Thibault CHÂTIRON

Cybersecurity

Microsoft Cloud App Security – Release 209, 210 and 211

Slack API connector is now in general availabilitySlack API connector is in general availability, giving you more visibility in to, and control over, how your app is used in your organization. For more information, see How Cloud App Security helps protect your Slack Enterprise. New warn experience for monitored apps with Microsoft Defender for Endpoint is …

0 11 October 2021
MCAS
Read more

New Conditions in Teams DLP [Public Preview]

Microsoft announced the public preview for 4 new conditions in Teams Data Loss Prevention(DLP) available through the Microsoft 365 Compliance Center.  These 4 conditions have already been available for Exchange DLP and are now available for Teams : Sender is  Recipient is  Sender domain is  Recipient domain is  With the availability of these conditions, customers can extend their existing Exchange policies to …

0 9 September 2021
DLP
Read more

Microsoft Cloud App Security – Release 206, 207 and 208

New Cloud Discovery Open Systems log parserCloud App Security’s Cloud Discovery analyzes a wide range of traffic logs to rank and score apps. Now Cloud Discovery includes a built-in log parser to support the Open Systems format. For a list of supported log parsers, see Supported firewalls and proxies. New warn experience for monitored apps with …

0 24 August 2021
MCAS
Read more

Azure Sentinel – IdentityInfo table [Public Preview]

Prerequisite Enable UEBA – Use entity behavior analytics to detect advanced threats If already have UEBA enabled, you will notice that a new table called ‘IdentityInfo’ is now available under ‘Azure Sentinel UEBA’ group in your Log Analytics. The Identity info table contains a snapshot of the user’s profile: metadata information, groups membership, Azure AD …

0 28 July 2021
Sentinel
Read more

Azure Sentinel – Watchlist [General Availability]

The 12th July, Microsoft has announced the General Availability (GA) of Azure Sentinel Watchlist to all regions! Azure Sentinel watchlists enable the collection of data from external data sources for correlation with the events in your Azure Sentinel environment. Watchlists are stored in your Azure Sentinel workspace as name-value pairs and are cached for optimal …

0 26 July 2021
Sentinel
Read more

Azure Sentinel – Update Watchlist UI Enhancements

The new watchlist UI encompasses the following functionality: Add new watchlist items or update existing watchlist items. Select and update multiple watchlist items at once via an Excel-like grid. Add/remove columns from the watchlist update UI view for better usability. How to update watchlist From the Azure portal, navigate to Azure Sentinel > Configuration > Watchlist  Select a Watchlist, then select Edit Watchlist …

0 26 July 2021
Sentinel
Read more

AIP – DLP On-Prem [Public Preview]

The DLP on-premises scanner crawls on-premises data-at-rest in file shares and SharePoint document libraries and folders for sensitive items that, if leaked, would pose a risk to your organization or pose a risk of compliance policy violation   This gives you the visibility and control you need to ensure that sensitive items are used and protected properly, and to …

0 23 July 2021
AIP
Read more

AIP – Track and Revoke [General Availability]

Document tracking provides information for administrators about when a protected document was accessed.   If necessary, both admins and users can revoke document access for protected tracked documents.  This feature is available for AIP UL client version 2.9.111.0 or later 

0 23 July 2021
AIP
Read more

MIP – DLP Alerts [General Availability]

Microsoft announces the General Availability of the Microsoft Data Loss Prevention Alerts Dashboard. This latest addition in the Microsoft’s data loss prevention solution provides customers with the ability to holistically investigate DLP policy violations across:  Exchange  SharePoint Online  OneDrive  Teams  Devices  Cloud apps  On-premises file shares  Learn more about the feature at: Learn about the data loss prevention Alerts …

0 23 July 2021
AIP
Read more

MIP – Dynamic Markings with Variables within native labeling across all platforms [General Availability]

Configure sensitivity labels for content markings by using variables in the text string for your header, footer, or watermark Read more about the feature at Manage sensitivity labels in Office apps – Microsoft 365 Compliance | Microsoft Docs 

0 23 July 2021
AIP
Read more

MIP – AIP Audit Logs in Activity Explorer [Public Preview]

Azure Information Protection client audit logs are now available in Activity Explorer for existing AIP Analytics customers and this functionality is in public preview. Read more about Activity Explorer audit events at: https://docs.microsoft.com/en-us/microsoft-365/compliance/data-classification-activity-explorer?view=o365-worldwide   This preview requires registration via: https://aka.ms/Register-AIPActivityExplorerPublicPreview    

