sb-nz logo
Story image

Microsoft's new security innovations at Ignite 2019

05 Nov 2019

With Microsoft Ignite kicking off in Florida this week, Microsoft is wasting no time in detailing its visions for security, compliance, and identity.

Microsoft 365 and Security corporate vice president Kirk Koenigsbauer outlined 10 major security announcements across Azure, Microsoft 365, Office, and Microsoft Defender ATP. 

Microsoft Azure enhanced with a range of security and compliance services

- Azure Sentinel will now include new collectors to assist security analysts with collecting data from different sources such as Citrix, Barracuda, and Zscaler. Furthermore, Microsoft is releasing new hunting queries, as well as machine learning-based detections to help analysts prioritise security events.

- Azure AD will soon feature Azure AD Connect Cloud provisioning, which is a lightweight agent to move identities from disconnected Active Directory forests to the cloud.  Azure AD Connect cloud provisioning is previewing at the end of November, Koenigsbauer says. The company will also work with partners including Akamai, Citrix, F5 Networks and Zscaler to improve access to legacy-auth based applications.  Additionally, Azure AD’s MyApps portal has been redesigned.

- Azure Security Center now features new capabilities to identify misconfigurations and threats for containers and SQL in IaaS.  Security Center also provides vulnerability assessment for virtual machines; integration with security alerts from partners; and quick fixes for remediation.

- Microsoft Authenticator is now available in the Azure Active Directory (Azure AD) free plan. “Deploying Multi-Factor Authentication (MFA) reduces the risk of phishing and other identity-based attacks by 99.9%,” says Koenigsbauer.

- Azure Firewall Manager is now in public preview. Users are able to manage multiple firewall instances through the platform. Microsoft is currently working on creating support for new firewall deployment topologies.

Microsoft 365 and Office

- Microsoft 365 includes a new insider risk management to help security teams detect and remediate threats within an organisation. The solution is currently in public preview.

“This new solution leverages the Microsoft Graph along with third-party signals, like HR systems, to identify hidden patterns that traditional methods would likely miss,” says Koenigsbauger.

- Microsoft 365’s compliance center can now allow users to view data classifications as categorised by types of sensitive information or industry regulations. Users can also take advantage of machine learning and existing data to train classifiers unique to an organisation, such as customer records and HR data.

- Microsoft Compliance Score maps Microsoft 365 configuration settings to common regulations and standards, to help simplify regulatory complexity and reduce risk. It provides continuous monitoring and recommended actions.

- Application Guard for Office is now in public preview. It provides hardware-level and container-based protection against potentially malicious Word, Excel, and PowerPoint files. It also leverages Microsoft Defender ATP to establish whether a document is either malicious or trusted.

Microsoft Defender ATP

- Microsoft Defender Advanced Threat Protection has been extended to introduce new capabilities, including MacOS support (now in preview). Microsoft is also working on adding support for Linux servers.

Story image
Attack from DOS: In Zero We Trust
In combination with malware, DDoS attacks on banks have been used to cause distraction so the transfer of stolen funds goes unnoticed. More
Story image
IBM Security completes industry first with updates to Cloud Pak for Security solution
"With these updates, we will be the first in the industry to bring together external threat intelligence and threat management alongside data security and identity."More
Story image
BlueVoyant acquires Managed Sentinel, builds out Microsoft MSS offerings
“Combining Managed Sentinel’s Azure Sentinel deployment expertise with BlueVoyant’s MDR capabilities will help customers operationalise and maximise Microsoft security technologies."More
Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More
Story image
Why best-practice threat data management provides confident automation
Understanding an organisation’s threat landscape requires having both the right threat data sources and the proper prioritisation to derive actionable threat intelligence for your organisation. More
Story image
Why IT and HR must work together to help businesses weather the storm
Employers are striving to balance team productivity, security and employee engagement. If remote work is the new norm, it’s impossible to ignore the challenging nature of the situation, writes Gigamon manager for A/NZ George Tsoukas.More