Monthly news - November 2023

  • Thread starter Thread starter Stanislav Belov
  • Start date Start date
S

Stanislav Belov



Microsoft Defender for Cloud

Monthly news

November 2023 Edition
large?v=v2&px=999.png
This is our monthly "What's new" blog post, summarizing product updates and various new assets we released over the past month. In this edition, we are looking at all the goodness from October 2023.

Legend:
large?v=v2&px=999.pngProduct videossmall?v=v2&px=200.pngWebcasts (recordings)small?v=v2&px=200.pngDocs on Microsoftsmall?v=v2&px=200.pngBlogs on Microsoft
large?v=v2&px=999.pngGitHublarge?v=v2&px=999.pngExternal contentsmall?v=v2&px=200.pngProduct improvementssmall?v=v2&px=200.pngAnnouncements
Microsoft Defender for Cloud
small?v=v2&px=200.png

Microsoft Defender for Cloud now supports the latest CIS Azure Security Foundations Benchmark - version 2.0.0 in the Regulatory Compliance dashboard, and a built-in policy initiative in Azure Policy. The release of version 2.0.0 in Microsoft Defender for Cloud is a joint collaborative effort between Microsoft, the Center for Internet Security (CIS), and the user communities. The version 2.0.0 significantly expands assessment scope, which now includes 90+ built-in Azure policies and succeed the prior versions 1.4.0 and 1.3.0 and 1.0 in Microsoft Defender for Cloud and Azure Policy. For more information, you can check out this blog post.
large?v=v2&px=999.pngIn today's digital landscape, where over 90 percent of organizations have embraced multicloud solutions, security teams face the growing complexity of maintaining robust security controls and cloud security posture across multi-cloud environments. Microsoft Defender for Cloud offers protection for cloud infrastructure, applications, and data providing a single contextual view of cloud risks across Azure, Amazon Web Services (AWS), and Google Cloud Platform (GCP). In this blog, we will walk through a few scenarios of misconfigured GCP resources and how Microsoft Defender for Cloud can help proactively identify misconfigurations and allow security teams prevent risks and remediate quickly.
large?v=v2&px=999.pngIn a typical complex web application, file uploads are a common occurrence across various application scenarios (for instance an application responsible for handling employee payroll may have one module accepting proof of identity documents from employees for personal information updates and other module handling employee reimbursement requests based on the uploaded expense receipts). This blog post elucidates one of the architectural patterns that can be employed for efficiently monitoring the malware scan status while utilizing Microsoft Defender for storage malware scanning.

small?v=v2&px=200.png


New DevOps posture management recommendations are now available in public preview for all customers with a connector for Azure DevOps or GitHub. DevOps posture management helps to reduce the attack surface of DevOps environments by uncovering weaknesses in security configurations and access controls. Learn more about DevOps posture management.
large?v=v2&px=999.pngOn October 3rd, high severity vulnerabilities in curl were preannounced. The curl project has announced that curl8.4.0 has now been released, earlier than expected. Two vulnerabilities have now been disclosed: high-severity CVE-2023-38545 and low-severity CVE-2023-38546. Microsoft Defender for Cloud has multiple ways to quickly determine where in your environment you are vulnerable that are covered in this blog.
large?v=v2&px=999.pngDefender for APIs has updated its support for Azure API Management API revisions. Offline revisions no longer appear in the onboarded Defender for APIs inventory and no longer appear to be onboarded to Defender for APIs. Offline revisions don't allow any traffic to be sent to them and pose no risk from a security perspective.
small?v=v2&px=200.pngMicrosoft Defender for Cloud Labs have been updated and now include several new detailed step by step guidance on how to enable, configure and test the Defender for Cloud capabilities.
large?v=v2&px=999.pngDiscover how other organizations successfully use Microsoft Defender for Cloud to protect their cloud workloads. This month we are featuring Rockwell Automation – the largest industrial automation company in the world – that uses Microsoft security solutions, including Defender for Cloud, to secure their environment.
large?v=v2&px=999.pngJoin us Wednesday, December 6th for a virtual day of demos and technical deep dives. And bring your questions for everyone's favorite – Ask Microsoft Anything (AMA). We’re excited for you to join us in the AI era of security. Our goal is to connect you to your security peers and equip you with the technical knowledge that will help you and your team safely and confidently adopt AI.
large?v=v2&px=999.pngJoin our experts in the upcoming webinars to learn what we are doing to secure your workloads running in Azure and other clouds.





Note: If you want to stay current with Defender for Cloud and receive updates in your inbox, please consider subscribing to our monthly newsletter: Microsoft Forms


Continue reading...
 
Back
Top