Forum Widgets
Latest Discussions
Microsoft Defender for Cloud compute recommendations
Is there a current offline copy inExcel format of all compute recommendations in Microsoft Defender for Cloud such asMCSB? Reference table for all compute security recommendations in Microsoft Defender for Cloud - Microsoft Defender for Cloud | Microsoft Learn
New Blog | Enhancing Server and Container Risk Score Analysis in Power BI
Byiulio Astori Microsoft Defender for Cloud provides vulnerability assessments for both virtual machines (servers) and container images, identifying vulnerabilities as Common Vulnerabilities and Exposures (CVEs). The risk posed by each CVE is assessed using the Common Vulnerability Scoring System (CVSS), providing a standardized numerical score that ranges from 0.0 to 10.0, translated into severity ratings like Low, Medium, High, or Critical. While Microsoft Defender for Cloud provides a robust risk level assessment for each resource, there is an opportunity to enhance this by integrating additional factors such as the exploitability of each CVE, the age since it was made public, and whether the CVE is a zero-day vulnerability. Additionally, resources themselves have contextual elements such as the number of attack paths, which can significantly impact their overall risk. The Power BI solution builds Defender for Cloud's capabilities by integrating these multiple factors, providing a more comprehensive risk score for each resource and enhancing the prioritization of vulnerabilities requiring urgent remediation. This combined approach allows users to generate a more accurate top-down list of resources needing attention. Read the full post here:Enhancing Server and Container Risk Score Analysis in Power BIDavidFernandesOct 22, 2024Microsoft
New Blog | New E-book: Building a Comprehensive API Security Strategy
ByLoren Goduti APIs are everywhere – they are proliferating at a rapid pace, therefore, making them a prime target for attackers. Thus, having a plan to secure protect your APIs as part of your overall cybersecurity strategy is critical for protecting your business, as well as sensitive user data. We are excited to share our newest e-book:Building a Comprehensive API Security Strategy Read the full post here:New E-book: Building a Comprehensive API Security StrategyDavidFernandesOct 22, 2024Unable to View Audit Logs
Hi all! I am once again coming to you, asking for assistance. We had a security alert in Azure and I was able to go all the way through to see what the issue was, BUT when I try to go into the "View Suspicious Activity" page I get the below. Now multiple users in my team get the same as me, but one user can see everything in here. He's not even in the resource with any permissions yet he can see these logs. Am I missing something really obvious? Or is this another fun little bug? Thanks in advance
SQL servers on machines AMA Not Reflected In Resource Count
I have enabledSQL servers on machines at a subscription level: I can see that the protection has been enabled on the SQL virtual machine resources within the subscription: I can also see the ATP and Scan status data being ingested into the configured Log Analytics workspace as well as vulnerability assessment results on the SQL virtual machine underMicrosoft Defender for Cloud so all seems to be working. The issue is that Defender is not reflecting Resource quantity: Is anyone able to advise why this would be the case and how I can go about getting this to update? I am using the custom Log Analytics workspace option which is situated in a different subscription. I have also noted that a subscription with the legacy Log Analytics agent solution for the SQL servers on machines seems to reflect the Resource quantity correctly, could this be the difference?
