Thibault CHÂTIRON

Cybersecurity

Microsoft Defender for Cloud Apps (formerly MCAS) – Release 214 and 215

NetDocuments app connector available in public previewA new app connector for NetDocuments is available in public preview. You can now connect Microsoft Defender for Cloud Apps to NetDocuments to monitor and protect users and activities. For more information, see Connect NetDocuments to Microsoft Defender for Cloud Apps. Reset user investigation priority scoreThe user investigation priority score …

0 30 November 2021
MCAS
Read more

Microsoft Cloud App Security – Release 212 and 213

Impossible travel, activity from infrequent countries, activity from anonymous IP addresses, and activity from suspicious IP addresses alerts will not apply on failed logins.After a thorough security review, Microsoft decided to separate failed login handling from the alerts mentioned above. From now on, they’ll only be triggered by successful login cases and not by unsuccessful …

0 2 November 2021
MCAS
Read more

Information barriers – management experience in Microsoft 365 compliance center [Public Preview]

Coming to public preview, you will soon see an updated user experience in the Information barriers solution within the Microsoft 365 compliance center. This update includes new landing pages for Segments and Policies. When this will happen: Rollout will begin in late November and is expected to be complete by late December. How this will affect …

0 2 November 2021
Information barriers
Read more

Microsoft Cloud App Security – Release 209, 210 and 211

Slack API connector is now in general availabilitySlack API connector is in general availability, giving you more visibility in to, and control over, how your app is used in your organization. For more information, see How Cloud App Security helps protect your Slack Enterprise. New warn experience for monitored apps with Microsoft Defender for Endpoint is …

0 11 October 2021
MCAS
Read more

New Conditions in Teams DLP [Public Preview]

Microsoft announced the public preview for 4 new conditions in Teams Data Loss Prevention(DLP) available through the Microsoft 365 Compliance Center.  These 4 conditions have already been available for Exchange DLP and are now available for Teams : Sender is  Recipient is  Sender domain is  Recipient domain is  With the availability of these conditions, customers can extend their existing Exchange policies to …

0 9 September 2021
DLP
Read more

Microsoft Cloud App Security – Release 206, 207 and 208

New Cloud Discovery Open Systems log parserCloud App Security’s Cloud Discovery analyzes a wide range of traffic logs to rank and score apps. Now Cloud Discovery includes a built-in log parser to support the Open Systems format. For a list of supported log parsers, see Supported firewalls and proxies. New warn experience for monitored apps with …

0 24 August 2021
MCAS
Read more

Azure Sentinel – IdentityInfo table [Public Preview]

Prerequisite Enable UEBA – Use entity behavior analytics to detect advanced threats If already have UEBA enabled, you will notice that a new table called ‘IdentityInfo’ is now available under ‘Azure Sentinel UEBA’ group in your Log Analytics. The Identity info table contains a snapshot of the user’s profile: metadata information, groups membership, Azure AD …

0 28 July 2021
Sentinel
Read more

Azure Sentinel – Watchlist [General Availability]

The 12th July, Microsoft has announced the General Availability (GA) of Azure Sentinel Watchlist to all regions! Azure Sentinel watchlists enable the collection of data from external data sources for correlation with the events in your Azure Sentinel environment. Watchlists are stored in your Azure Sentinel workspace as name-value pairs and are cached for optimal …

0 26 July 2021
Sentinel
Read more

Azure Sentinel – Update Watchlist UI Enhancements

The new watchlist UI encompasses the following functionality: Add new watchlist items or update existing watchlist items. Select and update multiple watchlist items at once via an Excel-like grid. Add/remove columns from the watchlist update UI view for better usability. How to update watchlist From the Azure portal, navigate to Azure Sentinel > Configuration > Watchlist  Select a Watchlist, then select Edit Watchlist …

0 26 July 2021
Sentinel
Read more

AIP – DLP On-Prem [Public Preview]

The DLP on-premises scanner crawls on-premises data-at-rest in file shares and SharePoint document libraries and folders for sensitive items that, if leaked, would pose a risk to your organization or pose a risk of compliance policy violation   This gives you the visibility and control you need to ensure that sensitive items are used and protected properly, and to …

0 23 July 2021
AIP
Read more

AIP – Track and Revoke [General Availability]

Document tracking provides information for administrators about when a protected document was accessed.   If necessary, both admins and users can revoke document access for protected tracked documents.  This feature is available for AIP UL client version 2.9.111.0 or later 

