Update OpenSSL : Machines should have vulnerability findings resolved
Hi, I am new to this Defender Cloud. We are getting this message about out of date OpenSSL version: I have updated the .NetCore to the latest version : However it still doesnt seems to have resolved the error from Defender Cloud. I dont have any OpenSSL client installed on this machine from .net core. when I searched I only found these files : any assistance will be greatly appreciated on how do I resolve this issue? as far as I can see everything is up to date.
Security alerts in Microsoft defender for Cloud
Hello All, we have received below security alert in Microsoft defender for cloud for our App service. 1) NMap scanning detected (for this we got the carrier and organization as Microsoft) 2) Vulnerability scanner detected 3) Suspicious User Agent detected Our website is Internet facing (Public facing). so, we cannot put much restriction on our app service (ex IP restriction, SSL certificate). We are unable to investigate the below alerts. we checked the log analytics workspace logs but and extracted the logs from the caller IP. but could not find much information form it we also checked there was no impact found on our webapp. 1) NMap scanning detected (for this we got the carrier and organization as Microsoft) 2) Vulnerability scanner detected 3) Suspicious User Agent detected Is there any way by which we can investigate why these alerts got generated. and what next action can be taken on this ?
Blog | Malware Scanning for cloud storage GA pre-announcement|prevent malicious content distribution
Malware Scanning in Defender for Storage will be generally available (GA) for Azure Blob Storage on September 1, 2023. This add-on to Defender for Storage will be priced at $0.15 (USD) per GB of data scanned. Malware Scanning in Defender for Storage helps protect your Blob storage accounts from malicious content by performing a full, built-in, agentless malware scan on uploaded content in near real time, using Microsoft Defender Antivirus capabilities. It scans all file types and allows you to detect and prevent malware distribution events. Read the full blog post: Malware Scanning for cloud storage GA pre-announcement | prevent malicious content distribution at scale (microsoft.com)
New Blog Post | Azure Security Center
Azure Defender and Security Center – Ignite 2021 Announcements - Microsoft Tech Community Author: Gilad Elyashar We are happy to announce new protections for Windows Server 2019, Windows 10 Virtual Desktop and networking as well as improved experiences for alerts and reporting. Security Control: Enable encryption at rest - Microsoft Tech Community Author: Safeena Begum Lepakshi This Security Control contains up to 3 recommendations, depending on the resources you have deployed in your environment, and it is worth maximum whopping points of 4 (6%) that counts towards your overall Secure Score. These recommendations are meant to keep your resources safe and improve your security hygiene where continuous teamwork must be placed.New Blog | Microsoft Defender Cloud Now Supports CIS Azure Security Foundations Benchmark 2.0.0
We are thrilled to announce that Microsoft Defender Cloud, in collaboration with the Center for Internet Security (CIS), now supports the latest CIS Azure Security Foundations Benchmark - version 2.0.0. This release also includes the new corresponding built-in policy initiative in the Azure Policy blade. Read the full update here: Microsoft Defender Cloud Now Supports CIS Azure Security Foundations Benchmark 2.0.0New Blog | 'SQL servers on machines should have vulnerability findings resolved.'
Databases contain some of your most sensitive data, which makes them an obvious target for attackers. Most attackers are usually looking for data, whether it is to acquire sensitive data for their own use (to sell), to encrypt it (to sell back to you), or to destroy it (to cause you reputational and operational harm). Databases have an extended attack surface and are often misconfigured which can lead to an attacker gaining access, elevating permissions, and wreaking havoc. This recommendation is generated by Defender for SQL on machines Vulnerability Assessment. The rules that we check for are a set of possible misconfigurations that should be addressed. When you have findings for this recommendation, you have four options on how to handle it. We’ll go into depth on each of them in this blog. Read the blog: Microsoft Defender for Cloud - 'SQL servers on machines should have vulnerability findings resolved' - Microsoft Community Hub
Centralize remediation for defender reccomendations
Hi, I have a question. Can I apply the remediation of Microsoft defender reccomendation one time for all subscription that I have? For example I want to resolve MFA reccomendation for all subscription (15) but apply the remediation one time. (I‘’m referring to all the reccomendation that not provide quick fix button). DeployIfNotExist can help me? Or blueprint? ThanksTalk to our engineers about Microsoft Defender for Cloud protection capabilities
Data Security has become top priority for organizations, greatly emphasized by the transition to cloud, rise in privacy and regulatory legislations, and Intellectual Property needs. Organizations look for Data Security technologies to address data security risks and to protect their data in an ever growing and complex eco-system of devices, platform, locations, and data asset types. The Cloud Data Security (CDS) product team is developing new capabilities in Microsoft Defender for Cloud that enhances data security posture management based on data sensitivity and data risk. We are currently collecting customer’s input on data protection capabilities for structured and unstructured data and would like to speak with customers interested in protecting their data in the cloud. During this conversation, you will be speaking directly with the Cloud Data Security engineering group regarding cloud data protection needs for structured and unstructured data such as data loss prevention, encryption, tokenization, masking, and access policies. Your input is important and will help influence the design and development of key features. If are interested in talking to our Cloud Data Security Engineering team about protection capabilities within Microsoft Defender for Cloud, please fill out this form --> https://aka.ms/MDFCDataProtectionNew Blog | Microsoft Defender for Cloud capabilities to counter identity-based supply chain attacks
In recent years, cloud identity-related security issues in supply chain attacks have gained significant attention. A supply chain attack occurs when attackers infiltrate a target organization by gaining access to its trusted suppliers or third-party service providers. Although supply chain attacks are not exclusive to the cloud environment, the advent of cloud computing has introduced unique considerations and risks to this type of attack. Read the blog here: Announcing Microsoft Defender for Cloud capabilities to counter identity-based supply chain attacks - Microsoft Community Hub
