Highlights from Microsoft Ignite

Microsoft recently concluded its Ignite 2022 conference, where it made several significant security announcements. These announcements are aimed at bolstering Microsoft's security offerings and attracting customers looking for comprehensive solutions. In this blog post, we'll cover the top security announcements from Microsoft Ignite 2022 and explore the potential impact of these updates on the security landscape. 

Defender for DevOps:

Strengthening Development Operations Security One of the major announcements at Microsoft Ignite 2022 was the introduction of Defender for DevOps. This service provides centralized visibility and management of DevOps security across multiple environments. It supports platforms like GitHub and Azure DevOps, with support for other DevOps platforms coming soon. Defender for DevOps helps strengthen cloud resource configurations, prioritize issue remediation, and offers enhanced security for development operations. 

Automatic Ransomware Attack Disruption with Microsoft 365 Defender Microsoft also unveiled an automated ransomware attack disruption feature for Microsoft 365 Defender. By collecting and correlating signals from various sources such as endpoints, identities, emails, documents, and cloud applications, Microsoft 365 Defender can automatically contain affected assets and stop the lateral spread of ransomware. This feature reduces the attack cost, improves recovery resiliency, and allows security operations teams to focus on investigation, remediation, and asset restoration. 

Introducing Microsoft Entra Identity Governance Another notable announcement was the public preview of Microsoft Entra Identity Governance. This update brings new capabilities to Entra Identity Governance, including life cycle workflows for automation, connection to on-premises for consistent policies, and a separation of duties feature for entitlements management and compliance safeguarding. The introduction of conditional access authentication context allows for more granular access policies, enabling users to request step-up authentication for critical business applications or accessing sensitive data. 

Enhancements to Endpoint Management Microsoft will launch an Advanced Management Suite premium endpoint management plan in March. The suite includes Microsoft Intune, which encompasses Microsoft Configuration Manager and additional add-ons. Noteworthy additions to Intune include Microsoft Tunnel for mobile app management (MAM) and endpoint privilege management. Tunnel for MAM provides secure access to company resources without device enrollment, while endpoint privilege management allows IT teams to dynamically elevate standard users with administrative permissions, reducing the risk of attacks. 

Updates to Microsoft Purview Microsoft announced new features for Purview Information Protection at Ignite 2022. This includes trainable classifiers to automate the classification of sensitive content in various categories, with more than 20 classifiers available. Purview Information Protection for Adobe Document Cloud is now generally available, and new built-in features in Office enhance sensitivity and encryption in Outlook emails. Purview eDiscovery's premium version can now capture reactions to Teams messages, providing valuable insights for compliance and monitoring. 

Azure Confidential VMs and Other Security Enhancements Microsoft introduced several updates to Azure Confidential VMs, including a preview for Azure Virtual Desktop confidential VMs to ensure encryption of workloads in memory and protect data in use. Confidential VM node pools for Azure Kubernetes Service (AKS) were also made generally available. These VMs are based on 3rd Gen AMD EPYC processors with Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP). Additionally, Microsoft announced a preview of IP Protection for small and midsize businesses, offering adaptive real-time policy tuning and DDoS protection on a single public IP. 

Microsoft Ignite 2022 brought forth numerous exciting security announcements, reinforcing Microsoft's commitment to providing robust security solutions. With updates like Defender for DevOps, automatic ransomware attack disruption, and the public preview of Entra Identity Governance, Microsoft is offering customers a comprehensive security stack. These advancements, coupled with Microsoft's extensive threat intelligence capabilities and growing market presence, have made their security offerings increasingly attractive to organizations. As security concerns continue to grow, Microsoft's emphasis on consolidation and comprehensive solutions may lead more businesses to consider adopting their security stack. By staying up-to-date with these developments and leveraging Microsoft's security offerings, organizations can enhance their security posture and mitigate potential threats effectively. 

The information provided here is based on the announcements made during Microsoft Ignite 2022 https://www.crn.com/news/security/microsoft-ignite-2022-top-security-announcements?itc=refresh