User Profile
DavidFernandes
MicrosoftJoined 11 months ago
User Widgets
Recent Discussions
New Blog Post | Migrating from Windows Information Protection to Microsoft Purview
By Edwin Chan Introduction In July 2022 we announced the sunsetting here: Announcing the sunset of Windows Information Protection (WIP) - Microsoft Community Hub of Windows Information Protection (WIP). The last version of windows to ship with WIP will be Win11 24H2, it will be the first version to not include WIP. However, the decryption capabilities will remain. Why are we doing this? Windows Information Protection, previously known as Enterprise Data Protection (EDP), was originally released to help organizations protect enterprise apps and data against accidental data leaks without interfering with the employee experience on Windows. Over time, many of you have expressed a need for a data protection solution that works across heterogenous platforms, and that allows you to extend the same sensitive data protection controls on endpoints that you have for the various SaaS apps and services you rely upon every day. To address these needs, Microsoft has built Microsoft Purview Data Loss Prevention (DLP), which is deeply integrated with Microsoft Purview Information Protection to help your organization discover, classify, and protect sensitive information as it is used or shared. What scenarios are in scope? WIP provided customers with the following key capabilities: Extend data protection to managed and unmanaged devices Protect enterprise data at rest when it's stored on a protected device Restrict which apps, removable drives, printers, network shares, and sites are allowed or restricted from copying, accessing, and storing sensitive data Classify data based upon the app or site where it was created, copied, or downloaded. Granular controls to designate different levels of data access restrictions Remote wipe sensitive data at rest How does deprecation impact WIP users? WIP as an offering is no longer under active feature development. The sunset process will follow the standard Windows client feature lifecycle, which shows which existing features and capabilities are supported and for what timelines. This was announced in July here. Following this deprecation announcement, the Microsoft Endpoint Manager team announced ending support for WIP without enrollment scenario by EOY 2022, which only impacts unmanaged devices. The announcement by the Microsoft Endpoint Manager team is here. Please visit the Microsoft Endpoint Manager announcement for the latest on the decommissioning of MEM’s support for the ‘unenrolled’ scenario. How should you respond to the deprecation notice? If you are using WIP without enrollment, Microsoft will be communicating with you directly about the impact to your devices and the timelines for that impact. Please keep an eye on the message center for the latest updates. Microsoft Endpoint Manager will continue to support WIP with enrollment (managed devices) scenarios for the duration of the OS lifecycle (until 2026) and will continue to offer options to enroll both corporate and personal devices for management (and subsequently to receive WIP policy). How do I start planning for this change? Refer to this chart for a breakdown of WIP capabilities and how they map to Purview: Read the full post here: Migrating from Windows Information Protection to Microsoft PurviewNew Blog | Manage Microsoft Entra ID role assignments with Microsoft Entra ID Governance
By Joseph Dadzie I’m excited to announce that we now support Microsoft Entra role assignments in Microsoft Entra ID Governance's Entitlement Management feature! To ensure least privilege, many of you are using Privileged Identity Management to provide IT administrators just-in-time (JIT) access to the least privileged role assigned. This approach allows you to minimize the attack surface in your organization by reducing the number of permissions IT administrators have. However, some admins in your organization may require long-standing permissions coupled with other resources, like specific applications. Read the full post here: Manage Microsoft Entra ID role assignments with Microsoft Entra ID GovernanceNew Blog | Meet Microsoft Entra at Ignite 2024: November 18-22
By Irina Nechaeva Microsoft Ignite is just around the corner, taking place from Monday, November 18, 2024 through Friday, November 22, 2024, in Chicago, Illinois and digitally. This event is the ultimate gathering for IT and Security professionals, developers, and business leaders from every corner of the world. During Ignite, dive into the latest AI innovations for AI transformation to learn from the brightest minds in the industry. Plus, discover solutions to help modernize and manage intelligent apps, protect your data, supercharge productivity, and expand your services. You’ll also have endless opportunities to network with partners and grow your community or business. While in-person passes are sold out, you can still register to participate online. This year, we're thrilled about our sessions on Microsoft Entra. These breakouts are your all-access pass to not only hear about the cutting-edge advancements in identity and access management (IAM), but also to engage with Microsoft Entra experts and team members behind these innovations. Whether you're curious about advancing your Zero Trust architecture with identity and network, delving into the latest advancements in generative AI for securing access, or exploring our unified approach to identity and network access controls, we've got you covered! Read the full post here: Meet Microsoft Entra at Ignite 2024: November 18-22New Blog | Introducing Lineage Tracking for Azure Databricks Unity Catalog in Microsoft Purview
