This article is contributed. See the original author and article here.
Introducing the first AI copilot experience for Dynamics 365 Commerce
For Merchandisers tasked with managing large product catalogs, the creation of high-quality “enriched” marketing content for their digital commerce channels can be a daunting and labor-intensive process. Especially if the Merchandiser is untrained in the creation of marketing copy. Yet it is incredibly important to have “enriched” content at the product level, where it can increase customer engagement, improve customer understanding, and drive natural search engine ranking, which all lead to higher conversion rates.
It is for this reason that Dynamics 365 Commerce is thrilled to announce the preview of ‘Commerce Copilot’, which provides a fast and efficient way of authoring product enrichment content for your B2B and B2C digital commerce websites.
Use Commerce Copilot to jump-start the creative process by first selecting a tone, configured by you, that aligns to your brand, like “adventurous”, “luxurious” or “bold”. Then select an audience choice from choices managed by you, like “sports enthusiast” or “college graduate”. Copilot will then use these prompts to craft compelling and engaging content that makes use of your existing product information like name, description, attributes, price and more!
You can further augment your newly enriched content with key product highlights or tune it to be optimized for search engines. But you always remain in control and have the ability to review and modify any content before it is published!
The Commerce Copilot for enriched product content is now available as a public preview for digital commerce customers based in United States. Additional market availability will be enabled soon.
This article is contributed. See the original author and article here.
In today’s digital age, collaboration platforms like Microsoft Teams have become the norm for businesses to communicate, stay connected, and share information. However, as organizations increasingly rely on these platforms, there has also been a surge in regulatory compliance and business conduct violations that occur on these platforms. Collaboration and messaging apps are one of the top three sources and that’s concerning. Many organizations, particularly financial institutions, healthcare providers, and other regulated industries face significant legal and reputational risks if non-compliant messages are shared during meetings.
Across Microsoft Teams, Outlook, and third-party apps like Instant Bloomberg, Microsoft Purview Communication Compliance provides the tools to help organizations detect regulatory (e.g. SEC or FINRA) and business conduct compliance violations, such as sensitive or confidential information, harassing or threatening language, and sharing of adult content. Built with privacy by design, usernames are pseudonymized by default, role-based access controls are built in, investigators are opted in by an admin, and audit logs are in place to help ensure user-level privacy.
We continue to invest in Communication Compliance and Microsoft Teams integrations to ensure compliant collaboration, including our existing capabilities like the ability to detect regulatory compliance or business conduct violations in a Teams chat, channel, and more.
Live transcription of Microsoft Teams meetings not only makes your meetings more productive and inclusive for participants but they are also official documentation, putting emphasis on detecting potential regulatory and business conduction violations all the more critical. With Teams supporting up to 34 language options for transcription, Communication Compliance is able to detect potential violations in all 34 languages.
This feature is only available for Teams meetings that attendees have opted in to record.
Communication Compliance Investigators with designated role-based access control permissions can then review the policy match in the meeting transcript alongside the video snippet feature that will be rolled out in October.
Additionally, Advanced eDiscovery can collect & review critical metadata associated to Teams meeting recordings and video files in OneDrive and SharePoint, including transcripts/captions, chapters, and custom thumbnails. This metadata can be used to identify the critical data within a Teams meeting more efficiently, especially with the ability to view the transcripts right within the review set.
Figure 1: View of meeting transcript shown alongside video snippet of regulatory compliance violation that occurred
Learn more about detecting communication in Microsoft Teams
Watch our latest video to learn how Microsoft Purview Communication Compliance can help safeguard Microsoft Teams data and ensure communications meet regulatory and business conduct requirements.
We also are happy to share that there is an easier way for you to try Microsoft Purview solutions directly in the Microsoft Purview compliance portal with a free trial (an active Microsoft 365 E3 subscription is required as a prerequisite). By enabling the trial in the compliance portal, you can quickly start using all capabilities of Microsoft Purview, including Insider Risk Management, Communication Compliance, Records Management, Audit, eDiscovery, Information Protection, Data Lifecycle Management, Data Loss Prevention, and Compliance Manager.
Visit your Microsoft Purview compliance portal for more details or check out the Microsoft Purview solutions trial (an active Microsoft 365 E3 subscription is required as a prerequisite).
If you are a current Communication Compliance customer and are interested in learning more about how Communication Compliance can help safeguard sensitive information and detect potential regulatory or business conduct violations, check out the resources available on our “Become a Communication Compliance Ninja” resource page.
This article is contributed. See the original author and article here.
AI is ready to support work—the question is: What will your business do with it?
Join us at the Microsoft Business Applications Launch Event on October 25 and explore how to create an AI-powered business that helps people and teams be more productive, solve problems quickly, and focus more energy on building revenue.
This will mark our tenth Business Applications Launch Event—a milestone in our commitment to business app innovation, our customers, and our partners. But we’re just getting started. To see what’s next—and what it means for your organization—you’ll hear directly from Microsoft leaders about their vision for AI, customer service, enterprise resource planning (ERP), and low-code solutions.
The latest AI in Microsoft Dynamics 365 Sales that provides relevant recommendations, summarizes data, retrieves information, and performs actions within the flow of work.
