Category: Azure

News Informatique

MDATP for Mac is moving to use system extensions instead of kernel extensions

In preparation for macOS 11 Big Sur, Microsoft is getting ready to release an update to Microsoft Defender ATP for Mac that will leverage new system extensions instead of kernel extensions. Apple will stop supporting kernel extensions starting macOS 11 Big Sur version. Therefore an update to the Microsoft Defender ATP for Mac agent is …

0 29 July 2020
MDE
Read more

Upcoming Exchange Device Access and Conditional Access changes with Outlook mobile

Recently, Microsoft discovered that certain Azure Active Directory Conditional Access policies prevented Exchange Online device access rules from being applied to Outlook for iOS and Android. For example, customers with a conditional access policy that required Multi-factor authentication (MFA) resulted in Exchange Online not processing device access rules for Outlook for iOS and Android. Beginning …

0 28 July 2020
Conditional Access
Read more

Microsoft Cloud App Security – Release 179 & 180

New anomaly detection: Suspicious OAuth app file download activitiesMicrosoft has extended their anomaly detections to include suspicious download activities by an OAuth app. The new detection is now available out-of-the-box and automatically enabled to alert you when an OAuth app downloads multiple files from Microsoft SharePoint or Microsoft OneDrive in a manner that is unusual …

0 28 July 2020
MCAS
Read more

Hotfix for latest AIP scanner GA version

Microsoft has identified an issue in latest GA version that impacts AIP Scanner. If you run the scanner in Enforce=On mode and “New label” events are not reported in the central logging when the scanner applies a label on previously not labeled file. The 1ç/07, Microsoft released a hotfix version 2.7.99.0 for this issue on …

0 27 July 2020
AIP
Read more

New Identity security posture assessments in MCAS and Azure ATP

Two new identity security posture assessments now available for Azure ATP customers: Riskiest lateral movement paths: Unsecure account attributes: specific attributes that cause unwanted security risk for your accounts. Lateral movement paths Remediation Remove the entity from the group as specified in the recommendation. Remove the local administrator permissions for the entity from the device …

0 30 June 2020
Azure ATP[…]
Read more

LAPS usage in MCAS and Azure ATP

New capability of Azure ATP integrated with Microsoft Cloud App Security to detect devices not protected by Local Administrator Password Solution (LAPS). LAPS is a great tool against cyber-attacks and helps you change automatically local administrator password on domain joined machines and saves the password to Active Directory computer account. It will generate a report …

0 30 June 2020
Azure ATP[…]
Read more

Microsoft Cloud App Security – Release 178

New security configurations for Google Cloud Platform (gradual rollout)Microsoft has expanded our multi-cloud security configurations to provide security recommendations for Google Cloud Platform, based on the GCP CIS benchmark. With this new capability, Cloud App Security provides organizations with a single view for monitoring the compliance status across all cloud platforms, including Azure subscriptions, AWS …

0 29 June 2020
MCAS
Read more

Microsoft Defender ATP for Linux [General Availability]

Today, Microsoft announced general availability of Microsoft Defender Advanced Threat Protection for Linux! Supported platforms RHEL 7.2+ CentOS Linux 7.2+ Ubuntu 16 LTS, or higher LTS SLES 12+ Debian 9+ Oracle Linux 7.2 Prerequisites Microsoft Defender ATP for Linux requires the Microsoft Defender ATP for Servers license Integration You will need to dowload the package …

0 23 June 2020
MDE
Read more

Microsoft Defender ATP for Android [Public Preview]

Following my previous article : https://thibaultchatiron.fr/2020/05/01/microsoft-defender-atp-capabilities-on-mobile-public-preview/ Today, Microsoft announced the public preview of their mobile threat defense capabilities with Microsoft Defender ATP for Android Key Capabilities Web protection Malware scanning Blocking access to sensitive data Unified SecOps experience Prerequisites Turn on the preview experience setting to be among the first to try upcoming features. In …

0 23 June 2020
MDE
Read more

Safe documents – Office 365 ATP [General Availability]

Safe Documents is a new feature that improves the existing Protected View experience. The feature automatically verifies the document against the latest known risks and threats before allowing users to leave the Protected View container.  Prerequisites Microsoft 365 E5 This feature is off by default and needs to be enabled by a Security Administrator Integration …

0 22 June 2020
MDE[…]
Read more

New alert page in Microsoft Defender ATP [Public Preview]

