You are reading the October issue of the Infrastructure + Security: Noteworthy News series! As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis.
Microsoft is updating Azure services to use TLS certificates from a different set of Root Certificate Authorities (CAs). This change is being made because the current CA certificates do not comply with one of the CA/Browser Forum Baseline requirements. View this article to see when this will happen per service.
Azure AD Conditional Access can ensure that the right people have the access to resources they need from wherever they are. We’ve had a ton of requests for Conditional Access APIs to manage policy at scale. That’s why it is so cool that at Microsoft Ignite, we announced that Conditional Access APIs and named location APIs has reached general availability in Microsoft Graph!
We’re thrilled to announce that a new multi-tenant management experience called All tenants is now rolling out to Microsoft 365 customers. The All tenants list is specifically for admins that manage two or more Microsoft 365 tenants.
In addition to the option of removing unwanted external identities from resources such as groups or applications, Azure AD Access Reviews can block external identities from signing-in to your tenant and delete the external identities from your tenant after 30 days.
We’ve made several changes to identity provisioning in Azure AD over the past several months, based on your input and feedback. The public preview of Azure AD Connect cloud provisioning has been updated to allow you to map attributes, including data transformation, when objects are synchronized from your on-premises AD to Azure AD.
Microsoft is updating Azure services to use TLS certificates from a different set of Root Certificate Authorities (CAs). This change will ONLY impact Azure AD hybrid agents installed on-premises that have hardened environments with a fixed list of root certificates and will need to be updated to trust the new certificate issuers. This change will result in disruption of service if proper action is not taken.
Since December last year, we've been making a lot of investment into the Microsoft Remote Connectivity Analyzer site. We're thrilled to announce that our Office 365 tests now have modern authentication capabilities!
In this episode of Data Exposed with Sasha Nosov, learn how Azure Arc allows you to leverage Azure Services for your existing database applications hosted on-premises or in other public clouds, without changing or even stopping them.
This month we have a second technical preview. We've made improvements to applications for tenant attached devices. Administrators can now several more actions for applications in the Microsoft Endpoint Manager admin center.
The deadline, November 2, 2020, is fast approaching. Customers running Microsoft Defender for Endpoint on Windows 7 or Windows Server 2008 R2 must take a couple of actions or their agents will stop sending data.
This month we have a packed blog with a lot of new features that are now generally available to improve your experience with meetings and calling, chat and collaboration, as well as a number of new updates to Microsoft Teams devices.
In this article you will read about an amazing addition to our family of credential compromise detection capabilities – this one uses our machine learning technology and global signal to create incredibly accurate detection of a nuanced attack called “password spray.” This is a great example of where worldwide, multi-tenant detection combines with rapidly evolving detection technology to keep you safe from this very common attack.
CAE is available in public preview for Azure AD tenants who have configured Conditional Access policies. Microsoft services, like Exchange and SharePoint, can terminate active user sessions as soon as a Conditional Access policy violation is detected.
As organizations start to use Azure Security Center Secure Score to measure their journey to a better cloud security posture, it becomes important to understand how this secure score is progressing over time. With our new Power BI dashboard, you will be able to track your secure score progress over time and your resources’ health.
We are excited to share that Azure Defender for Key Vault has been generally available since Microsoft Ignite on September 22nd, 2020! We have prepared this blog to go over the several topics. Be sure to check it out.
At Ignite, we announced Microsoft 365 Defender which brings the threat protection service portfolio across Microsoft 365 together under a unified brand. This new unified branding is a testament to our continued endeavor to integrate the different threat protection focused services across Microsoft. Office 365 Advanced Threat Protection is now Microsoft Defender for Office 365. While the name has changed, what has not changed is Microsoft’s continued commitment to offer best-of-breed protection against attacks targeting Office 365.
We are excited to announce a new built-in report for Microsoft Defender for Endpoint’s threat and vulnerability management capability, the vulnerable devices report! The Vulnerable devices report provides extensive insights into your organization’s vulnerable devices with summaries of the current status and customizable trends over time.
As our team assists customers in adopting Microsoft Cloud App Security, and continues to encourage customers to leverage the best of its capabilities, we often see that a number of our customers are not aware of how simple and beneficial it can be to connect their other apps (in addition to O365 and Azure) to Cloud App Security. To help you in that journey, we’ve compiled a short series of videos to help you with key points of integration.
You may have noticed that after synchronizing updates released on patch Tuesday (October 13, 2020), Windows 10 Feature Updates for versions 1903 and 2004 that were previously downloaded, now show a status of Downloaded = No under the All Windows 10 Updates node. The content for these Windows 10 Feature Updates were revised to address a security issue. As a result of this content revision, any previously downloaded feature updates will need to be downloaded again.