Azure – Enable Fusion for Azure Sentinel

With the launch of Azure Sentinel, the cloud SIEM solution from Microsoft, additional capabilities are being added to help improve awareness and security of your infrastructure, both on-premises and online. This may lead to an over flooding alert notifications and as such this reduce the comprehensiveness of a potential incident. To assist with it, Machine Learning is used to aggregate and analyse the information. You can also now improve it…

Read More

Azure Information Protection – New advanced settings for AIP

There has been few new advanced settings made available for Azure Information Protection (AIP): Report an issue from the AIP client Pop-up in Outlook to warm, justify or block sending emails To implement these advanced settings you need to the Advanced Settings option available in the contextual menu of the policy   Report an issue To add the option to report an issue when end-user is using the Azure Information…

Read More

Azure – Blueprints now has built-in samples

UPDATED March 8 – 10:50 AM: blueprints for shared services and ASE/SQL workloads will be released next week. Blueprints for PCI compliance is in the roadmap Azure Blueprints – the Azure feature allowing you to define policies for managing your Azure environment – has been updated and now propose built-in samples to help you quickly start with it. When you create a new Blueprint you now have the choice between…

Read More

Azure – A new security capability is now available in preview: Azure Sentinel

Azure Sentinel is a cloud-based  security information event management (SIEM) and security orchestrator automated response (SOAR)  providing you security analytics and threats intelligence from a single point. During the preview, Azure Sentinel is free of charge. Final pricing will be announced at a later stage; data import from Office 365 is free. To start using it and evaluate it, connect to  https://aka.ms/microsoftazuresentinel with your Azure administrator account start the creation…

Read More

Power BI – Use Power BI as your security dashboard by connecting to Microsoft Graph Security (preview)

As you may know, Microsoft Graph Security is the unified way to gather all security signals from the Microsoft Cloud security solutions (Azure, Office 365, on-premises using connector…). Well, this is now getting better and easier for your security team to get the unified view resulting of these correlation. You can now use the new Power BI Microsoft Graph Security connector and the sample dashboard (https://aka.ms/graphsecuritypowerbiconnectorsamples) to get an rapid…

Read More

Azure – Use Azure Information Protection to apply S/MIME protection (preview)

If you use Azure Information Protection (AIP) you can now use it to apply S/MIME protection. To enable S/MIME protection with AIP, logon to your Azure portal (https://portal.azure.com/) and reach out the Azure Information Protection configuration blade Then access the Policies\<the policy you want to configure> and open the the contextual menu (available at the end) to access the Advanced Settings There you have to configure the following settings and…

Read More

Azure Information Protection – Central management for AIP Scanner is coming

The Azure Information Protection (AIP) scanner is going to be easier to manage: a central management for Azure AIP scanner is coming. This new capability is currently in preview; this means you need to use the Azure Information Protection preview client (version 1.45.32.0 or later) and the required Azure administration portal configuration blade (if this is not yet available in your tenant, you will have to wait as the deployment…

Read More

Flow – You can use Flow to automate actions based on Cloud App Security event

If you are using the Cloud App Security (CAS) service, you can connect Microsoft Flow to it in order to automate actions like generating ticket in SIEM system, send notification to user and/or manager, disable account… To do so you must, off course, have an active Cloud App Security and Flow subscription. Then you need to generate a token to allow Flow to connect to CAS Connect to your Cloud…

Read More

Identity – A new form of identity is being developed by Microsoft

This clearly follows the path of what has been already announced by Microsoft for using blockchain to manage, protect and validate identities. A new form of identity, called Decentralized Identity, is under way to help developer to validate identities. You can start using these API’s (based on the W3C CCG draft specifications – https://w3c-ccg.github.io/did-spec/) by using the samples and documentation available here http://aka.ms/DIDforDevs This will help authenticating and validating various…

Read More

Azure – Integration of PDF Acrobat Reader with Azure Information Protection is now generally available

It has been announced last September at the Ignite 2018 conference and in preview since then. Now, the integration of Acrobat Reader with Azure Information Protection is now GA. To take advantage of it, you have few things to do: Download and deploy the latest Adobe Acrobat Reader from https://get.adobe.com/reader/ Download and deploy the add-in available here https://go.microsoft.com/fwlink/?linkid=2050049 You can also use the Foxit Reader available here https://www.foxitsoftware.com/pdf-reader/ Download and…

Read More

Azure – New Azure Information Protection Client available

The new Azure Information Protection (AIP) client (version 1.41.51.0) is now available for download here https://www.microsoft.com/en-us/download/details.aspx?id=53018 As part of the usual fixes, the new version includes support for central reporting, support for S/MIME or better handling for disconnected client (aka client which will not be able to connect to internet for a certain period of time). Also it no longer excludes MSG, ZIP or RAR files from the Windows Explorer…

Read More

Office 365 – Privileged Access Management is available to Office 365

As announced at the Ignite 2018 conference, a new access management capability is now available to Office 365. This new feature, called Privileged Access Management (PAM), will help you granting on a ‘just in time’ basis high level privileges to Office 365 services. PAM is currently limited to Exchange Online scope. To set it up, you will need to use a security group for the PAM access (if you are…

Read More

Azure – You can enable analytics for Azure Information Protection

This is a new capability being added to Azure Information Protection (AIP), currently in preview. You can now enable analytics for AIP. To do logon to your Azure portal (https://portal.azure.com) and reach out the Azure Information Protection configuration blade From there you should see  Configure analytics (preview) under the Manage section From this configuration blade you can use an existing Log analytics workspace or create a new one; if you…

Read More

Windows / Azure – Reset password from all Windows

You may be already aware that you can provide the ability to your end-user to reset their password (Self Service Password Reset – SSRP) directly from the logon screen for Windows 10 Azure AD Joined device (see https://t.co/LW060QqgGV if you want to know more). Well, Microsoft has announced a major improvement for this feature as you can now use it for all Windows version (from Windows 7 to Windows 10…

Read More