Intune can integrate data from Mobile Threat Defense (MTD) solutions such as Microsoft Defender for Endpoint and other non-Microsoft MTD partners as an information source for unenrolled devices using Intune app protection policies (APP). Admins can use this information to help protect corporate data within an Intune protected app and issue a block or selective wipe through APP conditional launch settings …
Intune is excited to announce new device control capabilities that allows greater flexibility for enhanced endpoint security. This feature allows IT admins to manage access and use of removable storage devices, such as USB and solid-state drives, on Intune-managed devices. Admins will be able to configure the allow, block, or auditing permissions to read, write, …
Microsoft is excited to announce the general availability of hybrid cloud Kerberos trust, a new Windows Hello for Business deployment model that enables a passwordless sign-in experience. Why passwordless and Windows Hello for Business? Windows Hello for Business is a modern, strong, two-factor authentication method that is a more secure alternative to passwords and has …
Currently the AAD “Security Reader” role can manage Microsoft Defender for Cloud Apps alerts, however, it can only view alerts from all other security workloads. The AAD “Security Reader” role update will now be aligned with AAD role definition to provide clarity and prevent confusion of the same role use. When this will happen: As …
Please review the blog post: Apply sensitivity labels to PDFs created with Office apps for additional details. Coming soon to public preview, Microsoft is introducing the ability to maintain label and protection for PDF files created from Microsoft Office apps. When this will happen: Public preview: rollout will begin in late June and is expected to …
Malware hashes available for SharePoint and OneDrive (Preview)In addition to file hashes available for malware detected in non-Microsoft storage apps, now new malware detection alerts will provide hashes for malware detected in SharePoint and OneDrive. For more information, see Malware detection. SaaS Security Posture Management capabilities for Salesforce and ServiceNowSecurity posture assessments are available for Salesforce …
Microsoft has begun the rollout of security defaults to existing customers who haven’t yet rolled out security defaults or Azure AD Conditional Access. Microsoft introduced security defaults in October 2019 for new tenants, ensuring that new customers would be created and maintained with basic security hygiene in place – especially MFA and modern auth requirements – regardless …
Improvements in malware detection for non-Microsoft storage appsDefender for Cloud Apps has introduced major improvements in the non-Microsoft storage apps detection mechanism. This will reduce the number of false positive alerts.
Support for Rome and San Diego ServiceNow versionsThe Defender for Cloud Apps connector for ServiceNow now supports Rome and San Diego versions of ServiceNow. With this update, you can protect the latest versions of ServiceNow using Defender for Cloud Apps. For more information, see Connect ServiceNow to Microsoft Defender for Cloud Apps.
With dynamic administrative units, you no longer have to manually manage membership of your administrative units (or write your own automation to manage it for you).Indeed, I previously used a custom script in order to populate the Administrative Units with members, and it can take some time to finish… Instead, Azure AD allows you to specify …
In April 2020, the combined security information registration experience for registering both multifactor authentication (MFA) and self-service password reset (SSPR) was released for you to opt in. Upcoming, Microsoft will be making the new combined security information registration experience the default for all tenants. Note: This change will not impact you if your tenant was …
Updated severity levels for Defender for Cloud Apps anomaly detectionsThe severity levels for Defender for Cloud Apps built-in anomaly detection alerts are being changed to better reflect the risk level in the event of true positive alerts. The new severity levels can be seen in the policies page: https://portal.cloudappsecurity.com/#/policy
If you’ve configured users for a default sensitivity label policy for Office documents, the label you chose will automatically be applied to Word, Excel, and PowerPoint documents you create or modify. Previously, this only applied to new documents only. Note: This update applies to Word, Excel, and PowerPoint on the Web, and Word and PowerPoint on …
Microsoft will no longer be onboarding new Log Analytics workspaces to store Azure Information Protection (AIP) audit logs. Note: Customers who have previously configured Log Analytics to store AIP audit logs will continue to receive forwarded audit logs into their workspaces until the data pipeline is fully retired. When this will happen: Microsoft will stop …
Egnyte app connector available in public previewA new app connector for Egnyte is available in public preview. You can now connect Microsoft Defender for Cloud Apps to Atlassian to monitor and protect users and activities. For more information, see Connect Egnyte to Microsoft Defender for Cloud Apps (Preview).
New Cloud discovery log collectorThe Cloud Discovery log collector has been updated to Ubuntu 20.04. To install it, see Configure automatic log upload for continuous reports.
Atlassian app connector available in public previewA new app connector for Atlassian is available in public preview. You can now connect Microsoft Defender for Cloud Apps to Atlassian to monitor and protect users and activities. For more information, see Connect Atlassian to Microsoft Defender for Cloud Apps (Preview).
CAE introduces real-time enforcement of account lifecycle events and policies, including: Account revocation Account disablement/deletion Password change User location change User risk increase On receiving such events, app sessions are immediately interrupted and users are redirected back to Azure AD to reauthenticate or reevaluate policy. With CAE, Microsoft has introduced a new concept of Zero …
Non-Microsoft activities in advanced huntingNon-Microsoft apps activities are now included the CloudAppEvent table in Microsoft 365 Defender advanced hunting. For more information, see the Microsoft 365 Defender Tech Community blog post. NetDocuments API connector is now in general availabilityThe NetDocuments API connector is in general availability, giving you more visibility into, and control over, how your NetDocument app is …