Microsoft Defender Weekly Wrap - Issue #39
Happy Friday everyone!
I'm reluctant to say that my wife is out of town again because last time many of you responded about your worry for me. :) But, yes, she's out of town again. She's traveling with her mother on a daughter/mom vacation. And, as many of you caught on last time, when my wife is out of town I don't sleep well.
In a couple weeks, my wife and I are taking our entire family (kids and grandkid) on a long-needed beach vacation. I may try to unplug during that time, but that's always difficult because I enjoy staying connected. So - it's up-in-the-air if the newsletter will deliver that week - but probably good odds that it still will.
...
In our sister publication for Microsoft Sentinel I noted in today's newsletter edition how the LinkedIn community has grown over the past year.
So, I think it's worth noting how active and engaged the LinkedIn community for Microsoft Defender and associated communities are.
LinkedIn community for Microsoft Defender:
Members: 1,020
13,553 post views from 63 posts
LinkedIn community for Microsoft Entra:
Members: 757
2,430 post views from 11 posts
LinkedIn community for Microsoft Endpoint Manager:
Members: 5,101
2,489 post views from 16 posts
If any of these topic areas interest you, jump out to the links to join.
...
That's all from me this week. The wife gets back home on Sunday so only another couple sleeps.
Talk soon.
-Rod
Things to Attend
Stop Ransomware with Microsoft Security 2022 - Home - Home — msthreatintelligencedigitalevent.eventcore.com
Register for the Stop Ransomware with Microsoft Security digital event to watch in-depth demos of the latest threat intelligence technology. Thursday, September 15, 2022, 9:00 AM – 10:30 AM Pacific Time (UTC-7)
Connect with Microsoft Security experts at the 2022 Gartner Identity & Access Management Summit — www.microsoft.com In that spirit of discovery, we’re looking forward to joining the IAM community at the Gartner Identity & Access Management Summit, August 22 to 24, 2022, in Las Vegas, Nevada. We’ll be sharing some of Microsoft’s recent insights about strengthening lifecycle and permissions management, stopping attacks on identity infrastructure, and moving to a cloud-based identity platform.
In-person event: Days of the Defenders
When: Thursday, October 6 - 7, 2022 | 9:00 AM (GMT+00:00) Where: Reading, England, United Kingdom
Uncovering Hidden Risks — thecyberwire.com Uncovering Hidden Risks explores how enterprises can reduce their risk by moving to a more holistic approach to data protection.
Things that are Related
Microsoft Security Insights Aug '22 — www.youtube.com Tune in! Microsoft Security Insights is a weekly podcast that provides information, news, and tips on Microsoft Security Solutions including Microsoft Sentin...
3 ways Microsoft Security Tech works (part 3 of 5) — www.youtube.com Get ahead of attackers. With Extended Detection Response (EDR), your organisation will have intelligent, automated and integrated protection across domains.G...
How to harness Microsoft Security 24x7 (part 5 of 5) — www.youtube.com Get 24x7 peace of mind with MicrosoftSecurityShield365. It is a fully managed security service that combines our expert Microsoft SecOps Engineers with the l...
SC300 - Microsoft Identity and Access Management Exam Prep — www.youtube.com
SC300 - Microsoft Identity and Access Management Exam Prep
Defender for Cloud Things
NEW: Containers Security Mapping Dashboard - Microsoft Tech Community Microsoft Defender for Containers merges the capabilities of the two previously offered Microsoft Defender for Cloud plans, Microsoft Defender for
VIDEO: Defender for Cloud integration with Microsoft Entra | Defender for Cloud in the Field #17 — www.youtube.com In this episode of Defender for Cloud in the Field, Bar Brownshtein joins Yuri Diogenes to talk about the new Defender for Cloud integration with Microsoft E...