0 23 July 2021
AIP
Read more

MIP – Co-authoring [Public Preview]

Co-authoring and AutoSave on Microsoft Information Protection-encrypted documents  Client-based automatic and recommended labeling on Mac  Mandatory labeling requiring users to apply a label to their email and documents  Availability of audit label activities in Activity Explorer  Native support for variables and per-app content marking  You can leverage co-authoring using:  Production or test tenant  Microsoft 365 apps with the …

0 23 July 2021
AIP
Read more

MIP – Improvements for Exchange Online service side auto-labeling [General Availability]

Automatic classification with sensitivity labels emails in transit in Exchange Online  Improved capabilities on top of existing service-based auto-labeling include:  Additional predicates with Exchange Online auto-labeling   Encrypt only and Do Not Forward support Context-based detections Read more about the feature at: Automatically apply a sensitivity label to content in Microsoft 365 – Microsoft 365 Compliance | Microsoft Docs 

0 23 July 2021
AIP
Read more

MIP – Mandatory Labeling [General Availability]

Office apps (Word, Excel, PowerPoint, Outlook) will now respect the Admin policy setting to require users to apply a label to documents and emails on Windows, Mac, iOS, and Android (for the Office 365 subscription version of the apps).  The Azure Information Protection unified labeling client supports this configuration that’s also known as mandatory labeling. For labeling built in to Office …

0 23 July 2021
AIP
Read more

Microsoft Cloud App Security – Release 205

Zendesk app connector available in public previewA new app connector for Zendesk is available in public preview. You can now connect Microsoft Cloud App Security to Zendesk to monitor and protect users and activities. For more information, see Connect Zendesk. New Cloud Discovery parser for WanderaCloud Discovery in Cloud App Security analyzes a wide range of …

0 19 July 2021
MCAS
Read more

Microsoft Cloud App Security – Release 204

New log collector versionUpgraded Log collector for Shadow IT discovery is now available. It includes the following updates: Microsoft has upgraded our Pure-FTPd version to the latest version: 1.0.49. TLS < 1.2 is now disabled by default. Microsoft has disabled the “octet-counted” framing feature in RSyslog to prevent failed processing.For more information, see Configure automatic log …

0 28 June 2021
MCAS
Read more

[MDO] Investigation updates for improved email threats and actions

Microsoft is improving Automated Investigation and Response (AIR) from Defender for Office365 The rollout of the updated email clustering will begin today, June 21st. Investigations will now only queue actions for approval when malicious emails are still in the mailbox (by using latest delivery location instead of original). Investigations only queue actions for malware or …

0 21 June 2021
MDO
Read more

Azure Sentinel – Watchlist Enhancements

Azure Sentinel Watchlists provides the ability to quickly import IP addresses, file hashes, etc. from csv files into your Azure Sentinel workspace. Then utilize the watchlist name/value pairs for joining and filtering for use in alert rules, threat hunting, workbooks, notebooks and for general queries. Watchlist Updating Functionality The new watchlist UI encompasses the following …

0 21 June 2021
Sentinel
Read more

Microsoft Cloud App Security – Release 203

Expose verified publisher indicating in O365 OAuth appsCloud App Security now surfaces whether a publisher of an Office 365 OAuth app has been verified by Microsoft to enable higher app trust. This feature is in a gradual rollout. For more information, see Working with the OAuth app page. Azure Active Directory Cloud App Security adminA Cloud …

0 14 June 2021
MCAS
Read more

Microsoft Cloud App Security – Release 200, 201, and 202

Authentication Context (Step-Up Authentication) in public previewMicrosoft has added the ability to protect users working with proprietary and privileged assets by requiring Azure AD Conditional Access policies to be reassessed in the session. For example, if a change in IP address is detected because an employee in a highly sensitive session has moved from the …

0 31 May 2021
MCAS
Read more

Thibault CHÂTIRON

Expert Sécurité

À propos de moi

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts

Categories
AADConnect AIP Application Guard Azure Azure ATP Blockchain Conditional Access Copilot Delve DLP eDiscovery ethereum Exchange Online Graph API Guest Hello For Business Information barriers Insider Risk Management Intune MCAS MDE MDI MDO MFA Microsoft 365 Microsoft Threat Protection OneDrive Passwordless Prim'X Purview Sentinel SharePoint Online Solidity SSPR Windows Zed
Recent Posts
April 2024
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
2930  
Categories
Archives

©  2024 Thibault Chatiron