Microsoft Defender for Cloud Apps – Release 232-239
Native Integration of Microsoft Defender for Cloud Apps in Microsoft 365 Defender is now in public preview The entire Defender for Cloud Apps experience in Microsoft 365 Defender is now available for public preview.SecOps and security admins will experience these major benefits:
Time and costs savedHolistic investigation experienceAdditional data and signals in advanced huntingIntegrated protection across all security workloads
Log Collector version update Microsoft has released a new log collector version with the latest vulnerabilities fixes.New version: columbus-0.235.0-signed.jarMain changes:
Docker image was rebuilt with latest updates
Openssl library was update from 1.1.1l to 1.1.1q
fasterxml.jackson.core.version was updated from 2.13.1 to 2.13.3
If you wish to update the version, stop your log collectors, remove the current image, and install a new one. To verify the version, run this command inside the Docker container: cat var/adallom/versions | grep columbus- For more information, see Configure automatic log upload for continuous reports.
Onboarding application to session controls (Preview) The process of onboarding an application to be used for session controls has been improved and should increase the success rate of the onboarding process. To onboard an application:
Go to the Conditional Access App Control list in Settings -> Conditional access app control.
After selecting Onboard with session control, you’re presented with an Edit this app form.
To onboard the application to session controls, you must select the Use the app with session controls option.
Protecting apps that use non-standard ports with session controls This feature allows Microsoft Defender for Cloud Apps to enforce session policies for applications that use port numbers other than 443. Splunk and other applications that use ports other than 443 will now be eligible for session control. There’s no configuration requirement for this feature. The feature is currently in preview mode. For more information, see Session controls.
MITRE techniques The Defender for Cloud Apps threat protection anomaly detections will now include MITRE techniques and sub-techniques where relevant, in addition to the MITRE tactic that already exists. This data will also be available in the alert’s side pane in Microsoft 365 Defender. For more information, see How to investigate anomaly detection alerts.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
1 year 24 days
The __gads cookie, set by Google, is stored under DoubleClick domain and tracks the number of times users see an advert, measures the success of the campaign and calculates its revenue. This cookie can only be read from the domain they are set on and will not track any data while browsing through other sites.
The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.