Microsoft Teams Voice – Mid-Day Café 01-11-2021 Recording

Microsoft Teams Voice – Mid-Day Café 01-11-2021 Recording

by | Jan 11, 2021 | Technology

This article is contributed. See the original author and article here.

HLS Mid-Day Café3.pngOn January 11th at 12 noon eastern we kicked of the first HLS Mid-Day Café and featured Microsoft’s Raj Gopalakrishnan, Sr. Director and Principal Program Manager, Enterprise Engineering, Microsoft Teams. Raj presented on Microsoft Teams Voice and took attendees questions. Additionally, Microsoft’s Samantha Brown, Mark Litwin, Pete Anello, and myself joined to bring the latest in Microsoft News, Events, and more.


Mid-Day Café is a new, weekly, fast paced, live web series by the HLS Group. Join us each Monday at 12 noon eastern.


Resources:


News in 2:



Upcoming Events:



  • Nursing Hackathon Delivered Innovative Solutions Designed to Reimagine Care DeliveryWebcast (January 21st at 11am eastern)

  • Upcoming Mid-Day Café Webcast Schedule

  • February 1 –   Nikita Pitliya and Gregory Lisiak, COVID Vaccine Health Bot

  • February 8 –   Andres Santamaria, Epic FHIR API Integration

  • February 22 – Bill Baer, Microsoft Search

  • March 1 –       Dan Holme, Community/Yammer

  • March 8 –       Mark Kashman, Microsoft Lists

  • March 15 –    Karuana Gatimu, Teams Adoption and Governance


Microsoft Teams Voice:



Have questions/comments/suggestions/requests for the Mid-Day Café team? Post them to our Mailbag! Click here to access the Mid-Day Café Mailbag form.


Thanks for visiting – Michael Gannotti   LinkedIn | Twitter


Michael GannottiMichael Gannotti

EDR for Linux is now generally available

EDR for Linux is now generally available

by | Jan 11, 2021 | Technology

This article is contributed. See the original author and article here.

 

We are excited to announce that endpoint detection and response (EDR) capabilities in Microsoft Defender for Endpoint on Linux server are now generally available.


 


Over the course of the last year, Microsoft Defender for Endpoint was extended to support all major platforms (Windows, Linux, macOS, Android, and iOS). Today we are taking the next step by adding endpoint detection and response (EDR) for Linux. EDR is essential for navigating today’s Linux threat landscape.


 


The full set of Microsoft Defender for Endpoint (Linux) preventive and detection and response capabilities are supported across the six most common Linux server distributions:



  • RHEL 7.2+

  • CentOS Linux 7.2+

  • Ubuntu 16 LTS, or higher LTS

  • SLES 12+

  • Debian 9+

  • Oracle Linux 7.2


The Linux solution can be deployed and configured using Puppet, Ansible, or using your existing Linux configuration management tool.


 


Our customers have joined us on this evolution and given us feedback in every step of the way. For this, we are truly grateful and look forward to the continued partnership.


 


Tomer_Hevlin_0-1610373070035.png


“The upcoming release is an amazing milestone providing us a 360 view on all our platforms for our threat hunting strategy “



  • Guy Fridman, Head Of Security Operation And Response  


 


Detections with context


 


About 6 months ago, we announced the availability of Microsoft Defender for Endpoint (Linux) with preventive antivirus capabilities. Customers can better protect Linux servers, get these devices onboarded in the same portal as their Windows, macOS, and mobile devices, and expand the single pane of glass experience to include Linux-related alerts. With the newly enabled EDR support, security operations can view detections with even richer context. The below device timeline example demonstrates this enriched capability.


 


Tomer_Hevlin_1-1610373070051.png


 


The timeline tab includes information about process creation, network connections, file creations and login events.


 


In the Microsoft Defender for Endpoints (Linux) EDR public preview announcement, we also discussed the post-breach detection capability with an example scenario that customers can use to experience the feature. The below “Suspicious process launched from a world-writable directory” alert is another post-breach detection example.


 


Tomer_Hevlin_2-1610373070073.png


 


Unified investigation experience


 


The timeline is just one piece of the investigation story. Microsoft Defender for Endpoint’s popular advanced hunting tool allows customers to perform free-form investigations using a powerful query engine and an ever-growing set of useful shared queries. Now, customers can use this capability to search for threats across Linux servers, exploring up to 30 days of raw data.


 


Tomer_Hevlin_3-1610373070096.png


 


The well designed architecture also seamlessly enables custom detections on top of the advanced hunting capabilities.


 


The rest of the investigation experience, such as the hyperlinked exploration between the different monitored entities, is consistent with the familiar experience for Windows devices. The monitored entities (e.g. files, processes, network connections, alerts) are available for exploration on Linux devices. Here are a few examples:


 


File page


 


Tomer_Hevlin_0-1610376305334.png


IP Address Page


 


Tomer_Hevlin_1-1610376339154.png


 


How to get started


 


Microsoft Defender for Endpoint (Linux) requires the Servers license. You can find this information in our product terms. Please reach out to your account team for more information and eligibility.


 


To get started, visit our documentation.  If you are already evaluating public preview of Microsoft Defender for Endpoint (Linux) EDR, make sure you update the agent to a released version 101.18.53 or higher.


