Monthly news - August 2022
Published Sep 01 2022 10:13 AM 5,086 Views

Microsoft 365 Defender
Monthly news
August 2022

OFT header v4.png

This is our monthly "What's new" blog post, summarizing product updates and various assets we have across our Defender products.  

Product videos.png Product videos webcast recordings.png Webcast (recordings) Docs on MS.png Docs on Microsoft Blogs on MS.png Blogs on Microsoft
GitHub.png GitHub External.png External Product improvements.png Product improvements Public Preview sign-up.png Previews / Announcements
Microsoft 365 Defender
Public Preview sign-up.png Hunt in Microsoft 365 Defender without KQL! To reduce the learning curve for hunting and enable all analysts to hunt easily, we are excited to announce that a Guided hunting experience in Microsoft 365 Defender is now in public preview! This removes previous dependencies on KQL. Link to learn more about it on our docs: Get started with guided hunting mode.
Public Preview sign-up.png The new Microsoft 365 Defender APIs in Microsoft Graph are now available in public preview! 
Public Preview sign-up.png

(GA) Microsoft Defender Experts for Hunting is now generally available. If you're a Microsoft 365 Defender customer with a robust security operations center but want Microsoft to help you proactively hunt for threats across endpoints, Office 365, cloud applications, and identity using Microsoft Defender data, then learn more about applying, setting up, and using the service. Defender Experts for Hunting is sold separately from other Microsoft 365 Defender products.

Microsoft Defender for Cloud Apps
webcast recordings.png Webinar Sep 14 9AM PST: Manage your SaaS Security Posture with Microsoft. In the current evolution of SaaS apps, there are many different SaaS configurations and posture options. Misconfigurations are one of them and is a potential risk for your organization that can lead to a breach or sensitive data leakage. Learn how to easily manage your SaaS Security Posture with Microsoft and prevent this potential risk. Register here.
Public Preview sign-up.png Protecting apps that use non-standard ports with session controls. This feature allows Microsoft Defender for Cloud Apps to enforce session policies for applications that use port numbers other than 443.
Public Preview sign-up.png Feature parity between commercial and government offerings. We have expanded our support for GCC customers who can now benefit from the SecOps experience features within Defender for Cloud Apps all from the Microsoft 365 Defender portal.
Product improvements.png Azure AD “Security Reader” role alignment. As of August 28 2022, users who were assigned an Azure AD Security Reader role won't be able to manage the Microsoft Defender for Cloud Apps alerts. To continue to manage alerts, the user's role should be updated to an Azure AD Security Operator. Currently the Azure AD “Security Reader” role may manage Defender for Coud Apps alerts while the same role may only view alerts from all other workloads. The purpose of this change is to align the AAD “Security Reader” role assignments to provide clarity for the customers, prevent confusion of the same role use. 
Blogs on MS.png Hunt for Azure subscriptions using Defender for Cloud AppsThis blog describes how attackers can compromise Azure subscriptions and use them for malicious activities. In addition, it shows how Microsoft Defender for Cloud Apps data can help hunt for these activities and how to mitigate the risk of compromised subscriptions.
Blogs on MS.png Protect sensitive SharePoint sites with Defender for Cloud Apps. This blog walks through the configuration of Azure AD, Purview, SharePoint Online and Defender for Cloud Apps to block downloads of a file that has sensitive content. This will also provide an example of how you can configure it in your own environment.
Microsoft Defender for Endpoint
Public Preview sign-up.png New Device Health Reporting for Microsoft Defender for Endpoint is now in Public Preview. We’ve redesigned the dashboard so that you can view sensor health and antivirus protection status across platforms and easily access detailed Microsoft Defender for Endpoint information.  
Public Preview sign-up.png Tamper protection on macOS is now generally availableWe are pleased to announce that Microsoft Defender for Endpoint's tamper protection feature, previously available in Public Preview, is now generally available on macOS devices and will be rolling out over the next few days. 
Public Preview sign-up.png New features available for Mobile Threat Defense on Android & iOSTaking our next step on this journey, we are excited to announce a handful of new features that are generally available: Privacy Controls, Optional Permissions and Disable Web protection.
Public Preview sign-up.png Network Protection and Web Protection for macOS and Linux is now in Public Preview! Read all the details in this blog post as well as how to evaluate them in your environment. 
Blogs on MS.png Step-by-step guide on how to deploy Attack Surface Reduction rules to Azure VMs using Azure Guest Configurations. 
Docs on MS.png Check out newly refreshed public documentation page that provides a view into Defender for Endpoint capabilities per platform. 
Microsoft Defender for Identity
webcast recordings.png Webinar Sep 6 9AM PST: Microsoft Defender for Identity | Identity Targeted Attacks - A Researcher's Point of View. Attendees will get a peek behind the curtain and see how our research teams deal with newly disclosed identity vulnerabilities, and how that information is turned into an alert in Defender for Identity. Register here.
Microsoft Defender for IoT
webcast recordings.png Webinar Sep 14 8AM PST: The Last Piece of the XDR Puzzle - Augmenting IT SecOps with IoT Security. Security teams invest heavily in bringing security-related telemetry and data into a single place, with the vision of "one XDR to rule them all". But many overlook a huge bulk of the network that remains obscure - IoT and unmanaged devices. Join us in reviewing how Microsoft Defender for IoT integrates with M365D to complete the XDR story with IoT visibility, assessment, and security. Register here.
Microsoft Defender for Office 365
Product improvements.png Exciting Feature Updates to Attack Simulation Training. We have been hearing from a lot of our enterprise customers that payload technique variety is key to any long-term end user behavior change program.  To help facilitate we are pleased to announce two new payload techniques.
Product improvements.png Improving the reporting experience in Microsoft Defender for Office 365. These new reporting features and improvements will help refine SecOps professional’s workflows when assessing Office 365 security effectiveness. 
Blogs on MS.png Announcing the release of step-by-step guidesThese guides are there to help you with common tasks across the product in a flash, with the minimum information & clicks needed, reducing the time needed by your admins to secure your enterprise.
Public Preview sign-up.png Introducing tenant blocks via admin submissions. You can now block suspicious entities when submitting emails, URLs, or attachments for Microsoft to review.
Blogs on MS.png Mastering Configuration in Defender for Office 365 - Part Three. This blog is the final installment of a three-part series detailing the journey we’re on to simplify configuration of threat protection capabilities in Office 365 to enable best-in class protection for our customers.
Public Preview sign-up.png Automatic Redirection to Microsoft 365 Defender is coming! All security-related functionality will be automatically redirected from the Office 365 Security & Compliance Center ( to the Microsoft 365 Defender portal. Additional details on our docs page
Product improvements.png Introducing new actions from the Email Entity pageWith these changes, you'll no longer have to move to a different page to take response actions.
Microsoft Secure Score
Product improvements.png

Microsoft Secure Score is adding new improvement actions for Information Protection and anti-spam policies. 

We’re updating Microsoft Secure Score improvement actions to ensure a more accurate representation of your organization’s security posture. This update will include new recommendations as Microsoft Secure Score improvement actions for Microsoft Information Protection and for anti-spam policies in Defender for Office 365.

Version history
Last update:
‎Apr 20 2023 03:30 AM
Updated by: