feature? We’re making our just-in-time VM access feature for Azure Security Center even easier to use and would love your feedback. Now you can seamlessly enable just-in-time access as part of the VM exp ...
Read More
| |
Hi all, having trouble with installing the Azure ATP sensor on a Windows Server 2012 R2 x64. Proxy can be reached and sensor even shows up in the console but then installation fails and rollback gets initiated. Exit Code is: 0x80070643, There's no AV in ...
Read More
| |
As announced earlier in June, later this year we plan to hold a live event to kick off our Security Customer Advisory Board (CAB) and Partner Advisory Council (PAC) for several of our products: Azure Information Protection, Azure Security Center, Azure AT ...
Read More
| |
Azure Security Center’s dashboard has been redesigned to provide cross-subscription, organizational level reports of the most important metrics that influence the organizational security posture, as well providing actionable insights to help organizations ...
Read More
| |
Hi We have currently setup a ADConnect Sync to Office 365, this is working well. We would like to start converting Sync'ed accounts in Office 365/Azure AD to "In Cloud" accounts. Can you advise or does anyone know how we might approach this? Or can point ...
Read More
You could terminate the account in Active Directory (which would terminate the account in AAD/O365) after forcing a delta sync, then login to O365 admin center and "react...
Read More
| |
Later this year, we plan to hold a live event to kick off a Security Customer Advisory Board (CAB) for several of our products (AIP, ASC, Azure ATP, and MCAS). Help us determine what topics we should focus on by taking this survey:
https://aka.ms/SecurityCAB ...
Read More
| |
Last month, we announced the extension of Azure Security Center’s detection for Linux. This post aims to demonstrate how existing Windows detections often have Linux analogs. A specific example of this is the encoding or obfuscation of command-lines.
S ...
Read More
| |
Customers tell us that securing their datacenter infrastructure requires an enormous amount of resources and investments. With the challenges of recruiting security experts to maintain secure infrastructure, there is not a clear return on investment. To ...
Read More
| |
One of Azure’s most popular service is App Service which enables customers to build and host web applications in the programming language of their choice without managing infrastructure. App Service offers auto-scaling and high availability, supports both ...
Read More
| |
Anonymous in Security + Identity
, 03-28-2018
We are currently evaluating azure ad conditional access as well as identity protection. We have a few temporal instances where a user will receive the message "Your sign-in was successful but does meet the criteria to access the resource". We believe this ...
Read More
Anonymous
replied to
Anonymous
04-18-2018
In case anyone else comes across this. I spoke with the Azure team, this reporting can only be accessed by them for the time being (in a fairly unreadable format). The re ...
Read More
| |
Come to our Azure Security Days event in New York City on May 30th or 31st. Our product team from Tel Aviv, Israel will be there, along with our Global Security Advisor team.
At this event you can:
- Connect with the experts from Microsoft to get an insi
...
Read More
| |
Hi All, ADFS is deployed in our environment and SSL certificate has subject alternative name (SAN) entries for required 3 domains:
sts.domain1.com
sts.domain2.com sts.domain3.com Can we replace existing SSL certificate with new SSL certificate with 3 more ne ...
Read More
| |
We are onboarding our regional office in Montreal to Office 365. I have been playing with custom branding for the French speakers but am unsure if the new sign-in screen will display to them. The only language option in Users and groups > Company brand ...
Read More
| |
Is it possible to create an Azure Enterprise Application to provide SSO from my companies Azure Tenant to a remote customers Azure/Office365 Portal?
| |
We have heard from our customers that investigating malicious activity on their systems can be tedious and knowing where to start is challenging. Azure Security Center makes it simple for you to respond to detected threats. It uses built-in behavioral ana ...
Read More
| |
We heard from our customers that they wanted an even simpler onboarding experience to Azure Security Center. Today, we are excited to announce the general availability of Azure Security Center’s Cross Subscription Workspace Selection.
This capability a ...
Read More
| |
We are seeing more developers building and running their applications in the public cloud. In fact, companies are using multiple public clouds to run their applications. Our customers tell us that they choose to build applications in Azure because it’s ea ...
Read More
| |
Sometime last year I achieved seamless SSO in our corporate environment with the following tools: - Windows 10 Clients
- IE11 (by adding some URLs to the intranet/trusted zones)
- Chrome (with some trickery on ADFS to get this working)
- and generally adding the whr
...
