Tuesday, April 13, 2021

Microsoft Security Blogs Posts

Title: Secure unmanaged devices with Microsoft Defender for Endpoint now
URL: https://www.microsoft.com/security/blog/2021/04/13/secure-unmanaged-devices-with-microsoft-defender-for-endpoint-now/
Date Published (MM/dd/YYYY): 04/13/2021

New Microsoft Defender for Endpoint capabilities let organizations discover and secure unmanaged workstations, mobile devices, servers, and network devices.

Title: Network device discovery and vulnerability assessments
URL: https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/network-device-discovery-and-vulnerability-assessments/ba-p/2267548
Published On

Title: Configuring exclusions for Splunk on RedHat Linux 7.9
URL: https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/configuring-exclusions-for-splunk-on-redhat-linux-7-9/ba-p/2261914
Published On (YYYY-dd-MM):2021-13-04


Several customers have approached me on how to configure Splunk antivirus exclusions for processes, folders, and files within Microsoft Defender for Endpoint on RedHat Enterprise Linux.  This quick reference article has been created to address this common question.

\Title: How far have we come? The evolution of securing identities

URL: https://www.microsoft.com/security/blog/2021/04/13/how-far-have-we-come-the-evolution-of-securing-identities/
Date Published (MM/dd/YYYY): 04/13/2021

What are today’s biggest identity challenges? Have I Been Pwned Founder Troy Hunt talks with Microsoft about the current state of identity

Title: What’s new: Incident timeline
URL: https://techcommunity.microsoft.com/t5/azure-sentinel/what-s-new-incident-timeline/ba-p/2267683
Published On (MM/dd/yyyy): 04/13/2021

Building a timeline of a cyber security incident is one of the most critical parts of affective incident investigation and response. It is essential in order to understand the path of the attack, its scope and to determine appropriate response measures.


Now in public preview, we are redesigning the Azure Sentinel full incident page to display the alerts and bookmarks that are part of the incident in a chronological order. As more alerts are added to the incident, and as more bookmarks are added by analysts, the timeline will update to reflect the information known on the incidents.