Azure – Secure Score is now available for Azure

You may already know Secure Score for Office 365, helping you to understand your security settings on Office 365 and providing guidance to increase it. Now, you can have Secure Score for Azure Active Directory (AAD) too The functionality is currently in preview and can be accessed either through the dedicated preview portal (https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/IdentitySecureScore) or by accessing your Azure AD administration portal () or Azure portal (https://portal.azure.com/) and then reaching…

Read More

Azure – New Azure information Protection Client available

A new version (1.37.19.0) of the Azure Information Protection Client has been released. You can download it from https://www.microsoft.com/en-us/download/details.aspx?id=53018 This version includes few updates and changes: Support for the ISO standard for PDF encryption. You need to configure the below advanced configuration to enable it and then keep the PDF format for encrypted PDF files instead of using the PPDF Labels applying protection are now displayed on Office 2016 clients…

Read More

Security – The latest Threat Modeling tool is now in GA

The latest version of Microsoft Threat Modeling Tool (TMT) is now available in general availability (GA). If you were using the preview, you will be prompted to upgrade – NOTE it will mandatory to upgrade after Oct 15th. The 2016 version is still supported until Oct 1st, 2019. If you want to start using the tool go there. For those who do not know what MTM is, this is a…

Read More

Intune – You can now target specific users/devices when applying Windows Hello policy

With the latest updates on Intune, you can now define specific users/devices when you apply a Windows Hello policy. Until then, the Windows Hello policy was a tenant level settings and as such applied to all users/devices. To define the Windows Hello policy, go to your Intune configuration blade and reach out the Device configuration\Profiles and create an Identity Protection profile, then you will be able to define the targeted…

Read More

Azure/Office 365 – Multi Factor Authentication app available in preview for Apple Watch

The Multi Factor Authentication application for Azure and Office 365 is now available in preview for use with Apple Watch. It supports both corporate (work account) and personal (Microsoft account) accounts with push notification. You can sign up at https://forms.office.com/Pages/ResponsePage.aspx?id=v4j5cvGGr0GRqy180BHbR68AojHg485IuWUUpl99NURUNFQ0OUpEQzFNRlBHUjc3NkxWSTQzSEhFRi4u

Read More

Azure – Azure Security Center playbooks

4 new playbooks to demonstrate Azure Security Center capabilities are available. With these 4 playbooks you can demonstrate/evaluate Azure Security Capabilities to protect your Azure resources against virus attack, SQL injection, DDoS on public IP or cross site scripting. You can deploy the playbooks from the following URL to your Azure tenant: Virus attack playbook – https://aka.ms/ASCPlaybooksVAttack – deploys 2 virtual machines, OMS and associated network resources. One of the…

Read More

Office 365 – New anti-phishing capabilities added to Advanced Threat Protection

A new default policy is being deployed for Office 365 ATP (Advanced Threat Protection) to protect you against phishing. The new policy is/will be available through the Security and Compliance administration portal (https://protection.office.com/) From there, reach out the Threat Management\Policy section and then click on ATP anti-phishing option Then the Default policy is not displayed in the list of policy; it is displayed using the button Default policy By clicking…

Read More

Azure – An updated interface for Azure AD Roles management

The Azure Active Directory Roles configuration blade has been updated to provide more details and management option for Azure AD Roles. Connect to your Azure administration portal (https://portal.azure.com) or Azure AD administration portal (https://aad.portal.azure.com) and reach out your Azure Active Directory blade or Then reach out the Roles and administrators blade At first sight it does not seems to had some changes but it has been updated; first, if you…

Read More

Azure – Azure AD Conditional Access sign-ins reports in preview

You may already be aware of this security feature called Azure AD Conditional Access helping you protecting and securing access to your resources published through Azure AD. A new capability to this feature has been added (in preview) to provide a better reporting and troubleshooting capabilities: Azure AD Conditional Access Sign-Ins Report To start using it, logon to your Azure AD administration portal – either from the Azure portal (https://portal.azure.com)…

Read More

Azure – A new security feature available in preview in Azure: Azure Firewall

Microsoft has introduced a new security feature in Azure, in preview, called Azure Firewall. Azure Firewall is going to help you protect your Azure vNET. Like with other on-premises firewall solutions, Azure Firewall supports: FQDN filtering Traffic filtering rules SNAT support Integration with Azure Monitor logging (diagram courtesy Microsoft)   As this is a preview, there is still few things: If a network security group (NSG) is applied on the…

Read More

Azure / Office 365 – New registration experience coming for Azure MFA and Azure SSPR

You may already well know the Azure Multi Factor (MFA) and Azure Self Service Password Reset (SSPR) features; if not you are missing a very good piece of your Azure AD/Office 365 services. Well, a new registration experience for Azure MFA and Azure SSPR is currently being in preview to simply the end-user registration experience. With the current experience, end-users had to register twice their details (like phone number or…

Read More

Office 365 – Threat Intelligence trackers

A new Office 365 Threat Intelligence feature is making his way to your Office 365 tenant if you are using Advanced Threat Management. This new feature, called Threat Intelligence Tracker, which is going to help you getting insights about security threats you may face. You can access the trackers from your Security & Compliance portal (https://protection.office.com/) within the Threat Management section

Read More

Azure – Define a security baseline for Azure AD Administrators

A new security feature has been delivered in preview for Azure AD; a security baseline for any Azure AD Administrator. This baseline will be enabled by default (during the preview you HAVE to enable it) and is going to request multi-factor authentication (MFA) for any privileged account like: Global Administrator Service Administrator SharePoint Administrator Exchange Administrator Conditional Access Administrator Security Administrator To enable/disable (while not recommended) the security baseline go…

Read More

Azure – Manage Azure AD Password Protection

So, you have deployed and registered your Azure AD Password Protection agents on your on-premises environment (see https://t.co/PnWZiWbWic). Now you can manage this feature by controlling how it is going to work – aka manage your own banned passwords list, enforce the feature or enable the Smart Lookout (to restrict the risk of getting your AD account locked because somebody is trying to guess your password). To manage Azure AD…

Read More

Azure – Use Azure AD Password Protection with your on-premises Active Directory

You may already know that Azure AD is using advanced technologies to protect your credentials, especially your password. It even detects if the password you are trying to use (when you have to change it due to expiration) has been used too much or has been compromised (or banned). This is a huge security feature but until now this was only available if you use Azure AD for authentication. Starting…

Read More