Extremely Slow Performance Since Defender Was Pushed on Us
Compliance, Security, Protection, and Defender are all extremely slow, with responses from screen to screen ranging from 30 seconds to multiple minutes between clicking items and waiting for Microsoft cloud to return results. I have a GB link and speed test well over 600 Mbps so it's not on my end. It appears the cutover in late January to this new "Defender" platform has been extremely detrimental to the Office portal response times in these portals. What is being done to resolve this?
New Blog | Keep your online activity safer on public Wi-Fi with Microsoft Defender for individuals
By Ashwin PR Figure 1 - Privacy protection UI on the Defender mobile app Public Wi-Fi is usually free, easy and convenient, but not necessarily always safe. As they say, there is no ‘free lunch’ . Microsoft Defender for individuals 1 aims to provide a safer online experience wherever you go and late last year, we introduced privacy protection (VPN) 2 , so you can browse without having to worry about your personal data being intercepted over an unsecure Wi-Fi connection. Read the full post here: Keep your online activity safer on public Wi-Fi with Microsoft Defender for individualsMicrosoft Security Product Reviews on Gartner Peer Insights: Give product feedback & get rewarded!
We love hearing more about our customers’ experience with our products! We’re currently working on growing our product reviews of Microsoft Security products on Gartner Peer Insights. We would love for you to participate and share your thoughts, feedback, and experiences using Microsoft Security products to help others in their buying process. To provide feedback on the capabilities of the Microsoft Security products, please click on the link below. You will need to first log in to your Gartner Peer Insights account or take 30 seconds to create a free account. Once you have completed your review, GPI will prompt you to choose a gift card option. Gift cards are valued at $25 USD, and they are available in multiple currencies worldwide. As soon as your review is approved, the card will be made available to you digitally. Microsoft Entra ID Microsoft Defender for Office 365 Microsoft Sentinel Microsoft Purview eDiscovery Each person is limited to one review per product on the above-mentioned site. Only Microsoft customers are eligible to participate. Microsoft partners and MVPs are not eligible. The offer is good only for those who submit a product review on Gartner Peer Insights as linked on this page. Any gift returned as non-deliverable will not be re-sent. Microsoft reserves the right to cancel, change, or suspend this offer at any time without notice. The offer is non-transferable and cannot be combined with any other offer. This offer runs through June 30, 2025, or while supplies last, and is not redeemable for cash. Taxes, if there are any, are the sole responsibility of the recipient. This offer does not apply to customers in Cuba, Iran, North Korea, Sudan, Syria, Region of Crimea, Russia, and China. Please see the below for more information Microsoft Privacy Statement Gartner’s Community Guidelines & Gartner Peer Insights Review GuideNew Blog | Secure your AI transformation with Microsoft Security
By Daniela Villarreal Generative AI is reshaping business today for every individual, every team, and every industry. Organizations engage with GenAI in a variety of ways – from purchasing and using finished GenAI apps to developing, deploying, and operating custom-built GenAI apps. GenAI broadens the attack surface of applications through prompts, training data, models, and more – thereby effectively changing the threat landscape with new risks such as direct or indirect prompt injection attacks, data leakage, and data oversharing. In March this year, we shared how Microsoft Security helps organizations discover, protect, and govern the use of GenAI apps like Copilot for M365. Today, we’re thrilled to introduce additional capabilities for that scenario and new capabilities to secure and govern the development, deployment, and runtime of custom-built GenAI apps. With these new innovations, Microsoft Security is at the forefront of AI security to support our customers on their AI journey by being the first security solution provider to offer threat protection for AI workloads and providing comprehensive security to secure and govern AI usage and applications. Secure and govern GenAI you build: Discover new AI attack surfaces with AI security posture management (AI-SPM) in Microsoft Defender for Cloud for AI apps using Azure OpenAI Service, Azure Machine Learning, and Amazon Bedrock Protect your AI apps using Azure OpenAI in runtime with threat protection for AI workloads in Microsoft Defender for Cloud, the first cloud-native application protection platform (CNAPP) to provide runtime protection for enterprise-built AI apps using Azure OpenAI Service Secure and govern GenAI you use: Discover and mitigate data security and compliance risks with Microsoft Purview AI Hub, now offering new insights, including visibility into unlabeled data and SharePoint sites that are referenced by Copilot for M365 and non-compliant usage such as regulatory collusion, money laundering, and targeted harassment for M365 interactions Govern AI use to comply with regulatory requirements with 4 new AI compliance assessments in Microsoft Purview Compliance Manager Discover new AI attack surfaces As organizations embrace GenAI, many accelerate adoption with pre-built GenAI applications while others choose to develop GenAI applications in-house, tailored to their unique use cases, security controls and compliance requirements. Organizations from all industries are racing to transform their applications with AI, with over half of Fortune 500 companies using Azure OpenAI. With all the new components of AI workloads such as models, SDKs, training, and grounding data – the visibility into understanding all the configurations of these new components and the