Microsoft has recently introduced a range of new security tools and features for the Microsoft Entra product family, aimed at helping organizations to improve their security posture. With the ever-increasing sophistication of cyber-attacks and the increasing use of cloud-based services and the proliferation of mobile devices, it’s essential that organizations have effective tools in place …
Background Many customers face challenges in managing their Conditional Access (CA) policies. Over time, they accumulate more and more policies that are created ad-hoc to solve specific business scenarios, resulting in a loss of overview and increased troubleshooting efforts. Microsoft has provided guidance on how to structure your Conditional Access policies in a way that …
In this article Microsoft Global Network Default Public Access Service Endpoints Private Link Internet Routing Preference Azure Services and the solutions you deploy into Azure are connected to the Microsoft global wide-area network also known as the Microsoft Global Network or the Azure Backbone. There are a few different ways to connect to an Azure …
Connecting to Azure Services on the Microsoft Global Network Continue Reading
Microsoft Threat Intelligence has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet (ZINC) involving a malicious variant of an application developed by CyberLink Corp., a software company that develops multimedia software products. This malicious file is a legitimate CyberLink application installer that has been modified to include malicious code that …
Diamond Sleet supply chain compromise distributes a modified CyberLink installer Continue Reading
Microsoft Defender for Cloud is a multicloud application protection platform (CNAPP) designed to protect your cloud-based applications from code-to-cloud. A key component of cloud security is continuously monitoring and managing new vulnerabilities across your cloud workloads. Vulnerability management helps organizations improve their security posture, reduce the attack surface, and prevent security breaches. We are thrilled …
Defender for Cloud unified Vulnerability Assessment powered by Defender Vulnerability Management Continue Reading
We’re thrilled to share that the unified APIs that are part of the Microsoft Graph are now generally available! These APIs come with a single endpoint, permissions, auth model, and access token. The Microsoft Defender Threat Intelligence (Defender TI) API for Incidents, Alerts, and Hunting allows organizations to query Defender TI data to operationalize intelligence …
Unified MDTI APIs in Microsoft Graph Now GA Continue Reading
Today, we are thrilled to announce that we are unleashing the power of threat intelligence to all Microsoft Defender XDR tenants. Starting at Microsoft Ignite, all Defender XDR users will see Microsoft Defender Threat Intelligence (MDTI) in the threat intelligence blade of Defender XDR. This free experience, which is a limited version of MDTI, enables …
Introducing MDTI Free Experience for Microsoft Defender XDR Continue Reading
Introduction Today we are announcing the General Availability (GA) of Azure Machine Learning prompt flow, marking the next step in Azure AI empowering engineers and data scientists to build quality generative AI applications. Prompt flow was initially offered as a feature in Azure Machine Learning, and designed to streamline the prompt engineering process. Through our …
Elevate Your LLM Applications to Production via LLMOps Continue Reading
Introduction A comprehensive overview of the most frequently used and discussed architecture patterns among our customers in various domains. 1) AOAI with Azure Frontdoor for loadbalancing Architecture diagram: Key Highlights: If you set equal weights for all origins and a high latency sensitivity in Azure Front Door, it will consider all origins that have a …
Azure OpenAI Architecture Patterns and implementation steps Continue Reading
Firstly, I would like to thank Benjamin Kovacevic and Yael Bergman for their help with this article. While the existing Sentinel GCP Pub/Sub Audit Logs connector documented here provides a way to ingest GCP platform audit logs, ingesting GCP Firewall logs or VPS logs remains a needed capability. In this blog post I will show a simple way …
Architecture Guidance: How to ingest GCP FirewallVPC logs into Microsoft Sentinel Continue Reading
