The security-centric RSA Conference kicks off this week in San Francisco. Following the conference news is a great way to stay updated about the latest security developments being offered in technology. Let’s take a look at the exciting top Microsoft announcements at RSA 2020.
Note: RSA was just purchased by the Symphony Technology Group last week for $2 billion.
Insider Risk Management
Corporate data is everywhere these days: not just on company computers but on employees’ phones and watches too. And with more data locations comes more risk. Microsoft’s Insider Risk Management identifies anomalies in user behavior, flagging activities it deems high-risk in order to protect data. How does it know? Through smart AI and machine learning. Add in an IP Theft template and you have some strong risk management, now generally available. Harassment, Confidentiality, and Security templates are also now offered in preview.
Microsoft Defender ATP for Linux, iOS, and Android
Microsoft is continuing its commitment to availability and unity across multiple platforms. In December they announced the addition of EDR to Microsoft Defender ATP for Mac. At the Ignite conference last November, they previewed new capabilities that would be unfolding for Linux. The RSA conference will bring further discussion of Linux supported server versions, as well as MD ATP for mobile platforms. For instructions on how to deploy to Linux, head over to the Microsoft Docs page: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/linux-install-manually
Also announced is endpoint control for unsanctioned cloud apps. This is in addition to the recently announced Safe Documents, as well as Web Content Filtering. Microsoft Defender ATP is quickly becoming an all-encompassing endpoint protection solution.
Enhancements in Azure Sentinel
Last September Microsoft announced Azure Sentinel as a security information event management (SIEM) solution. Scalable and cloud-native, Azure Sentinel provides powerful threat intelligence and security analytics. Now there are additional enhancements being announced:
- New data connectors and workbooks from partners. In particular, there’s a new connector to integrate IoT to Azure Security Center. This allows for the onboarding of IoT data workloads into Azure Sentinel, from Azure IoT Hub-managed deployments. It also means that Azure Sentinel is the first SIEM available with native IoT support.
- A community-based approach which offers a rewards program as incentive for community contributions in developing dashboards, workflows and more.
- New resources for security teams including guides, samples, new developer docs, and updated GitHub data connectors.
- Importing of AWS CloudTrail logs available from February 24-June 30, 2020 for no additional cost.
If you haven’t tried Azure Sentinel yet, Infused Innovations offers a free 30-day Azure Sentinel proof-of-concept including deployment assistance.
FIDO2 On-Prem Support for Passwordless Authentication
We’ve discussed FIDO2 support for passwordless authentication on our blog extensively. What’s exciting is that Microsoft has now extended this support to Hybrid Azure AD Joined devices for on-premises authentication as well. Since the majority of customers are in hybrid environments, this expansion increases those able to use FIDO2 passwordless authentication by tenfold.
Security Awareness Training for Office 365 ATP Plan 2
Microsoft is partnering with Terranova to provide end-user security awareness training within Office 365 Advanced Threat Protection Plan 2. This supplements the already included phishing simulator. Most regulatory frameworks require both phishing simulations and security training, so this is a great improvement. The new partnership now provides a comprehensive package that many companies can use to justify migrating away from products such as KnowBe4.
Campaign Views for Office 365 ATP P2 has also been made generally available this week. This provides a broad view of ongoing phishing campaigns and vulnerable users in an organization, rather than looking at only one email attack at a time.
Closing Thoughts on the Top Microsoft Announcements at RSA 2020
It will surely be a stimulating week in San Francisco for those at the RSA conference. Technology is bringing us to exciting new capabilities and security enhancements, and Microsoft is at the forefront of these developments. If you aren’t able to attend the conference and would like to learn more about Microsoft’s new offerings, give us a holler and we’d love to fill you in!