Newsletter #6 2023
Published on: November 19, 2023
Hi,
First of all, thank you for subscribing and reading the EndpointCave security newsletter.
I feel honored that you will join me on the journey of this bi-weekly Security Newsletter! My goal is to deliver valuable security content directly to you and your inbox.
But I need your help, do you have any valuable content that needs to be shared with the community? Did you create a security blog post or did you find a security-related news item that needs to be mentioned in my upcoming newsletters?
Please send me a message. You can contact me on Twitter (X) or LinkedIn.
The community has created a lot of content in the past two weeks. I would like to share some of those blogs and videos with you. First of all, I want to highlight some content and after the highlights and video, I have shared some blogs from the community for the community. I assume that one of those topics will be interesting for you.
Highlights
MICROSOFT IGNITE BOOK OF NEWS
The Book of News is designed to be your guide to all Microsoft announcements, making it easy for you to navigate the latest information and provide key details on the topics in which you are most interested. Microsoft is excited to share some groundbreaking new products and critical updates that help make work and life easier and more productive.
Introducing a Unified Security Operations Platform with Microsoft Sentinel and Defender XDR
Security teams are tasked with more responsibilities than ever before, and the complexity of today’s security tooling landscape doesn’t make their job any easier. They need to sift through vast amounts of data from various sources which can lead to slower threat response and resolution, increased time spent on learning new technologies, more integrations, and less comprehensive insights. Furthermore, managing the costs associated with data handling remains a significant challenge.
Microsoft is committed to empowering these teams by consolidating the multitude of tools necessary for protecting a digital estate into a single, effective solution powered by AI and automation. This addresses a key pain point in the cybersecurity industry: the need for protection of the entire digital estate and boosting SOC efficiency with simplified tooling experience and management.
With this announcement, Microsoft will deliver:
- A Unified Platform.
- Embedded Security Copilot.
- Automatic Attack Disruption.
- Tailored recommendations.
More information about this Unified Security operations platform can be found here:
Microsoft Security Copilot
Microsoft Copilot is the Microsoft flagship product of Microsoft Ignite from last week. A lot of information has been shared about this new feature. I have shared some of these blogs.
- Microsoft Security Copilot and NIST 800-171
- Supercharge security and compliance efficiency with Microsoft Security Copilot in Microsoft Purview
- Microsoft Security Copilot (preview) and Defender EASM
- Microsoft Security Copilot experiences
- How Microsoft Security Copilot Works
- Operationalizing Microsoft Security Copilot to Reinvent SOC Productivity
- How MDTI Helps Power Security Copilot
- Gain comprehensive data protection and efficient investigation with Microsoft Purview DLP
- Watch Microsoft Security Copilot in action
- Supercharge security and compliance efficiency with Microsoft Security Copilot in Microsoft Purview
A new ASR rule is coming
The new ASR rule “Block Webshell creation for Servers” is now in the official documentation. Unfortunately not much information in the documentation but we can conclude that a new ASR rule is coming.
Security Adoption Framework
The SAF provides guidance for organizations through end-to-end security modernization across a ‘hybrid of everything’ multi-cloud and multi-platform technical estate. The SAF framework is similar to the Cloud Adoption Framework (CAF) and Well-Architected Framework (WAF) as it includes both public guidance and also takes the form of Microsoft Unified workshops where Microsoft experts help customers plan and execute security modernization.
Security topics to watch
Stop hackers from stealing your Microsoft 365 user’s passwords
In this video, Merill will show how you can steal a Microsoft 365 user’s password using a man-in-the-middle phishing attack with a tool like EvilGinx. Merill shows how you can apply conditional access policies in Microsoft Entra to block phishing attacks like this.
TechTalk Dudes S03E03 – Microsoft Entra Inbound Provisioning API
Unlock the full potential of Microsoft Entra Inbound Provisioning API with Ronny and Pim’s latest video guide! Join to delve into the intricacies of this powerful feature, designed to streamline user provisioning within the Microsoft ecosystem.
November 2023 – What’s New in Microsoft Entra Identity & Security w/ Microsoft Security CxE identity
With so many new features being added to the Microsoft Entra Identity platform, join Product Managers Grace Picking and Jorge Lopez from the Microsoft Security CxE team, in the first of a monthly series to highlight what is new across public preview and GA features in Microsoft Entra for November 2023!
Blogs from the community
Thank you for being a part of my newsletter, I hope you found valuable content in my newsletter. I look forward to delivering more valuable content in the future.
Your feedback is welcome, so please feel free to share your thoughts and suggestions for future editions.
Kind Regards,
René
EndpointCave