Microsoft Defender Weekly Wrap - Issue #17
Welcome all! I hope this newsletter makes for a wonderful end to a wonderful week for you all.
We've had quite a bump in subscribers this week, as the newly revamped coverage for all things Defender has firmly taken hold. It's good to see so many people interested in wholesale security.
I want to welcome all those that are new this week and hope you always find what you're looking for here in this community.
...
I hope you had the chance this week to hear or read about the updated version of the Azure Security Benchmark Workbook. Even if you did hear about it, you may not have had the opportunity to dig into it yet. This is a monumental release and something you should be very aware of.
Now at version 3, this workbook pulls data from over 25 Microsoft Security products to provide a central mechanism with which to view and review the strength (and weaknesses) of your organization's security posture. And not just a sideline reporting mechanism, it provides actionable links to things like direct hardening and remediation steps in Microsoft Defender for Cloud and investigation workflows in Microsoft Sentinel.
To get it: Azure Security Benchmark v3 on GitHub
Read the v3 announcement: Azure Security Benchmark v3 Workbook
Read more about ASB: Azure Security Benchmark introduction
...
Thanks everyone to your continuing interest in the Microsoft Defender branded products and services. And thanks also for your continuing support for this growing community.
Talk soon.
-Rod
Things that are Related
A Leader in multiple Zero Trust security categories: Industry analysts weigh in - Microsoft Security Blog — www.microsoft.com Competing in today’s business environment means being able to move forward without constantly looking over your shoulder for the latest cyber threat. An effective Zero Trust architecture helps make that possible through a combination of comprehensive coverage, easy integration, built-in intelligence, and simplified management. Microsoft Security does all four—integrating more than 40 disparate products for security, compliance, identity, and management across clouds, platforms, endpoints, and devices—so you can move forward—fearless.
Security Engineers on Microsoft Learn | Microsoft Docs — docs.microsoft.com Microsoft Learn helps you discover the tools and skills you need to become a Security Engineer.
Accenture Microsoft Security Product Hub
Accenture Microsoft Security Product Hub
Passing the Must Learn KQL Assessment - CHARBEL NEMNOM - MVP | MCT | CCSP - Cloud & CyberSecurity — charbelnemnom.com In this article, we will share with you how to prepare and pass the Must Learn KQL training and assessment.
Matt Zorich on Twitter: "Time to test your #KQL skills! Using the demo environment I have set up a #365daysofKQL scavenger hunt using the #AzureAD logs found in there. — twitter.com Time to test your #KQL skills! Using the demo environment I have set up a #365daysofKQL scavenger hunt using the #AzureAD logs found in there. Use the data from February to find the answers, win yourself a #MustLearnKQL cup and support a great cause - https://forms.office.com/r/WCg0gnQt9m
Defender for Cloud Things
BLOG: Going Private: Move your Azure apps and services off the Internet – blog.johnjoyner.net — blog.johnjoyner.net When your apps all ran on-premises, servers only received inbound Internet traffic if you specifically put them behind a firewall and enabled that kind of connection. The opposite is true of most PaaS services like web servers and cloud storage which operate by default over the Internet, usually accessed over HTTPS URLs, like https://myfileshare.file.core.windows.net for a file share storage account.
UPDATE: Azure Security Benchmark Workbook - Microsoft Tech Community — techcommunity.microsoft.com Today we’re announcing the next iteration of the Azure Security Benchmark (ASB) Workbook , which provides a single pane of glass for gathering and
Defender for Cloud in the Field - Out of Band edition — www.linkedin.com The new episode of #Defender for #Cloud in the Field - Out of Band edition is out. Some updates about the Defender for Cloud dashboard and also Future Kortor joined me to talk about the Defender for Cloud Cost Estimation dashboard.
VIDEO: Microsoft Defender for Cloud Azure Security Benchmark v3 Workbook — www.youtube.com Watch Microsoft's TJ Banasik (CISSP-ISSEP, ISSAP, ISSMP) and Lili Davoudian of Cloud + AI Security discuss and demo the Microsoft Defender for Cloud Azure Se...
NEW: New alert for Microsoft Defender for Storage (preview) — docs.microsoft.com
To expand the threat protections provided by Microsoft Defender for Storage, we've added a new preview alert. Threat actors use applications and tools to discover and access storage accounts. Microsoft Defender for Storage detects these applications and tools so that you can block them and remediate your posture.
VIDEO: Getting Started with Microsoft Azure Defender for Cloud - Microsoft Tech Community — techcommunity.microsoft.com This video provides a walkthrough of enabling Defender for Cloud for the first time and associating a compliance policy that is used to measure the security of the subscription.
Defender for Endpoint Things
BLOG: Announcing expanded support and functionality for Live Response APIs - Microsoft Tech Community — techcommunity.microsoft.com Live Response is a crucial tool for Incident Responders, and we are strong believers that Live Response should and could be used in ways that helps
Microsoft Defender for IoT Things
BLOG: Secure your Medical Devices with Microsoft Defender for IoT — techcommunity.microsoft.com Microsoft Defender for IoT is proud to introduce the new Internet of Medical Things (IoMT) solution, aimed to empower medical device manufacturers and solution operators to secure their connected medical devices end to end.
BLOG: Uncovering Trickbot’s use of IoT devices in command-and-control infrastructure - Microsoft Security Blog — www.microsoft.com The Microsoft Defender for IoT research team has recently discovered the exact method through which MikroTik devices are used in Trickbot’s C2 infrastructure. In this blog, we will share our analysis of the said method and provide insights on how attackers gain access to MikroTik devices and use compromised IoT devices in Trickbot attacks.
NEW: Secure your healthcare devices with Microsoft Defender for IoT and HCL's CARE - Microsoft Security Blog — www.microsoft.com By including Microsoft Defender for IoT in the device itself, device builders are able to create secure-by-design, managed IoT devices. Defender for IoT offers continuous asset discovery, vulnerability management, and threat detection—continually reducing risk with real-time security posture monitoring across the device’s operating system and applications.
NEW: Microsoft Defender for IoT for Device Builders in Public Preview — techcommunity.microsoft.com We would like to introduce you to our Public Preview of Microsoft Defender for IoT for Device Builders, the built-in security solution of Microsoft Defender for IoT aimed to empower device builders to create secure-by-design, managed IoT devices.