By Karan Shah We’re thrilled to announce the release of a highly anticipated feature in Microsoft Purview: lineage tracking for Azure Databricks Unity Catalog. This marks a significant milestone in our ongoing efforts to enhance data governance and visibility across cloud environments. By leveraging this new functionality, users can now track data flow across their Azure Databricks notebooks, improving the ability to audit, monitor, and manage data movement. With data increasingly flowing through complex, cloud-native platforms like Azure Databricks, having clear, end-to-end visibility is crucial for compliance, troubleshooting, and operational excellence. Read the full post here: Introducing Lineage Tracking for Azure Databricks Unity Catalog in Microsoft PurviewNew Blog | Enhancing Server and Container Risk Score Analysis in Power BI
By iulio Astori Microsoft Defender for Cloud provides vulnerability assessments for both virtual machines (servers) and container images, identifying vulnerabilities as Common Vulnerabilities and Exposures (CVEs). The risk posed by each CVE is assessed using the Common Vulnerability Scoring System (CVSS), providing a standardized numerical score that ranges from 0.0 to 10.0, translated into severity ratings like Low, Medium, High, or Critical. While Microsoft Defender for Cloud provides a robust risk level assessment for each resource, there is an opportunity to enhance this by integrating additional factors such as the exploitability of each CVE, the age since it was made public, and whether the CVE is a zero-day vulnerability. Additionally, resources themselves have contextual elements such as the number of attack paths, which can significantly impact their overall risk. The Power BI solution builds Defender for Cloud's capabilities by integrating these multiple factors, providing a more comprehensive risk score for each resource and enhancing the prioritization of vulnerabilities requiring urgent remediation. This combined approach allows users to generate a more accurate top-down list of resources needing attention. Read the full post here: Enhancing Server and Container Risk Score Analysis in Power BINew Blog | The latest enhancements in Microsoft Authenticator
By Nitika Gupta Hi folks, I'm thrilled to announce three major Microsoft Entra ID advancements that will help you protect your users with phishing-resistant authentication: Public preview refresh: Device-bound passkey support in Microsoft Authenticator Public preview: Support for FIDO2 security keys on native brokered applications, such as Outlook and Teams, on Android 14 General availability: FIPS compliance for Microsoft Authenticator on Android These advancements are crucial, not only for adhering to the US Executive Order 14028 on Improving the Nation's Cybersecurity, but also for safeguarding all organizations and users who rely on secure digital identities. Let’s dig deeper! Read the full post here: The latest enhancements in Microsoft AuthenticatorNew Blog | Upcoming design updates: Microsoft Purview Message Encryption Portal
By Samson Chan The Microsoft Purview Message Encryption portal will undergo minor design updates to align with Purview branding. Microsoft will be updating fonts, colors, controls, and more to align with Purview branding. These changes are designed to enhance the user experience without causing any disruptions. Microsoft will begin rolling out changes mid-October 2024 and expects to complete by mid-December 2024. Users will see minor design changes within the user interface (UI) - fonts, colors, controls, and more are updated to align with Purview branding. Read the full post here: Upcoming design updates: Microsoft Purview Message Encryption PortalNew Blog | New E-book: Building a Comprehensive API Security Strategy
By Loren Goduti APIs are everywhere – they are proliferating at a rapid pace, therefore, making them a prime target for attackers. Thus, having a plan to secure protect your APIs as part of your overall cybersecurity strategy is critical for protecting your business, as well as sensitive user data. We are excited to share our newest e-book: Building a Comprehensive API Security Strategy Read the full post here: New E-book: Building a Comprehensive API Security StrategyHelp us plan our upcoming "Mastering API Integration with Sentinel and USOP" public webinar
