Microsoft Defender Weekly Wrap - Issue #32

Good Friday everyone!

This Friday is especially exciting for me as I'm taking a larger chunk of my time off in one fell swoop. As of today, I'm out of office until July 11th. As the Microsoft fiscal year closes and the next one opens, this is a great time to rest, reflect and reenergize for the busy year ahead.

I'll still be stopping in from time-to-time. As I've said, I enjoy my work so it's not a burden for me to sneak away and catch up on things. I truly enjoy it.

My manager asked me this past week about what was on my mind. I'll tell you what I told him -- nothing. With the fiscal year at an end and a week off to enjoy friends and family, I've spent the last few days emptying my inbox and my thoughts.

So, as such, I don't have a lot to share this week. There's a lot of wonderful newsletter content and sometimes that's enough.

Talk to you all soon.

-Rod

---

Things that are Related

Announcing the new certification for cybersecurity architects - Microsoft Tech Community — techcommunity.microsoft.com We’re happy to announce that the new Microsoft Certified: Cybersecurity Architect Expert certification is now generally available. To earn this

How security leaders can help their teams avoid burnout - Microsoft Security Blog — www.microsoft.com The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Voice of the Community blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Maria Markstedter, Chief Executive Offer (CEO) of Azeria Labs, former Chief Product Officer (CPO) at Corellium, a Black Hat1 Review Board member, Forbes Person of the Year in Cybersecurity, and the author of a soon-to-be-published book on Arm assembly internals and reverse-engineering.2 The thoughts below reflect Maria’s views, not the views of Microsoft, and are not legal advice. In this blog post, Maria talks about the industry’s growing interest in Arm assembly and how to help security professionals avoid burnout.

Get defense-in-depth email security, now available via Azure Marketplace - Microsoft Tech Community — techcommunity.microsoft.com

This guest post is by Arun Singh, VP of Marketing at Abnormal Security. In the past decade, there have been two major shifts in the world of email.

The 2-Minute Recap : Everything new with Security, Compliance, and Identity on Microsoft Learn - Microsoft Tech Community — techcommunity.microsoft.com Welcome to our monthly blog series featuring the latest Security, Compliance, and Identity content updates on Microsoft Learn. This month, we’re

Certification Dashboard and SC-100 News - Azure Cloud & AI Domain Blog — azurecloudai.blog There's some movement happening for those that are still anxiously waiting for their SC-100 exam results. For those that have been watching for the results to come through after taking the beta exam for SC-100 Microsoft Cybersecurity Architect, you probably read the note that the Certification Dashboard would be moving. That move has now fully

Things to Have

Exchange Online Protection & Microsoft Defender For Office 365 Hardening Tool — github.com Exchange Online Protection & Microsoft Defender For Office 365 Hardering Tool - GitHub - mparlakyigit/365Defender-EOPHarderingTool: Exchange Online Protection & Microsoft Defender For Office 365 Hardering Tool

PoSH/Defender at main · cventour/PoSH · GitHub — github.com Defender Scripts Scripts that I've written to make my life easier with MS Defender for Endpoint

Defender for Cloud Things

VIDEO: Azure SQL Security: Database Protection with Defender for Cloud (Ep. 5) | Data Exposed - Microsoft Tech Community — techcommunity.microsoft.com In this episode of Data Exposed with Anna Hoffman and Ido Keshet, learn about how defender for SQL (and defender for cloud) can address the top security

VIDEO: Remediate Security Recommendations with Governance | Defender for Cloud in the Field #15 — www.youtube.com In this episode of Defender for Cloud in the Field, Amit Biton joins Yuri Diogenes to talk about the new Governance feature in Defender for Cloud. Amit expla...