Advanced Copilot capabilities in Microsoft Dynamics 365 Customer Service that streamline agents’ workspaces, let them see transcripts of live chats and voice calls in their inboxes, and allow them to respond to customers quickly with the right information.
New Microsoft Sales Copilot features that help compose emails, update customer relationship management (CRM) records, recap meetings, and offer real-time tips to help sales teams close more deals.
Enhanced automation in Microsoft Dynamics 365 Finance to help handle accounts payable and bank statements, complex tax scenarios, and e-invoicing requirements in more markets.
New Copilot features in Dynamics 365 Customer Insights to help marketers quickly create memorable customer experiences using whole new levels of personalization for emails, images, and layouts.
Plus, learn about updates for Microsoft Dynamics 365 Supply Chain Management, Microsoft Dynamics 365 Commerce, and Microsoft Dynamics 365 Human Resources—all ready to help your employees be more productive, build customer loyalty, and drive meaningful growth. You’ll also hear from Charles Lamanna, Microsoft Corporate Vice President of Business Applications and Platforms, about what’s driving innovation today. Then catch some of the newest AI capabilities in action, with demos led by the people behind the 2023 release wave 2, offering expert guidance on how these updates will help you:
Improve insights, save time, and fuel creativity with the latest AI-powered solutions.
Empower your employees to focus on revenue-generating work and avoid repetitive tasks with automation.
Connect people, data, and processes across your organization using modern, AI-enhanced collaboration tools.
Insights on putting AI to work for you
The Business Applications Launch Event is more than our chance to showcase hundreds of new features and updates. It’s also a great opportunity for you to learn expert tips on how to apply these new technologies to some of your business’ biggest challenges. And if you have questions about new features, the role of AI at work, the evolution of copilots, or what’s ahead for business apps, get them answered by experts—we’ll be hosting a live Q&A chat at the end of the event, so be sure to stick around.
It’s been inspiring to see all the new features that the Dynamics 365 team has been working on, and we’re looking forward to celebrating 10 events’ worth of advancing business applications ahead.
This article is contributed. See the original author and article here.
The use of SaaS applications has become widespread in businesses of all sizes. With more SaaS apps in use, there are more potential targets for attackers. They frequently exploit centralized user authentication systems targeting unaware users with phishing attacks. Attackers can take advantage of this lack of awareness to trick users into authorizing malicious apps, steal credentials and gain access to multiple services. Attack techniques are getting more sophisticated and frequent exploits of poorly designed of SaaS applications are on the rise.
In this blog, we’ll demonstrate how SOC teams can benefit from App governance and its integration with Advanced Hunting to better secure SaaS apps.
Why use advanced hunting?
Advanced hunting uses a powerful query language called Kusto Query Language (KQL). KQL allows security analysts to create complex queries that can filter, aggregate, and analyze large volumes of data collected from endpoints, such as security events, process data, network activity, and more. However, this can be challenging for new security analysts who may not be familiar with writing queries in KQL. By using the pre-defined KQL queries and app signals collected in Microsoft 365 Defender, security analysts can immediately benefit from hunting capabilities to investigate app alert insights without having to use any KQL.
A real-life example of threat investigation
Let’s investigate a real-life incident triggered by a built-in threat detection policy in App governance. In our case, the “App impersonating a Microsoft logo” alert was triggered. Using our unified XDR platform, Microsoft 365 Defender, a SOC analyst can access all defender alerts in one place via the incidents view. The SOC analyst can filter on status, severity, incident assignment, service sources and other categories. In Figure 1, the Filter Service source = App Governance, Status = New, Severity= High, was applied to help with incident detection and prioritization.
Note: To learn more about App governance built in policies, check out our documentation.
Figure 1. Selecting incidents.
The incident (Figure 1) consists of four alerts that the SOC analyst can review to verify if they are true positives (TP) or false positives (FP) and act accordingly. The SOC analyst can click on the incident and access the attack story (Figure 2), where the alerts can be reviewed in chronological order. They can also view additional information in “What happened” and “Recommended actions” sections which gives the analyst a much better understanding as to why the alert was triggered in the first place with a path forward to remediate.
Figure 2. Reviewing the attack story.
Let’s learn more about the application, by selecting view app details (Figure 3).
Figure 3. Selecting View app details.
Usually, malicious apps will not have any certification or publisher verification because of the app nature community verification would be rare. The combination of all those attributes (highlighted at Figure 4) raise red flags.
Because the app is registered in Azure AD, the SOC team can easily access additional information available in the Azure portal which may help with providing additional context that may help with the incident resolution.
Figure 4. The malicious O365 Outlook Application card, Highlighted red flags and links to Azure AD and App activities in hunting.
In Figure 5, we can see why the machine learning algorithm highlighted the app as malicious, the logo impersonates the original Outlook logo, but the publisher domain does not match the Microsoft domain. The SOC analyst can now follow their company guidelines to disable the app (this can be completed directly in AAD or in App governance app details window – Figure 4)
Figure 5. View of app details in Azure Portal.
Use of Advanced Hunting as part of incident investigation.
