Microsoft has announced a number of enhancements to help its business and enterprises customers improve security and compliance efforts.
Among these is a new solution for managing insider risk, Microsoft Defender ATP offering EDR for Macs, a “compliance score” for a continuous improvement of their compliance posture, and more.
Azure Sentinel, Microsoft’s cloud-native SIEM that has recently been made generally available, has been equipped with new connectors for collecting security data from a variety of third-party security solutions, including those by Zscaler, Barracuda, and Citrix.
Other improvements include:
- New hunting queries and machine learning-based detections
- A new Threat Intelligence TAXII connector for threat indicator feeds from OSINT and threat intelligence platforms
- URL detonation to enrich alerts and discover threats related to malicious URLs, and more.
The Azure Security Center has been equipped with new capabilities to find misconfigurations and threats for containers and SQL in IaaS, while providing vulnerability assessment for virtual machines.
Microsoft Defender ATP for Mac will be equipped with enterprise detection and response (EDR) capabilities.
Application Guard for Office (available in preview) uses Microsoft Defender ATP to prevent malicious Word, Excel, and PowerPoint files from doing harm.
Azure AD, Microsoft’s identity and access management solution, will get new capabilities, including simplified Azure AD Connect cloud provisioning and a re-imagined My Apps end user app launcher portal that shows all the apps a person has access. In addition to this, Microsoft Authenticator, Microsoft’s software-based authenticator, is now available to customers as part of the Azure Active Directory (Azure AD) free plan.
Azure Firewall Manager (also in public preview) allows customers to manage multiple firewall instances from a single pane of glass.
Compliance and risk management
A new insider risk management solution (currently in private preview) “leverages Microsoft Graph and other services to obtain real-time native signals across Office, Windows and Azure, including file activity, communications sentiment and abnormal user behaviors,” as well as additional third-party signals from HR and playbooks tailored for risks to identify hidden patterns and risks.
Communication Compliance is a new Microsoft 365 solution that helps organizations address code-of-conduct policy violations in company communications across different communication channels (e.g., Microsoft Teams, Exchange Online, etc.)
Microsoft Compliance Score (in public preview) maps customers’ Microsoft 365 configuration settings to common regulations and standards, providing continuous monitoring and recommended actions to improve their compliance posture.
“Even if you’re not an expert in complex regulations like General Data Protection Regulation (GDPR), you can still take action and contribute to progress toward compliance,” Alym Rayani, Senior Director, Microsoft 365, noted.
A new assessment for the California Consumer Privacy Act (CCPA) has also been introduced.