User Profile
BrittanyCCP
Former Employee
Joined 4 years ago
User Widgets
Recent Discussions
New Blog | Analyze IoT/OT device firmware with Microsoft Defender for IoT
Consider an organization that has thousands of endpoints on their network that are running 10-year old, unpatched SSH servers. Or when a critical vulnerability like log4shell is discovered, having no easy way to know which of those endpoints are exploitable. This is the situation organizations find themselves in when it comes to IoT and OT devices. This problem is so important that the US National Cybersecurity Strategy released a report in March 2023 indicating the IoT security threat as a strategic objective. Read the full blog here: Analyze IoT/OT device firmware with Microsoft Defender for IoTNew blog | Analyze IoT/OT device firmware with Microsoft Defender for IoT
Consider an organization that has thousands of endpoints on their network that are running 10-year old, unpatched SSH servers. Or when a critical vulnerability like log4shell is discovered, having no easy way to know which of those endpoints are exploitable. This is the situation organizations find themselves in when it comes to IoT and OT devices. This problem is so important that the US National Cybersecurity Strategy released a report in March 2023 indicating the IoT security threat as a strategic objective. Read the blog: Analyze IoT/OT device firmware with Microsoft Defender for IoTNew Blog | New Dimensions in Cybersecurity - Advanced Export for Defender for Cloud Attack Insights
Microsoft Defender for Cloud (MDC) has been instrumental in offering proactive security management through its detailed Attack Path insights, helping organizations identify and mitigate potential vulnerabilities before they can be exploited. While these insights have long provided value within the MDC portal and through one-time snapshots via Azure Resource Graph, a significant update enhances how organizations can leverage this information. Read the full blog here: Unlocking New Dimensions in Cybersecurity - Advanced Export for Defender for Cloud Attack Insights - Microsoft Community HubNew Blog | MDTI Earns Impactful Trio of ISO Certificates
Microsoft Defender Threat Intelligence (MDTI) has achieved ISO 27001, ISO 27017 and ISO 27018 certifications. The ISO, the International Organization for Standardization, develops market relevant international standards that support innovation and provide solutions to global challenges, including information security requirements around establishing, implementing, and improving an Information Security Management System (ISM). These certificates emphasize the MDTI team’s continuous commitment to protecting customer information and following the strictest standards of security and privacy standards. Read the full blog here: MDTI Earns Impactful Trio of ISO Certificates - Microsoft Community HubNew Blog | Best Practices for Upgrading Azure WAF Ruleset
In today’s digital landscape, web applications are the lifeblood of businesses. They enable seamless communication, transactions, and interactions with customers. However, this increased reliance on web apps also makes them prime targets for cyberattacks. To safeguard your applications and protect sensitive data, implementing a robust Web Application Firewall (WAF) is essential. Read the full blog here: Best Practices for Upgrading Azure WAF Ruleset - Microsoft Community HubPrompt users for reauthentication on sensitive apps and high-risk actions with Conditional access
Additional capabilities now available for Conditional Access reauthentication policy scenarios. Reauthentication policy lets you require users to interactively provide their credentials again - typically before accessing critical applications and taking sensitive actions. Combined with Conditional Access session control of Sign-in frequency, you can require reauthentication for users and sign-ins with risk, or for Intune enrollment. With today's public preview, now you can require reauthentication for any resource protected by Conditional Access. Read the full blog update here: Prompt users for reauthentication on sensitive apps and high-risk actions with Conditional Access - Microsoft Community HubNew Blog | Microsoft and SAP work together to transform identity for SAP customers
SAP has recently announced its collaboration with Microsoft and advises their SAP Identity Management (IDM) customers to move their identity management scenarios to Microsoft Entra ID as their IDM approaches the end of maintenance. This latest collaboration creates new possibilities for Microsoft Entra and SAP to offer enhanced integration that will support a comprehensive identity and access governance framework. Read the full blog update here: Microsoft and SAP work together to transform identity for SAP customers - Microsoft Community HubBlog | Labeling w/ Microsoft Purview Data Map supports Dataverse, Azure Databricks, and Snowflake
We are pleased to announce that Labeling with Purview Data Map now supports three new data sources: Dataverse, Azure Databricks and Snowflake. For the complete list of data sources supported please refer to: Microsoft Purview Data Map supported data sources and file types | Microsoft Learn Read the full blog update here: Microsoft PurviewNew Blog | Enforcement of Defender CSPM for Premium DevOps Security Capabilities
Microsoft’s Defender for Cloud will begin enforcing the Defender Cloud Security Posture Management (DCSPM) plan check for premium DevOps security value beginning March 7th, 2024. If you have the Defender CSPM plan enabled on a cloud environment (Azure, AWS, GCP) within the same tenant your DevOps connectors are created in, you'll continue to receive premium code to cloud DevOps capabilities at no additional cost. If you aren't a Defender CSPM customer, you have until March 7th, 2024 to enable Defender CSPM before losing access to these security features. To enable Defender CSPM on a connected cloud environment before March 7, 2024, follow the enablement documentation outlined here. Read the full update here: Enforcement of Defender CSPM for Premium DevOps Security Capabilities - Microsoft Community HubNew Blog | Enable your key business needs within Microsoft Sentinel with step-by-step guidance