After disabling the malicious app, the SOC analyst should investigate further the app activity by selecting, “View app activities” (option highlighted in Figure 4), which will generate the Query 1 also visible in Figure 6. The results visible in Figure 7&8 will include all graph API activities the app preformed on SharePoint Online, Exchange Online, One Drive for Business and Teams workloads.
Figure 6. Advanced hunting query.
Query 1:
// Find all the activities involving the cloud app in last 30 days
| where ((RawEventData.Workload == “SharePoint” or RawEventData.Workload == “OneDrive”) and (ActionType == “FileUploaded” or ActionType == “FileDownloaded”)) or (RawEventData.Workload == “Exchange” and (ActionType == “Send” or ActionType == “MailItemsAccessed”)) or (RawEventData.Workload == “MicrosoftTeams” and (ActionType == “MessagesListed” or ActionType == “MessageRead” or ActionType == “MessagesExported” or ActionType == “MessageSent”))
| extend AppId = appid(RawEventData)
| where AppId == “Paste your app Id“
| where Timestamp between (datetime(“2023-08-08 00:00:00Z”)..30d)
| extend tostring(RawEventData.Id)
| summarize arg_max(Timestamp, *) by RawEventData_Id
In the query results, the analyst can see the IP address which could be an indicator of malicious activity, attackers frequently use IP of bad reputation, blacklisted, Tor exit nodes. Analyzing historical data can reveal patterns of malicious behavior associated with specific IP addresses. This can be useful for threat intelligence and proactive threat hunting. The analyst can also see impacted workloads and action types which are crucial for them to understand hacker actions.
By analyzing these actions, security analysts can trace the steps of the attacker to determine the scope of the breach, how the attacker gained access, and what data or systems may have been compromised. MailItemsAccessed action suggests that an unauthorized user or hacker has accessed the contents of one or more email messages within an email account and UpdateInboxRules can be a sign of an attacker attempting to manipulate email traffic by diverting, filtering, or forwarding messages to their advantage.
Figure 7. Advanced hunting query results.
The analyst may want to create a detection rule (option visible on Figure 6) to proactively identify and alert on similar suspicious activities in the future, which is essential for enhancing an organization’s ability to detect and respond to security threats effectively, automate alerts, reduce false positives, and stay ahead of evolving cyber threats. Learn more about custom detections rules and how to create them here.
By selecting one of the records (Figure 8), the SOC analyst can get more information about the impacted user to act accordingly and “stop the bleeding.” They can take immediate action to halt or mitigate the security breach, prevent further access (changing passwords, revoking access privileges or even disabling the compromised account), all result in minimizing the damage. After the bleeding has stopped, the data helps security teams conduct a thorough investigation to determine the root cause of the incident. Understanding how the breach occurred is essential for preventing similar incidents in the future.
Figure 8. Advanced hunting inspected record details.
The app impersonation security incident shows the benefits of app governance machine learning in detecting malicious applications which offers additional layer of protection for your users and organization. The integration of app governance with advanced hunting capabilities provides SOC teams with the tools and insights needed to proactively detect, respond to, and mitigate security threats in SaaS OAuth applications. It allows for a more comprehensive and data-driven approach to SaaS app security, helping organizations protect their critical data and assets.
This article is contributed. See the original author and article here.
Azure Container Apps is now eligible for Azure savings plan for compute! With Azure Container Apps you can build and deploy fully managed, cloud-native apps and microservices using serverless containers. All Azure Container Apps regions and plans are eligible to receive 15% savings (1 year) and 17% savings (3 years) compared to pay-as-you-go when you commit to an Azure savings plan.
Learn about Azure Savings Plan for Compute
The Azure savings plan for compute unlocks lower prices on select compute services when you commit to spend a fixed hourly amount for 1 or 3 years. You choose whether to pay all upfront or monthly at no extra cost. As you use select compute services across the world, your usage is covered by the plan at reduced prices, helping you get more value from your cloud budget. During the times when your usage is above your hourly commitment, you’ll simply be billed at your regular pay-as-you-go prices. With savings automatically applying across compute usage globally, you’ll continue saving even as your usage needs change over time.
Here is an example of how Azure savings plan for compute works. If you buy a 1-year savings plan and commit to $5 USD of spend per hour, Azure automatically applies the savings plan to compute usage globally on an hourly basis up to the example $5 hourly commitment. Hourly Consumption plan vCPU usage for Azure Container Apps in West US would be billed at the lower savings plan price of $0.07344 instead of $0.0864 for active usage as follows:
Usage at or below $5 USD for the hour is billed at lower savings plan prices and covered by the savings plan hourly commitment. Note that you would pay the $5 USD amount every hour, even if usage is less.
For usage above $5 USD for any given hour, the first $5 USD of usage is billed at lower savings plan prices and covered by the savings plan hourly commitment. The amount above $5 USD is billed at pay-as-you-go prices and will be added to the invoice separately.
Azure savings plan for compute is first applied to the product that has the greatest savings plan discount when compared to the equivalent pay-as-you-go rate (see your price list for savings plan pricing). The application prioritization is done to ensure that you receive the maximum benefit from your savings plan investment.
Recent Comments