Microsoft Security Matters - October 2020 (Ignite Wrap-up)
Published Oct 05 2020 11:29 AM 3,448 Views

It was super busy month in September with normal fury of announcements but this month also included a lot of exiting news from Ignite. In the sections below, I have called out the Ignite announcements for each of the product areas. In addition, I have attached a deck that includes the Ignite news along with links to sessions.


General News

Microsoft report shows increasing sophistication of cyber threats

Industry-wide partnership on threat-informed defense improves security for all

Microsoft Security: Use baseline default tools to accelerate your security career

Microsoft Security—detecting empires in the cloud

Microsoft Security: 6 tips for enabling people-centric cybersecurity with security training

STRONTIUM: Detecting new patterns in credential harvesting


Azure Defender & Sentinel News

Ignite Announcements

Stay ahead of threats with new innovations from Azure Sentinel

  • UEBA + Entity Profile
  • Threat Intelligence
  • Watchlists
  • Enterprise-Wide Data Collection
  • Machine Learning
  • IoT/OT

Azure Defender for IoT: Agentless Security for OT

Azure Security Benchmark v2 is now available with expanded security control assessments

Protect multi-cloud workloads with new Azure security innovations

  • CyberX integration for Azure Defender
  • Multi-cloud security posture management for Azure Security Center
  • Managed hardware security module for Azure Key Vault
  • Additional service support for Customer Lockbox for Azure
  • Double Encryption for data at rest and transit


Other Announcements

Azure Security Center—News and updates for September 2020

Analysing Web Shell Attacks with ASC data in Azure Sentinel

Enriching Windows Security Events with Parameterized Function

Auditing Azure Sentinel activities

Understanding Microsoft Teams Data Schema in Azure Sentinel - Analyst / Researcher View

Security Controls in Azure Security Center: Manage Access and Permissions

Security capabilities in Azure Kubernetes Service on Azure Stack HCI

Assigning Permissions in Azure Security Center

Secure your IoT Edge compute today with enclaves

What’s new: Office 365 Advanced Threat Protection connector in Public Preview

What's new: Analytics FileHash entity hits GA!

Build a scalable security practice with Azure Lighthouse and Azure Sentinel

Azure Sentinel Incident Bi-directional sync with ServiceNow

How to Protect Office 365 with Azure Sentinel

Introducing the Azure Network Security Tech Community and Github Repo

What’s new: Azure DDoS Protection connector in Public Preview for Azure Sentinel

Security Alerts For Synapse Analytics In Azure Security Center

Microsoft Teams logs in Azure Sentinel (public preview)

How to integrate vulnerability management in Azure Sentinel

Continuously export security findings from vulnerability assessment solution recommendations

Security Controls in Azure Security Center: Enable Endpoint Protection

What’s New: Azure Firewall Connector in Public Preview!

Giving Specific Analysts Access to Specific Azure Sentinel Playbooks

Accelerate your adoption of SIEM using Azure Sentinel and a new offer from Microsoft


Microsoft 365 Security (All Up News)

Changes to improve security for Windows devices scanning WSUS

Force firmware code to be measured and attested by Secure Launch on Windows 10


M365 Identity & Device Protection (Azure AD, Intune)

Ignite Announcements

What's new in Azure Active Directory at Microsoft Ignite 2020

  • Azure AD Conditional Access API is now generally available in Microsoft Graph
  • Azure AD Application Proxy so that in addition to configuring SSO to legacy on-premises apps, you can connect apps that use header-based authentication, the most popular legacy authentication protocol

Microsoft Endpoint Manager announces support for Windows Virtual Desktop machines

Introducing Microsoft Tunnel for remote access to corporate resources from iOS and Android


Other Announcements

New enhancements to Security Baselines in Microsoft Endpoint Manager

Azure Active Directory External Identities goes premium with advanced security for B2C

Securing a remote workforce with Zero Trust


M365 Defender (Defender for Office, Defender for Endpoint, Defender for Identity)

Ignite Announcements

Microsoft delivers unified SIEM and XDR to modernize security operations

Microsoft Defender for Endpoint adds depth and breadth to threat defense across platforms

  • Mobile threat defense for iOS
  • Threat and vulnerability management for macOS will go into public preview this week

Announcing Priority Account Protection in Microsoft Defender for Office 365

Keeping users safe and productive with Microsoft 365 Apps for enterprise

  • Antimalware Scan Interface (AMSI) integration for Excel 4.0 (XLM) macros
  • Security Policy Advisor analyzes how individuals use Microsoft 365 Apps for enterprise and then recommends specific policies to boost an organization’s security profile.
  • Enabling protected access to untrusted files

Announcing Attack Simulation Training in Microsoft Defender for Office 365


Other Announcements

Announcing Tamper Protection for Configuration Manager Tenant Attach clients

451 Research publishes a report about Microsoft Defender for Endpoint

Announcing new Endpoint Security Antivirus reports!

Microsoft Defender ATP Ninja Training: September 2020 update


M365 Compliance & Governance

Ignite Announcements

Continuing Momentum with Microsoft Information Protection (MIP)

    • Integrations of MIP with Symantec, McAfee, Relativity, VMWare

Extending the Microsoft Compliance ecosystem with new connectors, APIs and built-in customizations

    • Partnership with Globanet and Telemessage to expand our data connector coverage to 25 built-in connectors
    • Microsoft Graph API for eDiscovery - Public Preview
    • Microsoft Graph API for Teams Export - Public Preview
    • New Power Automate connector integration with Insider Risk Management and Communication Compliance solutions
    • Advanced eDiscovery now has improved workflows and support for linked content in emails or chat messages.

A unified approach to data loss prevention from Microsoft

    • Extension of Microsoft data loss prevention to Microsoft Cloud App Security (MCAS)
    • Microsoft Graph API for Teams DLP GA

Improving eDiscovery workflows and enhancing your forensic investigations

    • 45 new and 11 improved sensitive information types, covering key regulations in Asia Pacific and in Europe.
    • Automated on-premises network discovery
    • Protecting sensitive information in Office apps GA
    • Customer Key support for Teams
    • Double key Encryption GA

Effectively managing insider risks with integrated collaboration solutions including Microsoft Teams

What’s new in Microsoft Information Governance and Records Management

    • Create in-place retention policies for Yammer and Teams meeting recordings
    • Manage regulatory records with strict immutability requirements
    • Leverage SharePoint Syntex to manage records intelligently
    • Fine-tune trainable classifiers with the new feedback loop capabilities

Improving eDiscovery workflows and enhancing your forensic investigations

    • Support for collecting, reviewing and exporting linked content from OneDrive and SharePoint Online in Advanced eDiscovery (GA)
    • First set of Graph APIs for Advanced eDiscovery (Public Preview)
    • New audit events in Advanced Audit (GA)
    • 10-year retention add-on in Advanced Audit (GA)

Other Announcements

Microsoft Advanced Compliance Solutions in Zero Trust Architecture

Improving eDiscovery workflows and enhancing your forensic investigations

Request for Manager Action using MCAS & Power Automate

Secure external collaboration using sensitivity labels

Enhanced regulatory, legal and forensic investigation capabilities now in the Government Cloud

Best practices to simplify governing employee access across your applications, groups and teams

Version history
Last update:
‎Oct 05 2020 11:29 AM
Updated by: