Thibault CHÂTIRON

Cybersecurity

Microsoft Cloud App Security – Release 177

What’s new in MCAS ? New real-time malware detection (Preview, gradual rollout)Microsoft has expanded their session controls to detect potential malware using Microsoft Threat Intelligence upon file uploads or downloads. The new detection is now available out-of-the-box and can be configured to automatically block files identified as potential malware. For more information, see Block malware …

0 17 June 2020
MCAS
Read more

Power BI and Information Protection integration [General Availability]

General availability of sensitivity labels in Power BI Sensitivity labels provide a simple way to classify critical content in Power BI. They can be applied on datasets, reports, dashboards, and dataflows… Source https://techcommunity.microsoft.com/t5/microsoft-security-and/announcing-general-availability-of-microsoft-information/ba-p/1449183

0 16 June 2020
AIP
Read more

Livestream for Azure Sentinel [General Availability]

What is Azure Sentinel Livestream?  Livestream lets you run queries that refresh every 30 seconds and notifies you of any new results.  Creating a livestream enables you to : test newly created queries as events occur, receive notifications from a session when a match is found, promote a livestream to a detection rule to generate …

0 16 June 2020
Sentinel
Read more

Office 365 ATP recommended configuration analyzer version 1.8 released

New version 1.8.8 of ORCA (Office 365 Recommended Configuration Analyzer) ready for download: https://powershellgallery.com/packages/ORCA/ Improvements : Optional additional outputs (not just HTML) : JSON File and CosmosDB Support for running within Azure automation (instructions coming soon) and probably other automated fashions Dupe checks for anti-spam and anti-malware policies now (like the ones for ATP policies …

0 8 June 2020
MDO
Read more

Exchange Online PowerShell v2 [General Availability]

The V2 module is now available in the PowerShell Gallery. The new EXO V2 module contains all the existing Remote PowerShell cmdlets, as well as 9 new V2 cmdlets. The new module is entirely Modern Authentication based. If you start using this, you are getting off Basic Authentication for your admin tasks, and as you …

0 8 June 2020
Microsoft 365
Read more

New report available for Mailflow Status

Microsoft just released several new views for the Mailflow status report: https://protection.office.com/reportv2?id=MailFlowStatusReport&pivot=EventType View 1 – By type This view provides an overview of the different large detection category types in our protection stack. It shows that out of the total number of messages, how many were filtered as malware, as phish, as spam, by edge, …

0 5 June 2020
Microsoft 365
Read more

Sessions in Azure AD Conditional Access [General Availability]

Prerequisites Authentication session management capabilities require Azure AD Premium P1 subscription. Integration First, sign in to Azure Portal. Next, navigate to Azure AD Conditional Access and then access an existing policy or create a new policy, where you’ll see the Session under Access Control as shown below: Configure sign-in frequency Sign-in frequency defines the time period …

0 2 June 2020
Conditional Access
Read more

Update: Issue with Azure AD Conditional Access and macOS

Following to my previous article that was published the 1st of May, I’m happy to say that a fix is now know for this issue. Reminder After an end user updated his MacOS version to 10.15.4, he experienced unexpected access app prompts or blocks to applications such as native mail. The macOS device was enrolled …

0 2 June 2020
Conditional Access
Read more

Automatic classification with sensitivity labels in Microsoft 365 services [General Availability]

Prerequisites This capability is included with Microsoft 365 SKUs (E5, E5 Compliance and E5 Information Protection & Governance) and Office 365 E5 SKU. Activation You can turn on this feature in Microsoft 365 compliance center Integration You can create an auto-labeling policy with custom rules in order to correspond to your needs. A policy can …

0 2 June 2020
AIP[…]
Read more

Office 365 ATP recommended configuration analyzer version 1.7 released

New version 1.7.5 of ORCA (Office 365 Recommended Configuration Analyzer) ready for download: https://powershellgallery.com/packages/ORCA/ Improvements : Check Safe Attachments Policy Exists for all domains Check Safe Links Policy Exists for all domains Check for duplicate anti-phishing policies Checks to determine if Safe attachments unknown malware response set to block Check ATP Phishing Mailbox Intelligence Protection …

0 20 May 2020
MDO
Read more

Updates to Campaign Views

Microsoft is expanding the functionality of the Campaign Views feature beyond phish. You will now see malware campaigns as well. Microsoft is adding an interactive timeline, and developing a process for automated campaign write-ups. They are also working to surface Campaign Views in additional views, so that you can easily refer to them from wherever …