Introducing the newly redesigned alerts page in the Microsoft Defender Security Center! With the updated UI, you’ll be able to more effectively triage, investigate, and take actions on alerts The new page constructs a detailed alert story which will provide : Improved focus – is now at the forefront so that analysts have less clicks …

0 17 June 2020
MDE
Read more

MTP Advance Hunting Cheat Sheet

The purpose of this cheat sheet is to cover commonly used threat hunting queries that can be used with Microsoft Threat Protection. Microsoft Threat Protection has a threat hunting capability that is called Advance Hunting (AH). AH is based on Azure Kusto Query Language (KQL). The cheat sheet consist of some of the most frequently …

0 17 June 2020
AIP[…]
Read more

Microsoft Cloud App Security – Release 177

What’s new in MCAS ? New real-time malware detection (Preview, gradual rollout)Microsoft has expanded their session controls to detect potential malware using Microsoft Threat Intelligence upon file uploads or downloads. The new detection is now available out-of-the-box and can be configured to automatically block files identified as potential malware. For more information, see Block malware …

0 17 June 2020
MCAS
Read more

Power BI and Information Protection integration [General Availability]

General availability of sensitivity labels in Power BI Sensitivity labels provide a simple way to classify critical content in Power BI. They can be applied on datasets, reports, dashboards, and dataflows… Source https://techcommunity.microsoft.com/t5/microsoft-security-and/announcing-general-availability-of-microsoft-information/ba-p/1449183

0 16 June 2020
AIP
Read more

Livestream for Azure Sentinel [General Availability]

What is Azure Sentinel Livestream?  Livestream lets you run queries that refresh every 30 seconds and notifies you of any new results.  Creating a livestream enables you to : test newly created queries as events occur, receive notifications from a session when a match is found, promote a livestream to a detection rule to generate …

0 16 June 2020
Sentinel
Read more

Sessions in Azure AD Conditional Access [General Availability]

Prerequisites Authentication session management capabilities require Azure AD Premium P1 subscription. Integration First, sign in to Azure Portal. Next, navigate to Azure AD Conditional Access and then access an existing policy or create a new policy, where you’ll see the Session under Access Control as shown below: Configure sign-in frequency Sign-in frequency defines the time period …

0 2 June 2020
Conditional Access
Read more

Update: Issue with Azure AD Conditional Access and macOS

Following to my previous article that was published the 1st of May, I’m happy to say that a fix is now know for this issue. Reminder After an end user updated his MacOS version to 10.15.4, he experienced unexpected access app prompts or blocks to applications such as native mail. The macOS device was enrolled …

0 2 June 2020
Conditional Access
Read more

Automatic classification with sensitivity labels in Microsoft 365 services [General Availability]

Prerequisites This capability is included with Microsoft 365 SKUs (E5, E5 Compliance and E5 Information Protection & Governance) and Office 365 E5 SKU. Activation You can turn on this feature in Microsoft 365 compliance center Integration You can create an auto-labeling policy with custom rules in order to correspond to your needs. A policy can …

0 2 June 2020
AIP[…]
Read more

Microsoft Threat Protection will automatically turn on for eligible license holders

Effective June 1, 2020, as soon as you have one Microsoft security products among Microsoft Defender ATP, Office 365 ATP, Microsoft Cloud App Security or Azure ATP you will be able to access the new unified console Microsoft Threat Protection with correlation cross-workload, advanced hunting and automatic healing. https://azure.microsoft.com/en-us/updates/mtp-auto-enabled/

0 12 May 2020
Azure ATP[…]
Read more

Shadow Protection – MDATP [Private Preview]

When Shadow Protection is enabled, Microsoft Defender ATP leverages behavioral blocking and containment capabilities by blocking malicious artifacts or behaviors that are observed through post-breach protection. EDR in block mode, i.e. Shadow Protection, works behind the scenes to remediate malicious artifacts that are detected post-breach. Prerequisites PermissionsGlobal Administrator or Security Administrator role assigned in Azure …

0 11 May 2020
MDE
Read more

Thibault CHÂTIRON

Expert Sécurité

À propos de moi

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts

Categories
AADConnect AIP Application Guard Azure Azure ATP Blockchain Conditional Access Copilot Delve DLP eDiscovery EntraID ethereum Exchange Online Graph API Guest Hello For Business Information barriers Insider Risk Management Intune MCAS MDE MDI MDO MFA Microsoft 365 Microsoft Threat Protection Non classé OneDrive Passwordless Prim'X Purview Sentinel SharePoint Online Solidity SSPR Windows Zed
Recent Posts
December 2024
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
3031  
Categories
Archives

©  2024 Thibault Chatiron