Microsoft Defender for Office 365: Upcoming Changes to Intra-Org Messages

3 mars 2023 Par

Microsoft will be updating the way intra-organizational SCL ratings are assigned for intra-organizational messages. When this will happen: Changes to logging intra-organizational messages will begin rolling out in early April and is expected to be complete by late June. How this will affect your organization: All intra-organizational messages are currently marked with SCL -1 (bypass … […]

Defender for Endpoint and disconnected environments. Which proxy configuration wins?

28 février 2023 Par

This article is a follow-up to a previous one discussing conflicting proxy configurations and how Microsoft Defender for Endpoint behaves in these situations. The first article can be found in here. As outlined in the documentation, Defender for Endpoint supports three different types of proxy configurations: However, when these configurations are mixed, it can cause confusion … […]

Announcing device isolation support for Linux [Public Preview]

28 février 2023 Par

Overview  Some attack scenarios may require you to isolate a device from the network. This action can help prevent the attacker from controlling the compromised device and performing further activities such as data exfiltration and lateral movement. Just like in Windows devices, this device isolation feature disconnects the compromised device from the network while retaining connectivity to the … […]

Customize login pages in Attack Simulation Training

5 janvier 2023 Par

Attack Simulation Training is an intelligent phish risk reduction tool that measures behavior change and automates deployment of an integrated security awareness training program across an organization. It is available with Microsoft 365 E5 or Microsoft Defender for Office 365 P2 plan. As per the previous experience, users were directed to the Microsoft curated credential harvest login … […]

Cross-tenant User Data Migration [General Availability]

8 novembre 2022 Par

Historically, admins that needed to move mailboxes between Microsoft 365 tenants were required to export or offboard the mailbox to on-premises and then import or onboard the mailbox to a new tenant. Today, Microsoft is thrilled to announce that cross-tenant user data migration is now generally available. Specifically, the cross-tenant mailbox migration and cross-tenant OneDrive migration features previously in … […]

Intune – New device control capabilities to manage removable storage media access

8 novembre 2022 Par

Intune is excited to announce new device control capabilities that allows greater flexibility for enhanced endpoint security. This feature allows IT admins to manage access and use of removable storage devices, such as USB and solid-state drives, on Intune-managed devices. Admins will be able to configure the allow, block, or auditing permissions to read, write, … […]

Intune – New device control capabilities to manage removable storage media access in Microsoft Intune

8 novembre 2022 Par

Intune can integrate data from Mobile Threat Defense (MTD) solutions such as Microsoft Defender for Endpoint and other non-Microsoft MTD partners as an information source for unenrolled devices using Intune app protection policies (APP). Admins can use this information to help protect corporate data within an Intune protected app and issue a block or selective wipe through APP conditional launch settings … […]

Windows Hello for Business Hybrid Cloud Kerberos Trust [General Availability]

7 novembre 2022 Par

Microsoft is excited to announce the general availability of hybrid cloud Kerberos trust, a new Windows Hello for Business deployment model that enables a passwordless sign-in experience. Why passwordless and Windows Hello for Business? Windows Hello for Business is a modern, strong, two-factor authentication method that is a more secure alternative to passwords and has … […]

[MDO] Password protected download of quarantined messages

10 août 2022 Par

With this change Microsoft is giving the ability to password protects items they download from quarantine. Microsoft wants users to be confident that the items they are downloading to their systems will not execute involuntarily without their consent, and this capability will allow them to safely transport the items to external analysis tools. When this … […]

Change to soft-deleted period for inactive mailboxes

10 août 2022 Par

When all holds and retention policies are removed from an inactive mailbox, it becomes soft-deleted and remains in Exchange for a period of time to allow for recovery before permanent deletion. Based on customer feedback, and to maintain consistency with other solutions, Microsoft will be changing this period to 30 days (from current 183 days). … […]

Upcoming behavior change to the “DoNotRewrite” List

10 août 2022 Par

With the deployment of the Tenant Allow/Block List, as being the single source of truth for Tenant Allows, other mechanisms for Tenant Allows are being removed. This will give SecOps teams one place to manage all Tenant Allows. Today, “DoNotRewrite” list is used to Skip wrapping URLs Detonation(SONAR) Verdicts. The intended purpose of “DoNotRewrite” is … […]

Maintain protection when creating PDFs [Preview]

10 août 2022 Par

Please review the blog post: Apply sensitivity labels to PDFs created with Office apps for additional details. Coming soon to public preview, Microsoft is introducing the ability to maintain label and protection for PDF files created from Microsoft Office apps.   When this will happen: Public preview: rollout will begin in late June and is expected to … […]

Update to Quarantine retention period for Malware detections

10 août 2022 Par

Given feedback from customer on the need for an additional time to triage the emails or files that were quarantined as result of potential malware, Microsoft is increasing the retention period from 15 days to 30 days. When this will happen Standard Release: will begin rolling this out by end of July and expect to … […]

Microsoft Defender for Cloud Apps – Release 227, 228, 229, 230 & 231

18 juillet 2022 Par

Malware hashes available for SharePoint and OneDrive (Preview)In addition to file hashes available for malware detected in non-Microsoft storage apps, now new malware detection alerts will provide hashes for malware detected in SharePoint and OneDrive. For more information, see Malware detection. SaaS Security Posture Management capabilities for Salesforce and ServiceNowSecurity posture assessments are available for Salesforce … […]

Rollout of Security Default in Microsoft tenants

9 juin 2022 Par

Microsoft has begun the rollout of security defaults to existing customers who haven’t yet rolled out security defaults or Azure AD Conditional Access.  Microsoft introduced security defaults in October 2019 for new tenants, ensuring that new customers would be created and maintained with basic security hygiene in place – especially MFA and modern auth requirements – regardless … […]

MDO – Introducing differentiated protection for priority accounts [General Availability]

2 juin 2022 Par

The April 13, Microsoft announced general availability of differentiated protection for priority accounts, people like executives, leaders, managers, or other users who have access to sensitive, proprietary, or high priority information. With this release, users tagged as priority accounts will receive a higher level of protection against threats. Licences The Priority account protection feature is … […]

Microsoft Defender for Cloud Apps – Release 226

9 mai 2022 Par

Improvements in malware detection for non-Microsoft storage appsDefender for Cloud Apps has introduced major improvements in the non-Microsoft storage apps detection mechanism. This will reduce the number of false positive alerts. Read More