Microsoft offers Azure Sentinel updates, a mobile security app, new certificates and more

Passwordless authentication for cloud and hybrid environments. Azure AD allows users to sign in with biometrics or Windows Hello for Business, a Microsoft Authenticator app, or partners with Microsoft Intelligent Security Association compatible FIDO2 security keys such as Yubico, Feitian, and AuthenTendend. With a temporary entry pass, now in preview, you can generate a time-limited code to set or retrieve passwordless credentials.

More than 30 new connectors for Azure Sentinel have made it easy to collect data across all cloud environments, including Salesforce Services Cloud, VMware and Cisco Umbrella. It includes new security orchestration response (SOAR) to create automation rules, block suspicious IP addresses in Azure firewall, isolate endpoint devices with Microsoft Intune, and update user risk status with Azure Active Directory Identity Security. There is also a playbook. There are also improvements in data ingestion and advanced analytics.

Now in preview

Windows Server 2022, which will be available in this calendar year, will allow customers to run applications on Azure, on-premises, or on the side. With its enhanced functionality, it will boast a couple attracting security features. The key is a secure-core server, which uses hardware, firmware, and operating system capabilities. It includes Trusted Platform Module 2.0 (TPM 2.0) to provide hardware root-of-trust, firmware security, and virtualization-based security. The Windows Admin Center security tool (also in preview) will report on secure-key features and enable them to be implemented.

More Kindle Coverage:

Microsoft 2021 ignited: more teams updates and enhancements [full story]

Microsoft Announces Three New Industry-Specific Cloud Offers [Full Story]

Microsoft Launches Mix Reality Platform On Ignite [Full Story]

Edge will implement Secure-Core Security in Secure-Core IoT devices.

An integrated mobile security app for iOS and Android will combine Microsoft Defender for Endpoint and Microsoft Tunnel (VPN) to simplify the end-user experience and increase customer security. It will be known as Microsoft Defender for the endpoint and will be in preview this month.

Azure Key Vault Managed HSM is a fully managed single-tenant core management service with 140–2 Level 3 valid hardware security modules.

Always encrypted with Secure Enclave (protected area of memory enabling confidential queries), which is available for preview in SQL Server 2019 and Azal SQL databases.

The trusted launch, which protects against boot kits, rootkits, and kernel-level malware, is now available for confidential and non-confidential virtual machines (VMs).

Azure Security Center gets new reporting capabilities for creating quick reports, either with out-of-the-box reports or by writing your own in the Azu Workbook.

Azure Sentinel will share event views, schemas and integrated user experiences with Microsoft 365 Defender. It will also provide connectors to Azure Storage, Azure SQL, Azure Kubernetes Service and Azure Key Vault.

Microsoft 365 Defender enhancements will allow customers to test and improve on endpoints and through a single integrated Defender 365 portal in Office 365. This will include integrated alerts, user and inquiry pages that allow automated analysis, extended email alerts, and a learning hub.

Threat Analytics, available for Defender for Endpoint, is coming to Microsoft 365 Defender.

Microsoft 365 Insider Risk Management Analytics, which can identify potential insider risk activity within an organization and enter public preview later this month, helps inform policy configuration.

Microsoft 365 is offering data loss prevention (DLP) for Chrome browsers and on-premises server-based environments such as file shares and SharePoint Server 2010/2013).

Handling security skills gaps

Microsoft has added four new certifications in the security field to address the skills gap:

Microsoft Certified: Authentication of Security, Compliance and Identity Fundamentals will help individuals become familiar with the core principles of security, compliance, and identity in cloud-based and related Microsoft services.

Microsoft Certified: Information Security Administrator Associate certification focuses on the planning and implementation of controls that meet organizational compliance requirements.

Microsoft Certified: Security Operations Analyst Partner Certification helps security operations professionals design threat protection and response systems.

Microsoft Certified: Identity and Access Administrator Associate Authentication helps individuals design, implement, and operate an organization's identity and access management systems using Azure Active Directory (Azure AD).