Hello on behalf of the Microsoft SIEM & XDR Engineering organization! On December 5th, 2024, we will host a public webinar on how to effectively integrate APIs with Microsoft Sentinel and the Unified Security Platform. This session will cover when to use APIs, how to set them up, and potential challenges. We will present live demos to guide you through the process. To ensure this webinar is as engaging and relevant as possible for you, we’d love your input to help us create its agenda! Help us plan this webinar Do you have any use cases you think we should feature? Or have you encountered any blockers that you'd like us to address? We’re eager to find out what content matches your needs the most! Please answer this survey to help us with your input. It will remain open until October 31st, 2024. Take the survey here: https://forms.office.com/r/hrWtm34WFu Join the webinar on December 5th! In addition to helping us plan it, we hope to count on your participation. Register at Register for this webinar at https://aka.ms/MasteringAPISentinelUSOPWebinar. Thank you for your contributions! Naomi Chistis and Jeremey Tan - Microsoft SIEM & XDR TeamNew Blog | Streamlining AI Compliance: Introducing the Premium Template for Indonesia's PDP Law
By Manny Sahota Accelerating Compliance in the AI Era: Introducing the Premium Assessment Template for Indonesia’s PDP Law in Purview Compliance Manager In an increasingly complex regulatory landscape, businesses are under growing pressure to comply with both local and global data privacy laws, while simultaneously building trust with their customers. As AI and digital technologies continue to transform industries, aligning solutions with regulatory requirements has never been more critical. To help organizations navigate these challenges, we’re excited to introduce the Premium Assessment Template for Indonesia’s Personal Data Protection (PDP) Law in Microsoft Purview Compliance Manager. Read the full post here: Streamlining AI Compliance: Introducing the Premium Template for Indonesia's PDP Law in PurviewNew Blog | What's new in Microsoft Entra - September 2024
By Shobhit Sahay (ENTRA) We’re excited to announce the general availability of Microsoft Entra Suite—one of the industry’s most comprehensive secure access solutions for the workforce. With 66% of digital attack paths involving insecure credentials1, Microsoft Entra Suite helps prevent security breaches by enabling secure access to cloud and on-premises apps with least privilege, inside and outside the corporate perimeter. It unifies network access, identity protection, governance, and verification to streamline onboarding, modernize remote access, and ensure secure access to apps and resources. Get started with a Microsoft Entra Suite trial. Read the full post here: What's new in Microsoft Entra - September 2024New Blog | Microsoft Security announcements and demos at Authenticate 2024
By Jarred Boone The Microsoft Security team is excited to connect with you next week at Authenticate 2024 Conference, taking place October 14 to 16 in Carlsbad, CA! With the rise in identity attacks targeting passwords and MFA credentials, it’s becoming increasingly clear that phishing resistant authentication is critical to counteract these attacks. As the world shifts towards stronger, modern authentication methods, Microsoft is proud to reaffirm our commitment to passwordless authentication and to expanding our support for passkeys across products like Microsoft Entra, Microsoft Windows, and Microsoft consumer accounts (MSA). Read the full post here: Microsoft Security announcements and demos at Authenticate 2024New Blog | Make the most of your time at Microsoft Ignite!
By Olivia Daniels Companies that strengthen their security with AI and safeguard their AI with security will be the lasting industry leaders. Join us at Microsoft Ignite 2024, November 18-22, to learn how you can create a security-first culture in the age of AI. The in-person experience is sold out, but security professionals can join us virtually to be a part of the Microsoft Security @ Microsoft Ignite Experience online. Whether you are joining us live or catching Microsoft Ignite on-demand, you won’t want to miss the product announcements, demos and technical training across your favorite Microsoft Security solutions. Keep reading for a preview of sessions you can expect. Read the full post here: Make the most of your time at Microsoft Ignite!New Blog | How to use Log Analytics log data exported to Storage Accounts
By Simone Oor Introduction Exporting your logs from Sentinel or Log Analytics to Azure storage account blobs gives you low-cost long-term retention, as well as benefits such as immutability for legal hold, and geographical redundancy. But in the event of an incident, or perhaps a legal case, you may need the data archived away in those storage account blobs to help the investigation. Team during investigation How do you go about retrieving and analyzing that data? This blog will answer exactly that question. Hint, it does involve an Azure Data Explorer cluster. I will also briefly explain how data ends up in those blobs in the first place. Read the full post here: How to use Log Analytics log data exported to Storage AccountsNew Blog | New Copilot for Security Plugin Name Reflects Broader Capabilities