 


If you are already running Microsoft Defender for Endpoint (Linux) preventive AV in production, your devices will seamlessly receive the new EDR capability as soon as you update the agent to version 101.18.53 or higher.


  


If you’re not yet taking advantage of Microsoft’s industry leading security optics and detection capabilities for endpoints, sign up for a free trial of Microsoft Defender for Endpoint today.


 


Microsoft Defender for Endpoint team


 


 


 

 

 

 

 

 

 

 

 

 

 

EDR for Linux is now generally available

EDR for Linux is now is generally available

by | Jan 11, 2021 | Technology

This article is contributed. See the original author and article here.

 

We are excited to announce that endpoint detection and response (EDR) capabilities in Microsoft Defender for Endpoint on Linux server are now generally available.


 


Over the course of the last year, Microsoft Defender for Endpoint was extended to support all major platforms (Windows, Linux, macOS, Android, and iOS). Today we are taking the next step by adding endpoint detection and response (EDR) for Linux. EDR is essential for navigating today’s Linux threat landscape.


 


The full set of Microsoft Defender for Endpoint (Linux) preventive and detection and response capabilities are supported across the six most common Linux server distributions:



  • RHEL 7.2+

  • CentOS Linux 7.2+

  • Ubuntu 16 LTS, or higher LTS

  • SLES 12+

  • Debian 9+

  • Oracle Linux 7.2


The Linux solution can be deployed and configured using Puppet, Ansible, or using your existing Linux configuration management tool.


 


Our customers have joined us on this evolution and given us feedback in every step of the way. For this, we are truly grateful and look forward to the continued partnership.


 


Tomer_Hevlin_0-1610373070035.png


“The upcoming release is an amazing milestone providing us a 360 view on all our platforms for our threat hunting strategy “



  • Guy Fridman, Head Of Security Operation And Response  


 


Detections with context


 


About 6 months ago, we announced the availability of Microsoft Defender for Endpoint (Linux) with preventive antivirus capabilities. Customers can better protect Linux servers, get these devices onboarded in the same portal as their Windows, macOS, and mobile devices, and expand the single pane of glass experience to include Linux-related alerts. With the newly enabled EDR support, security operations can view detections with even richer context. The below device timeline example demonstrates this enriched capability.


 


Tomer_Hevlin_1-1610373070051.png


 


The timeline tab includes information about process creation, network connections, file creations and login events.


 


In the Microsoft Defender for Endpoints (Linux) EDR public preview announcement, we also discussed the post-breach detection capability with an example scenario that customers can use to experience the feature. The below “Suspicious process launched from a world-writable directory” alert is another post-breach detection example.


 


Tomer_Hevlin_2-1610373070073.png


 


Unified investigation experience


 


The timeline is just one piece of the investigation story. Microsoft Defender for Endpoint’s popular advanced hunting tool allows customers to perform free-form investigations using a powerful query engine and an ever-growing set of useful shared queries. Now, customers can use this capability to search for threats across Linux servers, exploring up to 30 days of raw data.


 


Tomer_Hevlin_3-1610373070096.png


 


The well designed architecture also seamlessly enables custom detections on top of the advanced hunting capabilities.


 


The rest of the investigation experience, such as the hyperlinked exploration between the different monitored entities, is consistent with the familiar experience for Windows devices. The monitored entities (e.g. files, processes, network connections, alerts) are available for exploration on Linux devices. Here are a few examples:


 


File page


 


Tomer_Hevlin_0-1610376305334.png


IP Address Page


 


Tomer_Hevlin_1-1610376339154.png


 


How to get started


 


Microsoft Defender for Endpoint (Linux) requires the Servers license. You can find this information in our product terms. Please reach out to your account team for more information and eligibility.


 


To get started, visit our documentation.  If you are already evaluating public preview of Microsoft Defender for Endpoint (Linux) EDR, make sure you update the agent to a released version 101.18.53 or higher.


 


If you are already running Microsoft Defender for Endpoint (Linux) preventive AV in production, your devices will seamlessly receive the new EDR capability as soon as you update the agent to version 101.18.53 or higher.


  


If you’re not yet taking advantage of Microsoft’s industry leading security optics and detection capabilities for endpoints, sign up for a free trial of Microsoft Defender for Endpoint today.


 


Microsoft Defender for Endpoint team


 


 


 

 

 

 

 

 

 

 

 

 

 

Experiencing Data Access issue in Azure Portal for Many Data Types – 01/11 – Investigating

by | Jan 11, 2021 | Technology

This article is contributed. See the original author and article here.

Initial Update: Monday, 11 January 2021 18:20 UTC

We are aware of issues within Azure Log Analytics ( Virtual Machine insights) and are actively investigating. Some customers may experience Data Access issues. The performance tab in Azure Monitor for Virtual Machines is returning an error in all public regions. Preliminary investigations point to a service component authentication issue.
  • Work Around: <none or details>
  • Next Update: Before 01/11 20:30 UTC
We are working hard to resolve this issue and apologize for any inconvenience.
-Arish B

Microsoft Releases Security Updates for Edge

by | Jan 11, 2021 | Security, Technology

This article is contributed. See the original author and article here.

Microsoft has released a security update to address multiple vulnerabilities in Edge (Chromium-based). An attacker could exploit some of these vulnerabilities to take control of an affected system.  

CISA encourages users and administrators to review the latest entry for Microsoft Security Advisory ADV200002 and apply the necessary updates.