Monthly news - September 2022

AWS

AWS

Owner
FPCH Owner
Joined
Nov 19, 2003
Messages
11,233
Location
Florida U.S.A.
Windows 7
Yandex.Browser 22.7.5.1027

Microsoft 365 Defender
Monthly news
September 2022
398x227?v=v2.png

This is our monthly "What's new" blog post, summarizing product updates and various assets we have across our Defender products.

Legend:
large?v=v2&px=999.pngProduct videoslarge?v=v2&px=999.pngWebcast (recordings)large?v=v2&px=999.pngDocs on Microsoftlarge?v=v2&px=999.pngBlogs on Microsoft
large?v=v2&px=999.pngGitHublarge?v=v2&px=999.pngExternallarge?v=v2&px=999.pngProduct improvementslarge?v=v2&px=999.pngPreviews / Announcements
Microsoft 365 Defender

large?v=v2&px=999.pngDiscover XDR integrations and services in the New Microsoft 365 Defender Partner Catalog. We’re excited to introduce the new Microsoft 365 Defender Partner Catalog, which enables you to easily discover technology and services partners that work with the Microsoft Defender suite of products, all from a central place.
Microsoft Defender for Cloud Apps

large?v=v2&px=999.pngIf you could not join the Webinar "Manage your SaaS Security Posture with Microsoft", it's available on YouTube for you to watch.
large?v=v2&px=999.pngTop Threat Protection Use Cases in Microsoft Defender for Cloud Apps
large?v=v2&px=999.png
Egnyte API connector is generally available
The Egnyte API connector is generally available, providing you with deeper visibility and control over your organization's usage of the Egnyte app. For more information, see How Defender for Cloud Apps helps protect your Egnyte environment.
large?v=v2&px=999.pngLog Collector version update
We've released a new log collector version with the latest vulnerabilities fixes. More details here.
large?v=v2&px=999.pngOnboarding application to session controls (Preview)
The process of onboarding an application to be used for session controls has been improved and should increase the success rate of the onboarding process. More details here.
Microsoft Defender for Endpoint

large?v=v2&px=999.pngNew Device Health Reporting for Microsoft Defender for Endpoint is now generally available. We’ve redesigned the dashboard so that you can view sensor health and antivirus protection status across platforms and easily access detailed Microsoft Defender for Endpoint information.
large?v=v2&px=999.pngAttack Surface Reduction (ASR) Rules Report 2.0 in Microsoft 365 Defender. We are excited to bring a new ASR Rules report 2.0 to you. Try out the report and let us know what you think. Email: ASR_Report_Support@microsoft.com
large?v=v2&px=999.pngNew features available for Mobile Threat Defense on Android & iOS. Privacy Controls, Optional Permissions and Disable Web protection. As of 9/20/22, privacy controls and web protection configuration for Android MAM are now generally available.
large?v=v2&px=999.pngTamper protection will be turned on for all enterprise customers. To further protect our customers, we are announcing that tamper protection will be turned on for all existing customers, unless it has been explicitly turned off in the Microsoft 365 Defender portal.
large?v=v2&px=999.pngWe are excited to announce that Microsoft Defender for Endpoint is now available on Android Enterprise (AE) company-owned personally enabled (COPE) devices. This release adds to the already existing support for installation on enrolled devices for AE bring your own device (BYOD) and AE fully managed modes, the legacy Device Administrator mode, and the unenrolled mobile application management (MAM) devices.
large?v=v2&px=999.pngImproving device discoverability and classification within Defender for Endpoint using Defender for Identity.
Leveraging Microsoft Defender for Identity as a data source for Microsoft Defender for Endpoint device discovery can help improve discovery coverage and fine tune the classification accuracy.

In this blog post, we show how deploying Microsoft Defender for Identity alongside Microsoft Defender for Endpoint can increase both your discovery of devices by ~11% as well as enrich findings by another 33%.
large?v=v2&px=999.png
Device health reporting is now available for US Government customers using Defender for Endpoint.
Device health reporting is now available for GCC, GCC High and DoD customers.
large?v=v2&px=999.png
Troubleshooting mode is now available for more Windows operating systems, including Windows Server 2012 R2 and above.
large?v=v2&px=999.png
Check out the "What's new in Microsoft Defender for Endpoint on Windows" page on docs.
Microsoft Defender for Identity

large?v=v2&px=999.pngIf you could not join the Webinar "Microsoft Defender for Identity | Identity Targeted Attacks - A Researcher's Point of View, it's available on YouTube for you to watch.
large?v=v2&px=999.png
More activities to trigger honeytoken alerts
New for this version, any LDAP or SAMR query against honeytoken accounts will trigger an alert. In addition, if event 5136 is audited, an alert will be triggered when one of the attributes of the honeytoken was changed or if the group membership of the honeytoken was changed.
large?v=v2&px=999.png
New health alert for verifying that the NTLM Auditing is enabled, as described in the health alerts page.
large?v=v2&px=999.png
Updated assessment: Unsecure domain configurations
The unsecure domain configuration assessment available through Microsoft Secure Score now assesses the domain controller LDAP signing policy configuration and alerts if it finds an unsecure configuration. For more information, see Security assessment: Unsecure domain configurations.
Microsoft Defender for IoT

large?v=v2&px=999.pngIf you missed the Webinar "The Last Piece of the XDR Puzzle - Augmenting IT SecOps with IoT Security", it's now available on YouTube for you to watch.
Microsoft Defender for Office 365

large?v=v2&px=999.pngStep-by-step guides v2 has been released! These guides are there to help you with common tasks across the product in a flash, with the minimum information & clicks needed, reducing the time needed by your admins to secure your enterprise.
large?v=v2&px=999.pngIntroducing the Microsoft Defender for Office 365 Security Operations Guide.
When Defender for Office 365 is used, SecOps need to onboard the new tools and tasks into their existing playbooks and workflows. That might come with challenges and questions, such as: “Where do I start? What actions/tasks should I take? How do I integrate with my existing tools and processes?” The Microsoft Defender for Office 365 Security Operations Guide provides useful information to answer these questions. (Security Operations Guide for Defender for Office 365 - Office 365)
large?v=v2&px=999.pngEmail Protection Basics in Microsoft 365: Spoof and Impersonation. The blog series continue to demystify how Microsoft 365 email protection works.
large?v=v2&px=999.pngAutomatic redirection from Office 365 Security and Compliance Center to Microsoft 365 Defender portal - for Government environments. Automatic redirection for users accessing the security solutions in Office 365 Security and Compliance center (protection.office.com) to the appropriate solutions in Microsoft 365 Defender portal (security.microsoft.com). This impacts the following Gov environments: GCC, GCC-High and DoD
large?v=v2&px=999.pngDefense in Depth guidance has been published. Guidance designed to get the best security value from Microsoft Defender for Office 365 when you have third party email filtering.
Microsoft Defender Vulnerability Management

large?v=v2&px=999.png
As of 9/26/22, Vulnerability assessment of apps on iOS devices is now in Public Preview. To configure the feature, read the documentation.

Continue reading...
 

Similar threads

AWS
Monthly news - June 2024
Replies
0
Views
25
AWS
AWS
K
Keylogging malware protection built into Windows
Replies
0
Views
16
KingstonHui
K
M
This Week in Microsoft AI 10-04-2024
Replies
0
Views
12
MichaelGannotti
M
L
New on Microsoft AppSource: June 7-13, 2024
Replies
0
Views
73
Luxmi_Nagaraj
L
AWS
Monthly news - March 2023
Replies
0
Views
161
AWS
AWS
Back
Top