threat protection
394 TopicsThe Microsoft Cloud App Security (MCAS) Ninja Training (March 2021 Update)
We’ve updated the MCAS Ninja Training since this post was published. For the latest version of the training, visit Microsoft Cloud App Security (MCAS) Ninja Training | September 2021 - Microsoft Tech Community.225KViews24likes25CommentsMicrosoft Defender for Cloud - strategy and plan towards Log Analytics Agent (MMA) deprecation
Log Analytics agent (also known as MMA) is on a deprecation path and will be retired in Aug 2024. The purpose of this blogpost is to clarify how Microsoft Defender for Cloud will align with this plan and what is the impact on customers.106KViews2likes28CommentsUpdating best practices for Domain Controllers
Customers are on a journey and hybrid identity environments will be an important state for many customers for a long time. Domain Controllers still act as a pivotal piece of infrastructure for many organizations, and the identities that Active Directory holds are often the target for attackers.Azure Defender for IoT is now in public preview
Azure Defender for IoT is now available in public preview for on-premises deployments, with the option of connecting securely to Azure Sentinel to eliminate IT/OT silos and provide a unified view of threats across both IT and OT environments. It also integrates out-of-the box with third-party tools like Splunk, IBM QRadar, and ServiceNow.Deploying and Onboarding 2008 R2
Hi all, We purchased Defender for Business Servers, and i need to install it on some 2008 R2 servers. There is no Defender for Endpoint software, so following the guides, i only have to install the MMA, but then how i know my server is protected? i need to enroll it at azure? Our servers are on-premise, and i don't know if i need to use Azure Arc (i need to pay?), anyone is using Defender for Windows Servers (On-Premise) with 2008 R2 version? Thanks in advanceSolved49KViews0likes7CommentsNew Blog Post | Enhancements to Azure WAF for Application Gateway now in General Availability
Enhancements to Azure WAF for Application Gateway now in General Availability - Microsoft Community Hub Azure Web Application Firewall (WAF) on Azure Application Gateway provides centralized protection for your web applications against common vulnerabilities and exploits. Web applications are increasingly targeted by malicious attacks that vulnerabilities. SQL Injection (SQLi) and Cross-Site Scripting (XSS) are examples of some well-known attacks. Preventing such attacks in application code can be challenging and may require rigorous maintenance, patching, and monitoring at many layers of the application topology. A centralized web application firewall helps make security management much simpler and gives better assurance to application developers and security teams against threats or intrusions. The Azure Web Application Firewall (WAF) engine is the component that inspects traffic and determines whether a web-request represents a potential attack, then takes appropriate action depending on the configuration. Previously, when you used the Azure WAF with Application Gateway, there were certain limitations in the way you could configure and monitor your WAF deployments. We are happy to announce several enhancements to the configurations and monitoring capabilities of Azure WAF when used with Azure Application Gateway going forward. Original Post: New Blog Post | Enhancements to Azure WAF for Application Gateway now in General Availability - Microsoft Community HubNew Blog Post | Data Connectors for Azure Log Analytics and Data Explorer Now in Public Preview
Data Connectors for Azure Log Analytics and Data Explorer Now in Public Preview - Microsoft Community Hub The Microsoft Defender EASM (Defender EASM) team is excited to share that new Data Connectors for Azure Log Analytics and Azure Data Explorer are now available in public preview. Defender EASM continuously discovers an incredible amount of up-to-the-minute Attack Surface Data, so connecting and automating this data flow to all our customers’ mission-critical systems that keep their organizations secure is essential. The new Data Connectors for Log Analytics and Azure Data Explorer can easily augment existing workflows by automating recurring exports of all asset inventory data and the set of potential security issues flagged as insights to specified destinations to keep other tools continually updated with the latest findings from Defender EASM. Original Post: New Blog Post | Data Connectors for Azure Log Analytics and Data Explorer Now in Public Preview - Microsoft Community Hub