By Michael Browning The Copilot for Security team is continuously enhancing threat intelligence (TI) capabilities in Copilot for Security to provide a more comprehensive and integrated TI experience for customers. We're excited to share that the Copilot for Security threat Intelligence plugin has broadened beyond just MDTI to now encapsulate data from other TI sources, including Microsoft Threat Analytics (TA) and SONAR, with even more sources becoming available soon. To reflect this evolution of the plugin, customers may notice a change in its name from "Microsoft Defender Threat Intelligence (MDTI) to "Microsoft Threat Intelligence," reflecting its broader scope and enhanced capabilities. Since launch in April, Copilot for Security customers have been able to access, operate on, and integrate the raw and finished threat intelligence from MDTI developed from trillions of daily security signals and the expertise of over 10 thousand multidisciplinary analysts through simple natural language prompts. Now, with the ability for Copilot for Security's powerful generative AI to reason over more threat intelligence, customers have a more holistic, contextualized view of the threat landscape and its impact on their organization. Read the full post here: New Copilot for Security Plugin Name Reflects Broader CapabilitiesNew Blog | Security settings management on multi-tenant environments in Microsoft Defender XDR
By Maayan Mazig Several months ago, we released device security settings management within Microsoft Defender XDR. This experience enables security administrators to configure Microsoft Defender for Endpoint security settings for devices on all platforms (including Windows, Linux, and Mac) without having to leave the Defender portal. The streamlined portal experience breaks down the wall between Security and IT teams by presenting a shared view for both, making it easier for security administrators to strengthen the security posture of their devices. Security administrators can now drive even greater efficiencies with simplified security settings management supporting multi-tenancy environments that are common to large enterprises and managed services security providers (MSSPs). The multi-tenant view in the Defender XDR portal (Multi-tenant management in Microsoft Defender XDR - Microsoft Defender XDR | Microsoft Learn) provides security administrators a consolidated view of all security policies across their entire organization, including all tenants' policies, without needing to switch portals. To access this page, navigate to Endpoints > Configuration Management > Endpoint Security Policies. Read the full post here: Security settings management is available for multi-tenant environments in Microsoft Defender XDRNew Blog | Keep your online activity safer on public Wi-Fi with Microsoft Defender for individuals
By Ashwin PR Figure 1 - Privacy protection UI on the Defender mobile app Public Wi-Fi is usually free, easy and convenient, but not necessarily always safe. As they say, there is no ‘free lunch’ . Microsoft Defender for individuals 1 aims to provide a safer online experience wherever you go and late last year, we introduced privacy protection (VPN) 2 , so you can browse without having to worry about your personal data being intercepted over an unsecure Wi-Fi connection. Read the full post here: Keep your online activity safer on public Wi-Fi with Microsoft Defender for individualsNew Blog | Introducing the new File Integrity Monitoring with Defender for Endpoint integration
By Gal Fenigshtein As part of the Log Analytics agent deprecation, Defender for Servers has introduced a new simplification strategy aiming at significantly simplifying the onboarding process and requirements needed to protect servers in the cloud, while enhancing existing capabilities and adding new ones. According to this strategy, all Defender for Servers capabilities are provided over Defender for Endpoint or cloud-native capabilities and agentless scanning for VMs, without relying on either Log Analytics Agent (MMA) or Azure Monitor Agent (AMA). This hybrid approach combines the strengths of agent-based and agentless protection, offers multi-layered security for servers. While the agent provides in-depth security and real-time detection and response, agentless and cloud-native capabilities deliver enhanced coverage, full visibility within hours, with no performance impact on machines. Security findings from both, agent-based and agentless approaches, are seamlessly integrated in Defender for Cloud, tailored to protect servers in multicloud environments. Read the full post here: Introducing the new File Integrity Monitoring with Defender for Endpoint integrationNew Blog | Monitoring Azure DDoS Protection Mitigation Triggers
By Saleem Bseeu Monitoring Azure DDoS Protection Mitigation Triggers In today’s digital landscape, Distributed Denial of Service (DDoS) attacks pose a significant threat to the availability and performance of online services. Azure DDoS Protection provides robust mechanisms to protect your applications and services against such attacks. In this blog post, we’ll explore how to monitor Azure DDoS Protection metrics for public IPs and demonstrate how to fully utilize the available metrics to monitor your public IPs for DDoS attacks. Understanding Public IP and Azure DDoS Protection Metrics Azure DDoS Protection offers a variety of metrics that provide insights into potential threats targeting your resources. Additionally, there are public IP platform metrics that we can leverage for monitoring traffic patterns. These metrics are accessible through Azure Monitor and can be used to set up alerts and automated responses. Read the full post here: Monitoring Azure DDoS Protection Mitigation Triggers