Read More
Hello Ivan, There are two ways to have seamless SSO with Azure AD:- 1)- Pass-though Seamless SSO. 2)-Password Sync Seamless SSO. Recently watched a video that has explained ...
Read More
| |
Azure Security Center (ASC) is now extending its Linux threat detection preview program, both on cloud and on-premise. New capabilities include detection of suspicious processes, suspect login attempts, and anomalous kernel module loads. Security Center i ...
Read More
| |
Each day we run the MFA Server - Activity report for the prior 24 hours and download the results in the CSV format. As of this morning, the downloaded file is not CSV data but rather an error file. It displays a Runtime Error with the message 'An applicat ...
Read More
As of this morning, April 23 2018, the MFA Activity Report download is again working. So far no cause or resolution has been provided by Microsoft Support.
| |
Hi experts, Can someone please help me with list of services we can enable for MFA from Office365 suite through Azure conditional access policies. I got few names from some blogs but not sure if the list is correct or if some service is missed- Office 365 ...
Read More
| |
Today we are excited to announce the general availability of the Azure DDoS Protection Standard service in all public cloud regions. This service is integrated with Azure Virtual Networks (VNet) and provides protection and defense for Azure resources agai ...
Read More
| |
As we all know, companies worldwide are challenged by the ongoing volume of evolving security threats and with retaining qualified security talent to respond to these threats. In fact, the average large organization gets 17,000 security alerts each week, ...
Read More
| |
We are pleased to announce the general availability of Application Security Groups (ASG) in all Azure regions. This feature provides security micro-segmentation for your virtual networks in Azure.
ASGs enable you to define fine-grained network security ...
Read More
| |
Hi All,
Good Day!!!
We want some details on how the users authentication will happen when try to login O365 url from Mumbai India, where Primary Data center is Azure {ADC+ADFS+WAP} and connected to On-prem Data Center which is located in US East & US WEST ...
Read More
| |
Hello,
I'm starting to work with AAD external/Guest users and have created a dynamic group which accumulates all users of type "Guest" into it; presently I'm not using it for any automation, but would like to use it for periodic audits ("how many extern ...
Read More
| |
Azure Active Directory Premium P1 - Windows 7 - Group Policy
Want to roll out a domain customer has Office365 currently but has mostly Windows 7 Pro machines with some Windows 10 Pro.
Does Azure Active Directory Premium P1 support Windows 7 and does it ...
Read More
Can a windows 7 device be domain joined to azure domain services using p1? And a windows 10 And if so can it be done over internet or line of sight such as a site2site vpn...
Read More
Depending on how far you're willing to go, you might consider cutting them entirely to Windows 10 and use Intune MDM for all your endpoint management. You'll get most of...
Read More
Azure AD does support users with Windows 7 but it does not help with managing GPOs by itself, you need Azure AD Domain Services for that type of functionality. AAD P1 is ...
Read More
| |
When users reset their password through the sspr/password reset on Micorosft Online i.e. recover ther account, it isthen setting the flag in on-prem AD to force password change at next login. When the user logs in again to Office.com (for example) via ADF ...
Read More
We logged a ticket with MS in the end, it was fixed by allowing the Unexpire Password permission for the AADC service account
Best Response confirmed by Andrew Sparks (Occasional Contributor)
I have not encountered this behavior before and have not been able to find it as a configuration possibility, If you have an second installation of Azure AD Connect in st...
Read More
| |
Azure Security Center offers integration with various 3rd party security solutions which provide a unified view for alerting and monitoring of your Azure and non-Azure workloads. For integrated partner solutions, Security Center scans Azure resources and ...
Read More
| |
When setting up a third party application for SSO. The user attributes "Value's" always start with "user." (e.g. user.userprincipalname, user.mail, user.surname, etc.)
Can I edit out the initial "user." or is this necessary for Azure (e.g. userprincip ...
Read More
Hi Andres,
As far as I know, this is the way Azure AD works. It points out that it's going to use the userprincipname attribute from the user. Or the mail attribute fro ...
Read More
| |
https://microsoftsecurity.uservoice.com/
Visit our User Voice site to suggest features or design changes, and vote on the suggestions others have made. We'll respond with a status update when we review, develop, and deliver a suggested feature.
Read More
That's awesome, I didn't know there was a security version of user voice. Glad to see this. Thanks for sharing Ryan!
| |
|
| |