DOCS: Auto-deployment of Azure Monitor Agent (Preview) — docs.microsoft.com
The Azure Monitor Agent (AMA) collects monitoring data from the guest operating system of Azure and hybrid virtual machines and delivers it to Azure Monitor for use by features, insights, and other services, such as Microsoft Sentinel and Microsoft Defender for Cloud. The Azure Monitor Agent is now integrated into Microsoft Defender for Cloud. You can auto-provision Azure Monitor Agent to all of your cloud and on-premises servers with Defender for Cloud. Also, Defender for Cloud protections can use data collected by the Azure Monitor Agent.
DOCS: Auto provision the Azure Monitor Agent to protect your servers with Microsoft Defender for Cloud — docs.microsoft.com Learn how to deploy the Azure Monitor Agent on your Azure, multicloud, and on-premises servers with auto provisioning to support Microsoft Defender for Cloud protections.
DOCS: Important changes coming to Microsoft Defender for Cloud | Microsoft Docs — docs.microsoft.com
Removing security alerts for machines reporting to cross-tenant Log Analytics workspaces Estimated date for change: September 2022 Defender for Cloud lets you choose the workspace that your Log Analytics agents report to. When a machine belongs to one tenant (“Tenant A”) but its Log Analytics agent reports to a workspace in a different tenant (“Tenant B”), security alerts about the machine are reported to the first tenant (“Tenant A”). With this change, alerts on machines connected to Log Analytics workspace in a different tenant will no longer appear in Defender for Cloud. If you want to continue receiving the alerts in Defender for Cloud, connect the Log Analytics agent of the relevant machines to the workspace in the same tenant as the machine.
NEW: Defender for Cloud Onboarding workbook - Microsoft Tech Community — techcommunity.microsoft.com By default, Microsoft Defender for Cloud is not enabled on an Azure Subscription. However, if you visit Defender for Cloud in the Azure portal for the
Defender for Endpoint Things
BLOG: Microsoft Defender for Endpoint Network Protection and Web Protection for MacOS and Linux — techcommunity.microsoft.com Microsoft Defender for Endpoint Network Protection and Web Protection for macOS and Linux is now in Public Preview.
BLOG: Microsoft Defender for Endpoint: Tamper protection on macOS — techcommunity.microsoft.com Microsoft Defender for Endpoint's tamper protection feature is now generally available on macOS devices.
Microsoft Defender for IoT Things
DOCS: FAQs for Enterprise IoT networks - Microsoft Defender for IoT | Microsoft Docs — docs.microsoft.com Find answers to the most frequently asked questions about Microsoft Defender for IoT Enterprise IoT networks.
Microsoft 365 Defender Things
BLOG: The new Microsoft 365 Defender APIs in Microsoft Graph are now available in public preview! — techcommunity.microsoft.com The new Microsoft 365 Defender APIs in Microsoft Graph are now available in public preview!
BLOG: Disrupting SEABORGIUM’s ongoing phishing operations - Microsoft Security Blog — www.microsoft.com Microsoft 365 Defender customers can run the following advanced hunting queries to locate IOCs and related malicious activity in their environments.
BLOG: Introducing new actions from the Email Entity page! - Microsoft Tech Community — techcommunity.microsoft.com Email remediation is a powerful tool that can be used by security operations teams to act on suspicious emails. SecOps can trigger email purge actions,
Windows Defender Things
BLOG: Hardware-based threat defense against increasingly complex cryptojackers - Microsoft Security Blog — www.microsoft.com To provide advanced protection against these increasingly complex and evasive threats, Microsoft Defender Antivirus uses various sensors and detection technologies, including its integration with Intel® Threat Detection Technology (TDT), which applies machine learning to low-level CPU telemetry to detect threats even when the malware is obfuscated and can evade security tools.
Microsoft Entra Things
VIDEO: Looking at Entra Permissions Management to Manage Permissions Across AWS, GCP and Azure — www.youtube.com A dive into Entra Permissions Management. What it is, how we use it and a little bit of how it works.🔎 Looking for content on a particular topic? Search the...
Passwordless is here and at scale - Microsoft Tech Community — techcommunity.microsoft.com In today’s spotlight, we’ll be focusing on the journey of one of our largest partners, Accenture, as they adopted passwordless authentication and reduced their exposure to phishing attacks.