New Ransomware Recommendation Dashboard in Microsoft Defender for Cloud
The new Ransomware recommendations dashboard is an Azure workbook that provides you visibility into what security recommendations you should prioritize to reduce the likelihood of getting compromised by a Ransomware attack. It leverages Microsoft Defender for Cloud recommendations, and secure score to help you track progress of your security posture enhancement. Since it is based on Defender for Cloud, it also brings built-in automation capabilities to help remediate security recommendations and reduce expose factors. The diagram below represents a holistic view of how Azure Security Benchmark, which is the security foundation for Azure workloads, mapped to the MITRE ATT&CK Matrix with data visualization for end user experience. Now you will be able to identify gaps in your security hygiene that are related to Ransomware and prioritize the remediations accordingly. Addressing these will improve the overall security posture of your Azure workloads and help you in your journey to improve your secure score. This dashboard is focused on the following aspects: In this dashboard you will find tabs that allow you to navigate and explore the security recommendations based on different criteria. Please watch the video below for a full demonstration on how to use this dashboard: By understand in which stage of the MITRE ATT&CK matrix the recommendation is located, you can prioritize remediations earlier on and reduce the probability of further damage done by the attacker. The Ransomware dashboard can be utilized to prioritize the remediation of recommendations for scenarios such as: Ensures up to date VMs with relevant security patches Enable anti-malware on your VMs Reduce attack surface by enabling just-in-time access to management ports For more information about Ransomware attacks, make sure to read the following resources: Azure Defenses for Ransomware Attack Human-operated ransomware Maximize Ransomware Resiliency with Azure and Microsoft 365 3 steps to prevent and recover from ransomware
Microsoft Defender for Cloud Now Supports CIS Azure Security Foundations Benchmark 2.0.0
We are thrilled to announce that Microsoft Defender for Cloud, in collaboration with the Center for Internet Security (CIS), now supports the latest CIS Azure Security Foundations Benchmark - version 2.0.0. This release also includes the new corresponding built-in policy initiative in the Azure Policy blade. Please refer to our product documentation to learn how to add CIS Azure Security Foundations Benchmark 2.0.0 to your dashboard. The release of CIS Azure Security Foundations Benchmark v2.0.0 represents a major version shift of CIS Azure benchmark product support in Azure platform. The v2.0.0 aligns with Microsoft cloud security benchmark and now encompasses over 90 built-in Azure Policies, which is a substantial leap forward compared to the previous versions. The current versions of CIS Azure Security Foundations Benchmark (v1.4.0, v1.3.0, and v1.0) will be gradually phased out from Defender for Cloud. This major release is also an outcome of a joint effort between Microsoft, the Center for Internet Security (CIS), and the broader user communities. Especially, many thanks are due to the CIS Microsoft Azure Community experts who made this effort possible: Robert Burton Luke Schultheis Niclas Madsen Steve Johnson Ian McRee We look forward to hear more feedback from our user community, you welcome to reach out to us at benchmarkfeedback@microsoft.com