0 14 May 2020
MDO
Read more

Prepare for update to the new My Apps and My Account experiences users

Microsoft will be updating the current Azure AD Apps and Profile experiences on July 20th 2020. This means that on July 20th all users will be automatically switched over to the updated My Apps and My Account experiences. Please note that the updated My Apps and My Account offer the same functionality as the current …

0 12 May 2020
Microsoft 365
Read more

Microsoft Threat Protection will automatically turn on for eligible license holders

Effective June 1, 2020, as soon as you have one Microsoft security products among Microsoft Defender ATP, Office 365 ATP, Microsoft Cloud App Security or Azure ATP you will be able to access the new unified console Microsoft Threat Protection with correlation cross-workload, advanced hunting and automatic healing. https://azure.microsoft.com/en-us/updates/mtp-auto-enabled/

0 12 May 2020
Azure ATP[…]
Read more

Advanced eDiscovery tenant reports [Public Preview]

Microsoft has made the decision to make additional changes to the code before they proceed with the roll-out. Microsoft has begun rolling out Advanced eDiscovery tenant reports in preview. The rollout will be completed by mid-February. How does this affect your organization ? Admins and relevant roles will see tenant-level reports in Advanced eDiscovery. Advanced …

0 12 May 2020
eDiscovery[…]
Read more

Shadow Protection – MDATP [Private Preview]

When Shadow Protection is enabled, Microsoft Defender ATP leverages behavioral blocking and containment capabilities by blocking malicious artifacts or behaviors that are observed through post-breach protection. EDR in block mode, i.e. Shadow Protection, works behind the scenes to remediate malicious artifacts that are detected post-breach. Prerequisites PermissionsGlobal Administrator or Security Administrator role assigned in Azure …

0 11 May 2020
MDE
Read more

New policy details blade for Conditional Access troubleshooting [Public Preview]

The new policy details blade displays which conditions and access controls were satisfied during sign-in. This granular information makes it easy to troubleshoot failures and re-configure policies if necessary. In this example, we can see that the report-only policy “Block access outside trusted locations” applied to Lisa Smith’s sign-in because she satisfied the user, application, …

0 10 May 2020
Conditional Access
Read more

Insights and reporting workbook [General Availability]

The insights and reporting workbook gives you a summary view of Azure AD Conditional Access in your tenant. With the capability to select an individual policy, you can better understand what each policy does and monitor any changes in real time. The workbook streams data stored in Azure Monitor. Using the dashboard, you can see …

0 10 May 2020
Conditional Access
Read more

Report-only mode for Azure AD Conditional Access [General Availability]

Report-only mode for Azure AD Conditional Access lets you evaluate the result of a policy without enforcing access controls. You can test report-only policies across your organization and understand their impact before enabling them, making deployment safer and easier. New Azure AD Conditional Access policies will be created in report-only mode by default. This means …

0 10 May 2020
Conditional Access
Read more

Sensitivity labels with protection in SharePoint and OneDrive [General Availability]

You can now apply sensitivity labels, with protection policies, not just in Office apps on Windows, Mac, iOS and Android but also in Office on the web. Users will see sensitivity as an option on the ribbon of the Office on the web, and as the applied label name on the status bar. In addition, for …

0 10 May 2020
AIP
Read more

Combined MFA and password reset registration is now generally available

The 16th April, Microsoft announced that the combined security information registration is now generally available. This new experience makes it easy for users to register for Multi-Factor Authentication (MFA) and Self-Service Password Reset (SSPR) in a simple step-by-step process. Mobile experience Now, when users register while signing in on their phone, they’ll see this easy …

0 1 May 2020
MFA[…]
Read more

Thibault CHÂTIRON

Expert Sécurité

À propos de moi

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts

Categories
AADConnect AIP Application Guard Azure Azure ATP Blockchain Conditional Access Copilot Delve DLP eDiscovery ethereum Exchange Online Graph API Guest Hello For Business Information barriers Insider Risk Management Intune MCAS MDE MDI MDO MFA Microsoft 365 Microsoft Threat Protection OneDrive Passwordless Prim'X Purview Sentinel SharePoint Online Solidity SSPR Windows Zed
Recent Posts
May 2024
M T W T F S S
 12345
6789101112
13141516171819
20212223242526
2728293031  
Categories
Archives

©  2024 Thibault Chatiron