risks associated with them is more important than ever. With new AI security posture management (AI-SPM) capabilities in Microsoft Defender for Cloud, security admins can continuously discover and inventory their organization’s AI components across Azure OpenAI Service, Azure Machine Learning, and Amazon Bedrock – including models, SDKs, and data – as well as sensitive data used in grounding, training, and fine tuning LLMs. Admins can find vulnerabilities, identify exploitable attack paths, and easily remediate risks to get ahead of active threats. Figure 1: Attack path analysis in Defender for Cloud identifies an indirect risk to an Azure OpenAI resource where an attacker can exploit vulnerabilities via an internet exposed VM to potentially gain access and control of the AI resource, model deployments, and data. Read the full post here: Secure your AI transformation with Microsoft SecurityNew Blog | Understanding Cloud Native Application Protection Platforms (CNAPP)
By Erica Toelle Giulio Astori, Principal Product Manager at Microsoft, joins Erica Toelle and guest host Yuri Diogenes on this week's episode of Uncovering Hidden Risks. Giulio Astori works as a Principal Program Manager for Microsoft Defender for Cloud and Yuri has been at Microsoft for the past 18 years and manages a Product Management team for the Defender for Cloud Product. In this discussion, Giulio delves into the world of Cloud Native Application Protection Platforms (CNAPPs), explaining their significance and utility in enhancing cloud security and protecting workloads. He explores the distinction between CNAPPs and Cloud Security Posture Management, shedding light on their roles in bolstering organizational security. In This Episode You Will Learn: What a Cloud Native Application Protection Platform is and why it's useful The difference between CNAPP and Cloud Security Posture Management How organizations can start to plan for CNAPP adoption Read the full post here: Understanding Cloud Native Application Protection Platforms (CNAPP)New Blog | Expanding privacy protection in Microsoft Defender for individuals
By Ashwin PR Figure 1: Privacy protection/VPN At Microsoft, we believe privacy is a fundamental human right. Our apps and solutions are centered around privacy and the latest addition to Microsoft Defender for individuals 1 is the inclusion of privacy protection 2 that helps protect your privacy when browsing online or on public Wi-Fi. Privacy protection expansion Late last year we launched privacy protection on Android to our United States-based users. Today, we are adding privacy protection to iOS in the US and United Kingdom and extending current privacy protection on Android to the United Kingdom. Privacy protection is coming soon to Windows and macOS as well and will be available in more regions in the coming months. Microsoft Defender is available exclusively with a Microsoft 365 Personal or Family subscription. Advertisers target you with ads based on your browsing location by capturing your IP address/location to improve their targeting. Your location is amongst many tracking mechanisms used to digitally profile you. And, we are often on-the-go; be it coffee shops, airports, hotels, or everywhere else. And we want to stay connected. Wi-Fi is free and convenient to use which also means hackers may exploit it. Unsecure Wi-Fi comes with its own risks where hackers may gain access to your personal and sensitive data. There is no guarantee that public Wi-Fi hotspots are always safe to connect to. Here are a few examples of attacks that show how public Wi-Fi hotspots can compromise your privacy and security. Read the full post here: Expanding privacy protection in Microsoft Defender for individuals
Newsletter for updates - as per customer request
one of my colleague asked a question and i couldn't help him maybe here you ll be able to clarify <::One of my customers mentioned, that they want to be proactively informed about security incidents and news around the topic security from Microsoft, as they have critical infrastructure. Does anyone know, which newsletter that customer could register for?::>
Missing data from the Office Activity logs
I run a query on a daily basis that uses the OfficeActivity table and filters the term Send within the operation field. I started to notice that my results were decreasing so I ran a summary for the past month and noticed a huge decrease in OfiiceActivity capturing the send activity. Any thoughts on what would be the cause of this? PS it is not sentinel missing data, because when I check the activity in Defender for cloud, the results are the same. Here is the query I ran: OfficeActivity | where TimeGenerated > ago(30d) | where Operation contains "Send" | summarize count() by bin(TimeGenerated, 1d) And here are the results: TimeGenerated [UTC] count_ 8/25/2023 417 8/24/2023 66 8/23/2023 93 8/22/2023 77 8/21/2023 73 8/20/2023 16 8/19/2023 17 8/18/2023 326 8/17/2023 2978 8/16/2023 3175 8/15/2023 4106 8/14/2023 3632 8/13/2023 466 8/12/2023 527 8/11/2023 2516 8/10/2023 3187 8/9/2023 3143 8/8/2023 3289 Now today it is looking like it is starting to climb back but I need to rely on this data so I wouldn't mind knowing why it stopped for almost a week. (no changes that would impact our environment were made btw)
Azure Resource Graph Explorer - KQL Key Vaults: Find resources with Public Access set to Allow
I'm working on a query(KQL) that will help me identify which Key Vault and Storage accounts have Network rules set to "Allow public access from all networks"(Key Vaults) or "Enabled from all networks"(Storage accounts). Current query: Resources | where type == 'microsoft.keyvault/vaults' | extend allowAll = iif(properties.publicNetworkAccess == "Enabled") = "Yes" else "No" | project type, name, location, resourceGroup, subscriptionId, allowAll I would like a variable set to either YES or NO based off of the current status of the NetworkAccess per resource. Please let me know if any other informaiton is needed. Cheers, Serge
