Microsoft Defender Weekly Wrap - Issue #43
Hi everyone. It's me again. Andrea with two "As" and an "N" but not where you thiiiiink. (Shout out to all you She-Hulk fans - Wongers and Madisynn 4-ever).
Anyway, hope everyone is doing well. I assume you are all deep into college football and/or awaiting the arrival of pumpkin spice lattes. Even though it's still 90+ degrees in Florida, every store I visit is filled with Halloween costumes and Thanksgiving decorations. I'm as excited for candy bars and turkey as the next person but can we at least wait until September 1 for the holiday push to begin! At least they haven't started playing Here Comes "Santa Claus" yet.
Rod will be back next week, I promise. Thanks again for letting me crash the party.
...
Here's a new way to learn KQL ... join the Kusto Detective Agency! This is brilliant. It delivers a game-based approach to digging into the cloud's query language.
Here's how this works:
There are a total of five cases to solve.
Cases are released every two weeks, on Sundays
There are a limited number of prizes for those who solve the case first, BUT
A digital badge is given to every player who correctly solves a case
All previous cases will remain active for play even after the new cases are published
Join today: Kusto Detective Agency
And, of course, keep working on your Must Learn KQL progress to get your certificate: https://aka.ms/MustLearnKQL
...
YAMS 1
As part of Microsoft Defender for Cloud Apps Product Groups future planning, we are evaluating a set of features that we plan to invest on. We will appreciate if you can invest few minutes from your time to review the list of suggested features. Mark their priority as they are considered for your company and add the relevant comments if asked for.
Link to survey: Microsoft Defender for Cloud Apps CY23H1 feature survey
...
Be a Microsoft Defender for Cloud Design Partner!
We are looking for Design Partners to work with us in developing AWS and GCP capabilities in Microsoft Defender for Cloud. You will have the opportunity to influence the direction of the product and be part of our Digital Badge Recognition Program for your participation.
Sign-up: Seeking Multi Cloud Design Partners
...
Things to Attend
Get Free Phishing Benchmarking Data to Gear Your Cyber Heroes — terranovasecurity.com
The Gone Phishing Tournament is a free annual cyber security event open to security and risk management leaders. Drive effective behavior change and build a strong security-aware organizational culture with free, in-depth phishing simulation benchmarking data.
Things that are Related
Improving your security baseline with KQL – Microsoft Sentinel 101 — learnsentinel.blog One of my favourite sayings is 'don't let perfect be the enemy of good'. I think in cyber security, we can all be guilty of striving for perfection. Whether that is your MFA deployment, reducing local admin privilege or whatever your project may be. The reality is, in most larger organizations you will always have…
Kusto Query Language (KQL) Overview — www.youtube.com A look at KQL, its core usage and some useful resources to help you learn.🔎 Looking for content on a particular topic? Search the channel. If I have somethi...
Interview: Microsoft Identity Director Talks Future Of Identity, Importance Of Zero Trust | Expert Insights — expertinsights.com Alex Weinert, Director Of Identity Security at Microsoft, discusses the biggest identity challenges we face today and how organizations can get started with Zero Trust.
Things in Techcommunity
Microsoft 365 Defender for Business logs into Microsoft Sentinel - Microsoft Tech Community — techcommunity.microsoft.com Hi Community, One of our customers raised the below query: Is there a way we can include Microsoft 365 Defender for Business logs into Microsoft Sentinel?
Things in the News
Cyberattacks Are Now Increasingly Hands-On, Break Out More Quickly — www.darkreading.com Interactive intrusion campaigns jumped nearly 50%, while the breakout time between initial access and lateral movement shrank to less than 90 minutes, putting pressure on defenders to react quickly.
Defender for Cloud Things
DOCS: Enable File Integrity Monitoring (Azure Monitor Agent) | Microsoft Docs — docs.microsoft.com Learn how to enable File Integrity Monitor when you collect data with the Azure Monitor Agent (AMA)
Defender for Endpoint Things
Improved Device discoverability and classification using Defender for Endpoint and Defender for Identity — techcommunity.microsoft.com Leveraging Microsoft Defender for Identity as a data source for Microsoft Defender for Endpoint device discovery can help improve discovery coverage and fine tune the classification accuracy.
Microsoft 365 Defender Things
BLOG: Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices - Microsoft Security Blog — www.microsoft.com Your description for this link...
Defender for Identity Things
Empower employees to flag security and regulatory concerns in Microsoft Teams - Microsoft Tech Community — techcommunity.microsoft.com Hybrid workspaces are continuously evolving, with changes like increasingly varied work locations and the shift of more workplace communications and
What's new in Microsoft Defender for Identity | Microsoft Docs — docs.microsoft.com This article is updated frequently to let you know what's new in the latest release of Microsoft Defender for Identity.
Defender for Cloud Apps Things
Manage your SaaS Security Posture with Microsoft — www.youtube.com Wednesday, September 14, 2022, 12:00 PM ET / 9:00 AM PT (webinar recording date) Microsoft Defender for Cloud Apps Webinar | Manage your SaaS Security Postur...
Microsoft Purview Things
Go beyond compliance with Microsoft Purview — techcommunity.microsoft.com Building a holistic data protection and governance strategy is a big task. How can you get started? In this month’s episode of Uncovering Hidden Risks, we chat with Igor Tsyganskiy, President and CTO of Bridgewater Associates.
Defender for Office Things
DOCS: Getting the best security value from Microsoft Defender for Office 365 when you have third party email filtering — docs.microsoft.com Step-by-step configuration guidance on how to get security value from Microsoft Defender for Office 365 when you have third party email filtering.
Windows Defender Things
How to troubleshoot High cpu in Microsoft Defender Antivirus (MsMpEng.exe, Antimalware Service Executable), the easy way. – Yong Rhee’s blog — yongrhee.wordpress.com Disclaimer: The views expressed in my posts on this site are mine & mine alone & don’t necessarily reflect the views of Microsoft. All posts are provided “AS IS” with no warranties & confers no rights. If I post any code, scripts or demos, they are provided for the purpose of illustration & are not…
Microsoft Entra Things
BLOG: Preview for verified coupons with Entra Verified ID - Microsoft Tech Community — techcommunity.microsoft.com Hello! It’s been just over 30 days since Entra Verified ID became Generally Available (GA). I’m thrilled to share with you our latest update, developed by
DOCS: Tutorial - Configure your tenant for Microsoft Entra Verified ID - Microsoft Entra | Microsoft Docs — docs.microsoft.com In this tutorial, you learn how to configure your tenant to support the Verifiable Credentials service.