En este episodio comentamos las novedades principales de Microsoft Seguridad en Sentinel, la suite de Defender y Azure AD. Tratamos casos interesantes donde en el entorno de la integracion de IT e IoT, y otros casos de uso donde clientes buscan detectar comportamientos abusivos entre usuarios
- M365 Defender E5 offer para Sentinel
- AWS S3 connector para Sentinel
- Solucion Insider Risk Management para Sentinel
- Solucion Zero Trust (TIC 3.0) para Sentinel
- Nuevo plan de Defender para contenedores y Kubernetes
- Nuevas deteccions de Defender para Storage
- Workbooks de Defender incluyen cumplimiento, vision global del Network security en Azure, postura de seguridad, vulnerabilidades
- Defender for Endpoint es capaz de descubrir dispositivos de IoT en la misma red
Azure AD servicios en GA en Diciembre
- Continuous Access Evaluation – Provides security and resilience benefits by issuing long lived tokens and being able to revoke user access in near real-time when risk is introduced, such as when a user changes their password, or the user moves to an untrusted location.
- Registration campaign for users to set up Microsoft Authenticator (Nudge) – Supports you to move your organization to be more secure by prompting users to adopt the Microsoft Authenticator. Prior to this feature, it was hard for an admin to push their users to set up the Microsoft Authenticator.
- Sign-up and sign-in with an Apple ID using Azure AD B2C – Enables you to configure sign-up and sign-in for users with an Apple ID in Azure AD B2C using predefined user flows or fully configurable custom policies.
Azure AD servicios en Public Preview en Diciembre
- Additional context in Azure Multifactor Authentication notifications – When a user receives a passwordless phone sign-in or push notification in the Microsoft Authenticator, they'll see the name of the application that requests the approval and the app location based on its IP address.
- Number matching in Azure Multifactor Authentication notifications – When a user responds to a push notification using Microsoft Authenticator, they'll be presented with a number. They need to type that number into the app to complete the approval
- Custom security attributes – Enables you to define business-specific attributes that you can assign to Azure AD objects. These attributes can be used to store information, categorize objects, or enforce fine-grained access control. Custom security attributes can be used with Azure attribute-based access control
- Conditional Access for workload identities – Adds support for Conditional Access policies being applicable to service principals in addition to users
- Conditional Access policy templates – Conditional Access templates are designed to provide a convenient method to deploy new policies aligned with Microsoft recommendations. The 14 policy templates are split into policies that would be assigned to user identities or devices
- Self-service password reset (SSPR) writeback using Azure AD cloud sync – When using the light-weight Azure AD Connect cloud sync instead of Azure AD Connect, you can now reset passwords of users from disconnected forests.
- Azure AD B2B guest user sign-in with an email address – When email as an alternate login ID is enabled in the home tenant, Azure AD users can perform guest sign in with non-UPN email on the resource tenanted endpoint.