BLOG: How to upgrade from MMA-based Defender for Endpoint to MDE unified solution in Defender for Cloud?  — jeffreyappel.nl The new Defender for Endpoint unified agent is generally available for some time (since April 11th, 2022. The new unified Microsoft Defender for Endpoint solution is supported for Server 2012R2 and Windows Server 2016. In addition, automated deployment and integration of the new solution with Microsoft Defender for Cloud is now available with the Microsoft Defender for Server P1 and P2 solution.

Defender for Endpoint Things

BLOG: Is Microsoft Defender for Endpoint Worth All the Hype? — Steeves and Associates — www.steeves.net Are you on familiar with all that Microsoft Defender for Endpoint has to offer? Learn about how it fits into the Microsoft Security suite and how it can protect your organization.

BLOG: Using process creation properties to catch evasion techniques - Microsoft Security Blog — www.microsoft.com We developed a robust detection method in Microsoft Defender for Endpoint that can catch known and unknown variations of a process execution class used by attackers to evade detection. This class of stealthy execution techniques breaks some assumptions made by security products and enables attackers to escape antimalware scans by circumventing process creation callbacks using a legacy process creation syscall. Publicly known variations of this class are process doppelganging, process herpaderping, and process ghosting.

BLOG: Day-to-day Management for Microsoft Defender for Endpoint   — practical365.com Microsoft Defender for Endpoint is not a product you roll out and forget. To get the most out of this tool on a day-to-day basis, we walk through some actions administrators should be doing to keep current with the product.

BLOG: Announcing the public preview of Mobile Network Protection for Microsoft Defender on Android and iOS — techcommunity.microsoft.com The way organizations conduct business has changed dramatically over the past few years, with employees working from home or following a hybrid work model. This shift has made users more reliant on network connections for both personal and work commitments. This increased need for connecting to digital networks, while often convenient, has made users more prone to security risks.  Noting this trend, organizations are realizing the critical role that securing your network plays in managing the day-to-day operations and resilience of their business, especially when it comes to keeping their employees and data safe.

Microsoft 365 Defender Things

BLOG: Toll fraud malware: How an Android application can drain your wallet - Microsoft Security Blog — www.microsoft.com Toll fraud malware, a subcategory of billing fraud in which malicious applications subscribe users to premium services without their knowledge or consent, is one of the most prevalent types of Android malware – and it continues to evolve.

NEWS: How to Use Microsoft Defender on All Your Devices | WIRED — www.wired.com If you use a mix of Apple, Android, and Windows gadgets, you're in luck: The security tool is now available to any Microsoft 365 subscriber.

Defender for Cloud Apps Things

BLOG: Strengthen the security posture of your SaaS apps with Defender for Cloud Apps - Microsoft Tech Community — techcommunity.microsoft.com Over the last few years, organizations have increasingly adopted cloud-native SaaS applications to meet changing agility and productivity needs. While the

Microsoft Purview Things

BLOG: Microsoft Purview Information Protection support in Adobe Acrobat - Microsoft Tech Community — techcommunity.microsoft.com We are excited to announce the public preview program for Microsoft Purview Information Protection labeling and protection in Adobe Acrobat for Windows

BLOG: 4 breakthrough ideas for compliance and data security - Microsoft Security Blog — www.microsoft.com Through research and conversations with customers, we’ve identified four key data security challenges that many organizations face as they implement hybrid work and multicloud environments. You can dig into our findings and recommendations by signing up and downloading the e-book Blueprint for Data Protection: 4 Breakthrough Ideas for Compliance and Data Security. In the meantime, let us walk you through some of the highlights.

Defender for Office Things

BLOG: Email Protection Basics in Microsoft 365: Spam & Phish - Microsoft Tech Community — techcommunity.microsoft.com Microsoft Support is excited to continue a blog series that will demystify how Microsoft 365 email protection works. This is the second part of the

BLOG: Microsoft Defender for Office 365 Ninja Training: June 2022 Update - Microsoft Tech Community — techcommunity.microsoft.com We have published a few Microsoft Defender for Office 365 resources over the past few months, and these are now included in the Ninja Training. If you