Site icon Infused Innovations

Defender Announcements from Microsoft Ignite 2022

Image shows Microsoft Ignite 2022 graphic with Defender shield

At Microsoft’s IT conference this year, there are plenty of announcements about its security suite Microsoft Defender. This umbrella solution covers a variety of services and integrates with other Microsoft products, now better than ever. Here’s some big Defender news that was announced at Microsoft Ignite 2022.

Defender for DevOps

Customers using DevOps have given feedback that they’ve worried about fragmented security visibility, noting silos between DevOps and security. This makes it a challenge to implement DevSecOps. Microsoft Defender for DevOps is a new solution for this problem. It allows IT admins to centrally manage DevOps security, providing visibility across multiple DevOps environments. Defender for DevOps also strengthens cloud resource configurations in code and aids in prioritizing remediation of critical issues across multi-pipeline or multi-cloud environments.

It’s in preview now supporting platforms like GitHub and Azure DevOps, with other major DevOps platforms to be supported soon as well. Combining these platforms with Defender’s security and automation brings a stronger, more unified experience for developers.

Cloud Security Posture Management (CSPM)

Also in preview now, Microsoft Defender Cloud Security Posture Management (CSPM) brings insights and contextual risk-based information to security teams. New innovations allow for modern and efficient security management:

Defender for Cloud Apps Moving to Microsoft 365 Defender

Defender for Cloud Apps is relocating to the unified Microsoft 365 Defender security portal. All core experiences in Defender for Cloud Apps will now be accessible there:

Defender for Cloud Apps’ OAuth app will converge with App governance for those who have App governance licenses.

Automatic Attack Disruption in Microsoft 365 Defender

With this new feature, high-confidence, cross-workload signals are correlated across endpoints, identity, email, documents, and cloud apps—and automated response actions quickly contain ransomware attacks in progress. Compromised accounts are immediately suspended and infected devices are isolated before viruses can spread. This fast response reduces the overall cost of an attack by minimizing any damage done before attackers can complete their course. Once an attack is stopped, the security team is in full control of investigation, remediation and bringing assets back online when ready.

Defender for Endpoint

For additional defense against ransomware attacks, Microsoft Defender for Endpoint (MDE) will soon have tamper protection turned on by default. The feature was introduced in 2019 to block changes to key security features so that attackers couldn’t get in and disable protections. When tamper protection is enabled, Microsoft Defender Antivirus is locked with secure default values and other apps are blocked from changing certain settings and components that deal with material downloaded from the internet. (In case you don’t want tamper protection on automatically, here’s how to opt out.)

And, last but not least, Microsoft is offering a substantial discount on Defender for Endpoint: 50% off for 12 months. This deal is offered globally for all new and existing customers who want to purchase, renew, or upgrade MDE P1 or P2 licenses. The limited-time offer begins on November 1, 2022 and ends on June 30, 2023.

More News from Microsoft Ignite 2022

For other announcements made at the conference this year, see our Ignite 2022 blog that highlights new features in Teams, Windows 365, Microsoft Entra, and more. And to see a bit about everything Microsoft wanted to show you, see the Ignite book of news.

Exit mobile version