0 23 July 2021
AIP
Read more

MIP – DLP Alerts [General Availability]

Microsoft announces the General Availability of the Microsoft Data Loss Prevention Alerts Dashboard. This latest addition in the Microsoft’s data loss prevention solution provides customers with the ability to holistically investigate DLP policy violations across:  Exchange  SharePoint Online  OneDrive  Teams  Devices  Cloud apps  On-premises file shares  Learn more about the feature at: Learn about the data loss prevention Alerts …

0 23 July 2021
AIP
Read more

MIP – Dynamic Markings with Variables within native labeling across all platforms [General Availability]

Configure sensitivity labels for content markings by using variables in the text string for your header, footer, or watermark Read more about the feature at Manage sensitivity labels in Office apps – Microsoft 365 Compliance | Microsoft Docs 

0 23 July 2021
AIP
Read more

MIP – AIP Audit Logs in Activity Explorer [Public Preview]

Azure Information Protection client audit logs are now available in Activity Explorer for existing AIP Analytics customers and this functionality is in public preview. Read more about Activity Explorer audit events at: https://docs.microsoft.com/en-us/microsoft-365/compliance/data-classification-activity-explorer?view=o365-worldwide   This preview requires registration via: https://aka.ms/Register-AIPActivityExplorerPublicPreview    

0 23 July 2021
AIP
Read more

MIP – Co-authoring [Public Preview]

Co-authoring and AutoSave on Microsoft Information Protection-encrypted documents  Client-based automatic and recommended labeling on Mac  Mandatory labeling requiring users to apply a label to their email and documents  Availability of audit label activities in Activity Explorer  Native support for variables and per-app content marking  You can leverage co-authoring using:  Production or test tenant  Microsoft 365 apps with the …

0 23 July 2021
AIP
Read more

MIP – Improvements for Exchange Online service side auto-labeling [General Availability]

Automatic classification with sensitivity labels emails in transit in Exchange Online  Improved capabilities on top of existing service-based auto-labeling include:  Additional predicates with Exchange Online auto-labeling   Encrypt only and Do Not Forward support Context-based detections Read more about the feature at: Automatically apply a sensitivity label to content in Microsoft 365 – Microsoft 365 Compliance | Microsoft Docs 

0 23 July 2021
AIP
Read more

MIP – Mandatory Labeling [General Availability]

Office apps (Word, Excel, PowerPoint, Outlook) will now respect the Admin policy setting to require users to apply a label to documents and emails on Windows, Mac, iOS, and Android (for the Office 365 subscription version of the apps).  The Azure Information Protection unified labeling client supports this configuration that’s also known as mandatory labeling. For labeling built in to Office …

0 23 July 2021
AIP
Read more

Microsoft Cloud App Security – Release 205

Zendesk app connector available in public previewA new app connector for Zendesk is available in public preview. You can now connect Microsoft Cloud App Security to Zendesk to monitor and protect users and activities. For more information, see Connect Zendesk. New Cloud Discovery parser for WanderaCloud Discovery in Cloud App Security analyzes a wide range of …

0 19 July 2021
MCAS
Read more

Microsoft Cloud App Security – Release 204

New log collector versionUpgraded Log collector for Shadow IT discovery is now available. It includes the following updates: Microsoft has upgraded our Pure-FTPd version to the latest version: 1.0.49. TLS < 1.2 is now disabled by default. Microsoft has disabled the “octet-counted” framing feature in RSyslog to prevent failed processing.For more information, see Configure automatic log …

0 28 June 2021
MCAS
Read more

[MDO] Investigation updates for improved email threats and actions

Microsoft is improving Automated Investigation and Response (AIR) from Defender for Office365 The rollout of the updated email clustering will begin today, June 21st. Investigations will now only queue actions for approval when malicious emails are still in the mailbox (by using latest delivery location instead of original). Investigations only queue actions for malware or …

0 21 June 2021
MDO
Read more

Thibault CHÂTIRON

Expert Sécurité

À propos de moi

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts

Categories
AADConnect AIP Application Guard Azure Azure ATP Blockchain Conditional Access Copilot Delve DLP eDiscovery EntraID ethereum Exchange Online Graph API Guest Hello For Business Information barriers Insider Risk Management Intune MCAS MDE MDI MDO MFA Microsoft 365 Microsoft Threat Protection Non classé OneDrive Passwordless Prim'X Purview Sentinel SharePoint Online Solidity SSPR Windows Zed
Recent Posts
November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  
Categories
Archives

©  2024 Thibault Chatiron