sb-au logo
Story image

Microsoft's new security innovations at Ignite 2019

05 Nov 2019

With Microsoft Ignite kicking off in Florida this week, Microsoft is wasting no time in detailing its visions for security, compliance, and identity.

Microsoft 365 and Security corporate vice president Kirk Koenigsbauer outlined 10 major security announcements across Azure, Microsoft 365, Office, and Microsoft Defender ATP. 

Microsoft Azure enhanced with a range of security and compliance services

- Azure Sentinel will now include new collectors to assist security analysts with collecting data from different sources such as Citrix, Barracuda, and Zscaler. Furthermore, Microsoft is releasing new hunting queries, as well as machine learning-based detections to help analysts prioritise security events.

- Azure AD will soon feature Azure AD Connect Cloud provisioning, which is a lightweight agent to move identities from disconnected Active Directory forests to the cloud.  Azure AD Connect cloud provisioning is previewing at the end of November, Koenigsbauer says. The company will also work with partners including Akamai, Citrix, F5 Networks and Zscaler to improve access to legacy-auth based applications.  Additionally, Azure AD’s MyApps portal has been redesigned.

- Azure Security Center now features new capabilities to identify misconfigurations and threats for containers and SQL in IaaS.  Security Center also provides vulnerability assessment for virtual machines; integration with security alerts from partners; and quick fixes for remediation.

- Microsoft Authenticator is now available in the Azure Active Directory (Azure AD) free plan. “Deploying Multi-Factor Authentication (MFA) reduces the risk of phishing and other identity-based attacks by 99.9%,” says Koenigsbauer.

- Azure Firewall Manager is now in public preview. Users are able to manage multiple firewall instances through the platform. Microsoft is currently working on creating support for new firewall deployment topologies.

Microsoft 365 and Office

- Microsoft 365 includes a new insider risk management to help security teams detect and remediate threats within an organisation. The solution is currently in public preview.

“This new solution leverages the Microsoft Graph along with third-party signals, like HR systems, to identify hidden patterns that traditional methods would likely miss,” says Koenigsbauger.

- Microsoft 365’s compliance center can now allow users to view data classifications as categorised by types of sensitive information or industry regulations. Users can also take advantage of machine learning and existing data to train classifiers unique to an organisation, such as customer records and HR data.

- Microsoft Compliance Score maps Microsoft 365 configuration settings to common regulations and standards, to help simplify regulatory complexity and reduce risk. It provides continuous monitoring and recommended actions.

- Application Guard for Office is now in public preview. It provides hardware-level and container-based protection against potentially malicious Word, Excel, and PowerPoint files. It also leverages Microsoft Defender ATP to establish whether a document is either malicious or trusted.

Microsoft Defender ATP

- Microsoft Defender Advanced Threat Protection has been extended to introduce new capabilities, including MacOS support (now in preview). Microsoft is also working on adding support for Linux servers.

Story image
Attivo Networks raises the stakes against 'Ransomware 2.0'
“Advanced human-controlled ransomware can evade endpoint security controls and after initial compromise, move laterally to cause maximum damage, do data exfiltration and encrypt data."More
Story image
Not enough being done to combat email fraud in A/NZ - report
New research from SMX has revealed neither private companies nor government agencies have done enough to stamp out phishing and spoofing campaigns throughout Australia and New Zealand.More
Story image
BYOD security in remote work era still riddled with issues
Bitglass’ 2020 BYOD Report suggests that BYOD and personal device security in organisations still leave much to be desired, even as more organisations adopt flexible BYOD arrangements.More
Story image
Gartner recognises Pulse Secure for Zero Trust Network Access solution
In the market guide, Gartner states that ZTNA augments traditional VPN technologies for application access, and removes the excessive trust once required to allow employees and partners to connect and collaborate. More
Story image
Business climate stabilising for tech companies following COVID crisis - report
The survey shows technology companies are continuing to see customer interest in cybersecurity, cloud computing and other areas.More
Story image
Check Point catches new form of Joker malware targeting Google Play Store
Check Point researchers have identified malware that is disguised as a legitimate looking Android application and is used to capture user’s information. Known as ‘Joker’, the billing fraud malware is specifically designed to evade Google Play Store protections.More