Modernize your security operations center (SOC) with Microsoft Sentinel. Uncover sophisticated threats and respond decisively with an intelligent, comprehensive security information and event management (SIEM) solution for proactive threat detection, investigation, and response. Read the full blog for the lightweight guide: Enable your key business needs within Microsoft Sentinel with step-by-step guidance - Microsoft Community HubNew Blog | Bridging the Gap Between Code and Cloud with Defender for Cloud
While containers have revolutionized modern software development, the complexity of dependencies in containerized environments and the expanded attack surface they present are still significant hurdles for security professionals. The initial step in securing these environments involves identifying vulnerabilities within container images. Yet, the most time-consuming task can often be identifying the right development team to address these vulnerabilities, particularly the mission-critical ones. Microsoft Defender for Cloud addresses this critical need with its container mapping feature. This blog post explores how Defender for Cloud streamlines the process of tracing vulnerabilities in container images back to their origins in CI/CD pipelines, specifically within Azure DevOps and GitHub environments. This functionality is key to facilitating effective developer remediation workflows, thereby enhancing the security posture of cloud-native applications. Read the full blog post here: Bridging the Gap Between Code and Cloud with Defender for Cloud - Microsoft Community HubNew Blog | Scan Microsoft Fabric Items in Microsoft Purview
Scanning Fabric tenants registered with the Fabric data source in Microsoft Purview will capture metadata and lineage from Fabric items including Power BI. The new feature is now available in all Microsoft Purview public cloud regions. There are no additional configuration steps needed to enable scanning Fabric items besides Power BI for existing scans. Read the full blog post here: Scan Microsoft Fabric Items in Microsoft Purview - Microsoft Community HubNew Blog | Enhancing Cybersecurity: Geomatch Custom Rules in Azure WAF
This blog post will introduce you to the geomatch custom rules feature of Azure Web Application Firewall and show you how to create and manage them using the Azure portal, Bicep and PowerShell. Read the full blog post here: Enhancing Cybersecurity: Geomatch Custom Rules in Azure WAF - Microsoft Community HubNew Blog | Important: Deprecation of Search-AdminAuditLog and New-AdminAuditLogSearch cmdlets
This is to inform you about an upcoming change that will affect the way you access and manage your Exchange Online audit logs. Starting from April 30, 2024, we will be deprecating the following four cmdlets in the Exchange Online V3 module: Search-AdminAuditLog Search-MailboxAuditLog New-AdminAuditLogSearch New-MailboxAuditLogSearch These cmdlets will no longer be available for use after this date, and you will need to switch to a Search-UnifiedAuditLog cmdlet or Microsoft Purview portal to access your audit logs. Read the full blog post here: Important Announcement: Deprecation of Search-AdminAuditLog and New-AdminAuditLogSearch cmdlets - Microsoft Community HubNew Blog | Microsoft Purview now supports Availability Zones
Microsoft purview for governance experiences has enabled partial support for availability zones in certain regions and services. The availability zone support would continue to expand to accommodate more regions and services. Read the full blog post here: Microsoft Purview now supports Availability Zones - Microsoft Community HubNew Blog | Agentless Container Posture Management in Multicloud
Container security is an integral part of Microsoft Defender for Cloud, a Cloud Native Application Platform (CNAPP) as it addresses the unique challenges presented by containerized environments, providing a holistic approach to securing applications and infrastructure in the cloud-native landscape. As organizations embrace multicloud, the silos between cloud environments can become barriers for a holistic approach to container security. Defender for Cloud continues to adapt, offering new capabilities that resonate with the fluidity of multicloud architecture. Our latest additions to AWS and GCP seamlessly traverse cloud silos and provide a comprehensive and unified view of container security posture. Read the full blog post here: Agentless Container Posture Management in Multicloud - Microsoft Community HubBlog | Sensitive info types are now available for non-M365 data assets
Microsoft Purview has extended the support of Sensitive info types (SITs) to Azure and 3P data assets. Before this release, SITs had only been available for M365-related scenarios. This capability is now available as a Preview to new Microsoft Purview Data Map customers. Existing Microsoft Purview Data Map customers will be offered this capability at a later point. With this new capability, you will be able to apply SITs to Azure and 3P data objects manually or automatically, and even for custom SITs. Sensitivity labels will be derived automatically from SITs. And you will be able to create reports related to SITs for non-M365 data assets. Read the full blog post here: Sensitive info types are now available for non-M365 data assets (microsoft.com)New Blog | Navigating the New Frontier: Information Security in the Era of M365 Copilot
Microsoft Purview with M365 Copilot integration marks a critical juncture in the journey of AI-enhanced productivity tools. As businesses increasingly rely on these technologies, understanding and implementing robust security measures becomes paramount. Microsoft Purview enhances Copilot's capabilities and offers a multi-faceted approach to security that cannot be overstated. Read the full blog post here: Navigating the New Frontier: Information Security in the Era of M365 Copilot - Microsoft Community HubNew blog | Contextual Risk Estimation for Effective Prioritization
Microsoft Defender for Cloud has recently introduced a new feature for Defender CSPM helping customers to rank the security issues in their environment configuration and fix them accordingly. This feature is based on the presented framework and enhances the risk prioritization capabilities of Defender CSPM. Read the full blog post here: Contextual Risk Estimation for Effective Prioritization - Microsoft Community Hub
