Microsoft Defender Weekly Wrap - Issue #29
Happy Friday everyone!
What a week! Whew!
While attendance for RSA this year may not have been massive, it was still a busy, good show. For me, it was a wonderful time to connect with all those colleagues that I've worked with only remotely of the past 3 years. Time spent talking, joking, and laughing.
As you read this week's newsletter, I'm traveling home. So, I'll more of my thoughts and insight about RSA to share next week.
That said, there was genuine interest in Microsoft Sentinel and Microsoft Defender and lots of curiosity in what's next.
...
Have a wonderful weekend.
Talk soon.
-Rod
Things to Attend
GET-IT Microsoft Cloud Security and Compliance 1-Day Virtual Conference - Petri IT Knowledgebase — petri.com As more organizations than ever before move data, apps, and services into the cloud, and employees access resources from outside the corporate firewall, there's a growing need to ensure secure access and provide more sophisticated security protections. Ransomware has surged in recent years, ...
Things that are Related
Announcing 2022 Microsoft Security Excellence Awards winners - Microsoft Security Blog — www.microsoft.com Spirits soared at the Microsoft Security Excellence Awards on June 5, 2022. And is it any wonder? The celebration marked the first time that Microsoft executives and Microsoft Intelligent Security Association (MISA) members had gathered in person in more than two years so it was a special night for many reasons!
VIDEO: Why Security Matters: Protecting your business and maintaining trust with your customers — www.youtube.com Why Security Matters: Protecting your business and maintaining trust with your customers
Defender for Cloud Things
DOCS: Microsoft Defender for SQL - the benefits and features | Microsoft Docs — docs.microsoft.com Learn about the benefits and features of Microsoft Defender for SQL.
DOCS: Driving your organization to remediate security issues with recommendation governance in Microsoft Defender for Cloud | Microsoft Docs — docs.microsoft.com Learn how to assign owners and due dates to security recommendations and create rules to automatically assign owners and due dates
BLOG: Drive your organization to security actions using Governance experience - Microsoft Tech Community — techcommunity.microsoft.com As organizations migrate to the cloud and grow their cloud presence, the threat landscape and attack surfaces also expand and multiply. Security teams
BLOG: Azure Arc Kubernetes and Azure Defender Cloud for Containers with #Azure Policies | Cloud and Datacenter Management Blog — mountainss.wordpress.com Azure Arc for Hybrid Cloud Management. In my last blogpost I wrote about Azure Arc enabled Kubernetes and Container Insights with Alerting and Actions In the following steps I will install some containers (Pods) on my Azure Arc enabled Kubernetes so I have some data to work with in my MVP LAB. I did that…
BLOG: Microsoft Defender for Cloud RSA announcements - - Microsoft Tech Community — techcommunity.microsoft.com This year is special. After 2 years of remote conferences, our team finally can physically meet with the security professionals attending RSA. Over the
Defender for Endpoint Things
BLOG: Prevent compromised unmanaged devices from moving laterally in your organization with “Contain” — techcommunity.microsoft.com 71% of human operated ransomware cases are initiated by an unmanaged device, usually internet facing, that is compromised and is then used to move laterally and compromise more devices.
BLOG: Custom compliance, actionable insights improve security posture - Microsoft Tech Community — techcommunity.microsoft.com Security and IT professionals congregated in San Francisco this week for the RSA Conference 2022. Their goals included learning and sharing best practices
VIDEO: Automated Investigation and Response | Virtual Ninja Training with Heike Ritter — www.youtube.com Automated investigation and response use inspection algorithms to examine alerts, determine whether the threat requires action, and perform necessary remedia...
VIDEO: The Investigation Experience | Virtual Ninja Training with Heike Ritter — www.youtube.com The incidents queue provides high-level information about each incident and is the starting point for your threat investigations. In this episode, we bring y...
BLOG: Mobile device support is now available for US Government Customers using Defender for Endpoint — techcommunity.microsoft.com As endpoints become more dispersed with the increased adoption of hybrid work, it has never been more critical for organizations to ensure their users and devices are protected from the persistent and ever-evolving threat landscape.
Microsoft Defender for IoT Things
BLOG: Investigating an Alert Using Defender for IoT and Wireshark - Microsoft Tech Community — techcommunity.microsoft.com This blog will be one in a series of blogs to discuss the above topic. We will take specific Microsoft Defender for IoT alerts and try to understand what
Microsoft 365 Defender Things
DOCS: Detecting human-operated ransomware attacks with Microsoft 365 Defender | Microsoft Docs — docs.microsoft.com This article describes proactive detection of new or ongoing human-operated ransomware attacks with the Microsoft 365 Defender portal
Defender for Identity Things
BLOG: Alert when a group is added to a sensitive Active Directory group - Microsoft Tech Community — techcommunity.microsoft.com Hi everyone, it’s Gershon, back again with a follow up to my last blog where we were able to track changes to sensitive groups with Advanced Hunting in
Defender for Office Things
BLOG: Announcing the release of step-by-step guides! - Microsoft Tech Community — techcommunity.microsoft.com Sometimes you want to get a task done quickly, and detailed documentation can be a bit overwhelming with all the rich information. That's why we're proud
BLOG: Email Protection Basics in Microsoft 365: Bulk Email - Microsoft Tech Community — techcommunity.microsoft.com Microsoft Support is excited to start a blog series that will demyst ify how Microsoft 365 email protection works . We are a team of engineers with years