I have absolutely no idea what Microsoft Defender 365 wants me to do here
The process starts with an emal: There's more below on the email - an offer for credit monitoring, an option to add another device, an option to download the mobile app - but I don't want to do any of the, so I click on the "Open Defender" button, which results in this: OK, so my laptop is the bad boy here, there's that Status not of "Action recommended", with no "recommendations" and the only live link here is "Add device", something I don't need to do. The only potential "problem" I can even guess at here is that Microsoft is telling me that the laptop needs updating. Since I seldom use the laptop, only when traveling, I'd guess the next time I'd fire it up the update will occur, but of course I really don't know that's the recommended action it's warning me about, do I? You'd expect that if something is warning you "ACTION NEEDED!!!" they'd be a little more explicit, wouldn't you?
Defender for Identity health issues - Not Closing
We have old issues and they're not being "Closed" as reported. Are we missing something or is this "Microsoft Defender for Identity" Health Issues process broken? Thanks! Closed: A health issue is automatically marked as Closed when Microsoft Defender for Identity detects that the underlying issue is resolved. If you have the Azure ATP (workspace name) Administrator role, you can also manually close a health issue.
Tenant Forwarding - Trusted ARC Sealer
As part of a tenant to tenant migration we often need to forward mail from one tenant to another. This can cause some issues with email authentication verdicts on the destination tenant. Is it possible or best practice to configure another tenant as a Trusted ARC sealer to help with forwarded email deliverability?Enterprise IoT Security now included in E5
To help organizations achieve a more holistic endpoint security strategy that traverses both IT and eIoT devices easily, we are thrilled to announce that the eIoT security capabilities of Microsoft Defender for IoT are now included with Microsoft 365 E5 and E5 Security plans at no additional cost for new and existing customers. For more details please visit: Enterprise IoT security now included with Microsoft 365 E5 blog post. This enhancement empowers security teams to: Eliminate critical blind spots by discovering unmanaged enterprise IoT devices. Identify anomalies across the enterprise IoT device estate with continuous monitoring. Harden posture across enterprise IoT with vulnerability assessments with actionable guidance to help remediate at-risk device. What's Changing? Defender for IoT’s EIoT is transitioning from a consumption-based payment model in the Azure portal to a per-device, per-month licensing model as an integral part of Microsoft 365. It is now accessible to both new and existing customers of Microsoft 365 E5 and E5 Security. The new license includes coverage for up to five enterprise IoT devices per eligible user license at no additional cost. Learn more: Get started with enterprise IoT monitoring in Microsoft 365 Defender Start securing IoT devices in the enterprise Read the enterprise IoT security FAQ Microsoft Defender for IoT Plans and Pricing | Microsoft Security web page.
New blog post | Microsoft Defender for IoT moves to site-based licensing
On June 1, 2023, Microsoft Defender for IoT moved to site-based licensing for organizations looking to protect their operation technology (OT) environments. The previous Azure consumption model for this solution will no longer be available for purchase by new customers. Existing customers can choose to transition to site-based licensing or remain on the consumption model. Microsoft Defender for IoT - New site-based licensingCloud-delivered IoT/OT threat intelligence — now available for Defender for IoT
Threat intelligence updates for Azure Defender for IoT can now be automatically pushed to Azure-connected network sensors as soon as updates are released, reducing manual effort and helping to ensure continuous security. Learn why threat intelligence specifically tailored to industrial and critical infrastructure organizations is a more effective approach for proactively mitigating IoT/OT vulnerabilities and threats, and how it complements Defender for IoT's native behavioral analytics.
Ugly Defender awareness training screen
I want to use the extensive training material available from the E5 licenses we just shelled out a boat load of $$ for. However, when someone gets an invite and they click the link to do the training they are taken to the Defender page. This might be fine for a technical person but its ugly as F for my users. Plus, there is extra rubbish like Threat Intelligence, Trials, Reports, settings etc they can access that I don't want them too. This is not a very polished interface for non-technical people. Is there a way to fix this? Can it send them the direct training URL, so it just opens the training and not the defender page from them to open the video? Can we do a custom landing page but put the assigned training URLs into that? This is ugly there has to be a way to make this more user friendly.
