Microsoft Defender Weekly Wrap - Issue #33

Jul 08, 2022

Hi, all! Happy Friday!

It's been a wonderful week here at Trent Manor. As you know from past newsletters, I've been taking time off the past week to enjoy friends and family. It started with a head cold, so it definitely had no way to go but up.

As there's so much focus recently on certifications and certification renewals - particularly for those of us who are still waiting for their SC-100 beta results <groan> - here's something I thought would be beneficial to us all.

We are inviting everyone to participate in the annual IT Skills and Salary Survey led by Skillsoft. Think about how has Microsoft training and certification impacted your career?

Survey is here: https://rodtrent.com/elc

...

I'll be back in the office and completely active next week (after clearing out my awaiting email inbox). I'm looking forward to how this newsletter and community will grow in the next Microsoft fiscal year. Thanks so much for being part of this ongoing effort and thanks for being such stalwarts for Microsoft security.

Talk soon.

-Rod

Things that are Related

13.MustLearnKQL: The Extend Operator — www.youtube.com A demonstration of the Kusto Query Language extend operator.MustLearnKQL Table of Contents: https://aka.ms/MustLearnKQLGet the Ebook: https://cda.ms/3mTKQL B...

Defender for Cloud Things

DOCS: How to enable Microsoft Defender for Containers in Microsoft Defender for Cloud | Microsoft Docs — docs.microsoft.com Enable the container protections of Microsoft Defender for Containers

VIDEO: Defender for Cloud in the Field - Out of Band Edition — www.linkedin.com In this week's episode of #Defender for #Cloud in the Field - Out of Band Edition, I'm covering some new improvements in the Security Alerts dashboard ...

BLOG: Microsoft Defender for Cloud PoC Series - Multicloud with GCP - Microsoft Tech Community — techcommunity.microsoft.com Introduction The purpose of this article is to provide specific guidelines on how to perform a Proof of Concept (PoC) for Microsoft Defender for Cloud’s

BLOG: Deploy Microsoft Defender for Cloud via Terraform - Microsoft Tech Community — techcommunity.microsoft.com Terraform is an Infrastructure as a Code tool created by Hashicorp. It’s used to manage your infrastructure in Azure, as well as other clouds. In this

Defender for Endpoint Things

BLOG: Microsoft Defender for Endpoint series – What is Defender for Endpoint? – Part1 — jeffreyappel.nl It is time for the first part of the ultimate Microsoft Defender for Endpoint (MDE) series. After the announcement and the great response, it is time for the first part. Part 1 contains information related to Defender for Endpoint’s basics. Upcoming parts are more deep-dived into the components. See part 1 as the high-level overview of the components and parts under the Defender for Endpoint umbrella.

BLOG: Introducing the new alert suppression experience now in Public Preview — techcommunity.microsoft.com We are excited to share the new and advanced alert suppression experience which provides tighter granularity and control, allowing users to tune Microsoft Defender for Endpoint alerts.

VIDEO: MDE Tutorial 1- Microsoft Defender Overview — www.youtube.com Microsoft Defender Overview

Microsoft 365 Defender Things

BLOG: Monthly news - June 2022 - Microsoft Tech Community — techcommunity.microsoft.com Microsoft 365 Defender Monthly news June 2022 We are excited to publish our first "What's new" blog post, a new monthly summary of what has been

Defender for Identity Things

BLOG: Microsoft Defender for Identity Workbook for Microsoft Sentinel — www.linkedin.com Introduction Recently while working on a Microsoft Defender for Identity, have developed a workbook to show the alerts from Defender for Identity & Advance hunting data available for the same. Details Defender for Identity as product make 2 different data sets available Alerts from Defender For Iden

BLOG: How Microsoft Defender for Identity protects against DFSCoerce - Microsoft Tech Community — techcommunity.microsoft.com Almost a year has passed since the “PetitPotam” attack vector was initially discovered. Shortly after, Microsoft Defender for Identity provided detection

Microsoft Purview Things

NEWS: KuppingerCole rates Microsoft as outstanding in functionality for secure collaboration - Microsoft Security Blog — www.microsoft.com We are excited to share that Microsoft has been rated “Outstanding in Functionality” in the KuppingerCole Market Compass for Secure Collaboration, May 2022. Microsoft was also the only company to be awarded the highest possible score of “Strong Positive” in all five categories: security, deployment, interoperability, usability, and market standing for the Microsoft Purview Information Protection platform.

NEWS: Public preview: Microsoft Purview data sharing | Azure updates | Microsoft Azure — azure.microsoft.com Microsoft Purview data sharing for in-place data sharing for Azure Data Lake Storage (ADLS Gen2) and Azure Blob Storage is now in public preview.

BLOG: Share data near real-time with Microsoft Purview in-place data sharing for Azure Storage — techcommunity.microsoft.com Data providers can now share data in-place from ADLS Gen2 and Blob storage accounts without data duplication, and share within and across organizations. They can also centrally manage sharing activities within Microsoft Purview, a unified data governance solution. Data consumers can now have near real-time access to shared data. They can also use this shared data for any of their processing and insights needs and gain value at cloud scale faster than ever before.

Microsoft Entra Things

BLOG: Microsoft Entra Permissions Management is now generally available! - Microsoft Tech Community — techcommunity.microsoft.com Howdy folks, As a part of our mission to support organizations’ multicloud strategy, last summer we acquired CloudKnox Security, a leader in Cloud

Defender for IoT Things

BLOG: Digital transformation for manufacturers requires additional IT/OT security | Azure Blog and Updates | Microsoft Azure — azure.microsoft.com While every industry is vulnerable to a ransomware attack, manufacturers are at a particular risk. While digitization and automation have helped transform the industry, it has simultaneously opened up new attack vectors within organizations. With the risks so high, an enterprise-level solution that provides visibility and protection like Microsoft Defender for IoT is essential.