Category: Microsoft 365

News Informatique

MTP Advance Hunting Cheat Sheet

The purpose of this cheat sheet is to cover commonly used threat hunting queries that can be used with Microsoft Threat Protection. Microsoft Threat Protection has a threat hunting capability that is called Advance Hunting (AH). AH is based on Azure Kusto Query Language (KQL). The cheat sheet consist of some of the most frequently …

0 17 June 2020
AIP[…]
Read more

Office 365 ATP recommended configuration analyzer version 1.8 released

New version 1.8.8 of ORCA (Office 365 Recommended Configuration Analyzer) ready for download: https://powershellgallery.com/packages/ORCA/ Improvements : Optional additional outputs (not just HTML) : JSON File and CosmosDB Support for running within Azure automation (instructions coming soon) and probably other automated fashions Dupe checks for anti-spam and anti-malware policies now (like the ones for ATP policies …

0 8 June 2020
MDO
Read more

Exchange Online PowerShell v2 [General Availability]

The V2 module is now available in the PowerShell Gallery. The new EXO V2 module contains all the existing Remote PowerShell cmdlets, as well as 9 new V2 cmdlets. The new module is entirely Modern Authentication based. If you start using this, you are getting off Basic Authentication for your admin tasks, and as you …

0 8 June 2020
Microsoft 365
Read more

New report available for Mailflow Status

Microsoft just released several new views for the Mailflow status report: https://protection.office.com/reportv2?id=MailFlowStatusReport&pivot=EventType View 1 – By type This view provides an overview of the different large detection category types in our protection stack. It shows that out of the total number of messages, how many were filtered as malware, as phish, as spam, by edge, …

0 5 June 2020
Microsoft 365
Read more

Automatic classification with sensitivity labels in Microsoft 365 services [General Availability]

Prerequisites This capability is included with Microsoft 365 SKUs (E5, E5 Compliance and E5 Information Protection & Governance) and Office 365 E5 SKU. Activation You can turn on this feature in Microsoft 365 compliance center Integration You can create an auto-labeling policy with custom rules in order to correspond to your needs. A policy can …

0 2 June 2020
AIP[…]
Read more

Office 365 ATP recommended configuration analyzer version 1.7 released

New version 1.7.5 of ORCA (Office 365 Recommended Configuration Analyzer) ready for download: https://powershellgallery.com/packages/ORCA/ Improvements : Check Safe Attachments Policy Exists for all domains Check Safe Links Policy Exists for all domains Check for duplicate anti-phishing policies Checks to determine if Safe attachments unknown malware response set to block Check ATP Phishing Mailbox Intelligence Protection …

0 20 May 2020
MDO
Read more

Updates to Campaign Views

Microsoft is expanding the functionality of the Campaign Views feature beyond phish. You will now see malware campaigns as well. Microsoft is adding an interactive timeline, and developing a process for automated campaign write-ups. They are also working to surface Campaign Views in additional views, so that you can easily refer to them from wherever …

0 14 May 2020
MDO
Read more

Prepare for update to the new My Apps and My Account experiences users

Microsoft will be updating the current Azure AD Apps and Profile experiences on July 20th 2020. This means that on July 20th all users will be automatically switched over to the updated My Apps and My Account experiences. Please note that the updated My Apps and My Account offer the same functionality as the current …

0 12 May 2020
Microsoft 365
Read more

Microsoft Threat Protection will automatically turn on for eligible license holders

Effective June 1, 2020, as soon as you have one Microsoft security products among Microsoft Defender ATP, Office 365 ATP, Microsoft Cloud App Security or Azure ATP you will be able to access the new unified console Microsoft Threat Protection with correlation cross-workload, advanced hunting and automatic healing. https://azure.microsoft.com/en-us/updates/mtp-auto-enabled/

0 12 May 2020
Azure ATP[…]
Read more

Advanced eDiscovery tenant reports [Public Preview]

Microsoft has made the decision to make additional changes to the code before they proceed with the roll-out. Microsoft has begun rolling out Advanced eDiscovery tenant reports in preview. The rollout will be completed by mid-February. How does this affect your organization ? Admins and relevant roles will see tenant-level reports in Advanced eDiscovery. Advanced …

0 12 May 2020
eDiscovery[…]
Read more

O365 ATP Campaign Views and Compromised User Detection and Response – GA [EN]

Last Friday, Microsoft announced the general availability of two extremely popular and valuable features in the Office 365 Advanced Threat Protection offering: Campaign Views Advanced Compromised user detection and response. Campaign views: Campaign views offer security teams the full story of how attackers targeted the organization and its users and how their defenses held up …

0 25 February 2020
MDO
Read more

Safe Documents in Office 365 ATP [EN]

Safe Documents is a public preview feature in Office 365 Advanced Threat Protection (ATP) that uses Microsoft Defender Advanced Threat Protection to scan documents and files that are opened in Protected View. Safe Documents automatically checks documents against known risks and threat profiles before allowing them to open. Users are not asked to decide on …

0 16 February 2020
Azure[…]
Read more

Updated Threat Protection Status report rolling out #Office365 #Microsoft365

See more here

0 16 February 2020
MDO
Read more

Find suspicious or restricted users with new compromised users report, which will be available to all Office 365 EOP customers plus URL Protection Status Report for ATP users

0 16 February 2020
MDO
Read more

Announcement – Updates to the M365 Attack Simulator [EN]

13/12/2019 – Microsoft has announced several new features in the phish simulation tool. This includes: an attachment-based phishing attack the ability to filter your simulation user targets by directory metadata like title, city, and department the inclusion of IP addresses and client data in the simulation detail report Simulation phish message simulations are included in …

0 17 December 2019
MDO
Read more

Attack Simulator – new phishing simulation feature [EN]

Microsoft has recently add a new feature to Attack Simulator : Advanced reporting capabilities. The ability to see data such as the fastest (or slowest) time to open an attack simulation email message, the fastest (or slowest) time to click a link in the message, and more visualizations. Even if Microsoft does not announce yet …

0 10 December 2019
MDO
Read more

Office 365 ATP – new campaign views [EN]

Introducing campaign views in Office 365 Advanced Threat Protection Office 365 ATP’s new campaign view, in public preview today, provides complete details about a campaign, including when it started, how big it is, the sending pattern & timeline, IP addresses and senders, which messages were blocked or otherwise, etc Armed with additional context and visibility …

0 9 December 2019
MDO
Read more

Thibault CHÂTIRON

Expert Sécurité

À propos de moi

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts

Categories
AADConnect AIP Application Guard Azure Azure ATP Blockchain Conditional Access Copilot Delve DLP eDiscovery ethereum Exchange Online Graph API Guest Hello For Business Information barriers Insider Risk Management Intune MCAS MDE MDI MDO MFA Microsoft 365 Microsoft Threat Protection OneDrive Passwordless Prim'X Purview Sentinel SharePoint Online Solidity SSPR Windows Zed
Recent Posts
May 2024
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
Categories
Archives

©  2024 Thibault Chatiron