CISA Releases Eight Industrial Control Systems Advisories

CISA Releases Eight Industrial Control Systems Advisories

This article is contributed. See the original author and article here.

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

SSL

Secure .gov websites use HTTPS

A lock (lock icon) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Azure Marketplace new offers – January 26, 2023

Azure Marketplace new offers – January 26, 2023

This article is contributed. See the original author and article here.

We continue to expand the Azure Marketplace ecosystem. For this volume, 68 new offers successfully met the onboarding criteria and went live. See details of the new offers below:


 


































































































































































































































































Get it now in our marketplace


42Crunch API Firewall VM Solution.PNG

 



42Crunch API Firewall VM Solution: 42Crunch bridges the gap between API development, security, and operations teams with a simple, automated platform that provides threat protection early in the API lifecycle and lets developers initiate security during design.


AlmaLinux 8.5 Minimal.PNG

AlmaLinux 8.5 Minimal: AlmaLinux 8.5 Minimal for Microsoft Azure is a premier Linux distribution for enterprise cloud environments. This package from Ntegral is an excellent virtual machine (VM) for all workloads that include Node.js, web applications, and database platforms.


AlmaLinux 8.6 Minimal.PNG

AlmaLinux 8.6 Minimal: AlmaLinux 8.6 Minimal for Microsoft Azure is a premier Linux distribution for enterprise cloud environments. This package from Ntegral is an excellent virtual machine (VM) for all workloads that include Node.js, web applications, and database platforms.


AlmaLinux 8.7 Minimal.PNG

AlmaLinux 8.7 Minimal: AlmaLinux 8.7 Minimal for Microsoft Azure is a premier Linux distribution for enterprise cloud environments. This package from Ntegral is an excellent virtual machine (VM) for all workloads that include Node.js, web applications, and database platforms.


Botminds AI - Intelligent Automation Platform for Document Processing.PNG

Botminds AI – Intelligent Automation Platform for Document Processing: Botminds AI is a platform to capture, search, analyze, and automate documents and web data. It brings artificial intelligence for documents to every organization, no coding or AI expertise required.


C2 Backup.PNG

C2 Backup: C2 Backup for Business offers a cloud-to-cloud backup solution for Microsoft 365 services like OneDrive for Business, SharePoint Online, and emails on Exchange Online. Use it to back up your organization’s Microsoft 365 data and ensure continued access in the event of a sudden disaster.


Console Enterprise Edition.PNG

Console Enterprise Edition: Console from Aitrios is a one-stop solution for solution providers such as system integrators, AI developers, and application developers to implement their vision-based AI solutions. Users can easily set up edge sensors and connect them to the cloud before development.


Console Enterprise Edition.PNG

Console Enterprise Edition (JP): The Japanese version of Console from Aitrios is a one-stop solution for solution providers such as system integrators, AI developers, and application developers to implement their vision-based AI solutions. Users can easily set up edge sensors and connect them to the cloud before development.


Cyera - Cloud Data Security.PNG

Cyera – Cloud Data Security: Cyera is a cloud security company that can give your business context and control over your cloud data. It instantly provides a strong baseline for all security, risk management, and compliance efforts and ensures the whole operates within the same policies and guardrails.


Data Science Virtual Desktop - Ubuntu 20.04.PNG

Data Science Virtual Desktop – Ubuntu 20.04 LTS: This bundle from Ntegral contains several popular tools for data exploration, analysis, modeling, and development pre-installed. The AI/ML environment is available in a browser via JupyterHub and Jupyter/IPython notebooks with a separate Jupyter developer environment.


Enterprise Web Content Management Intergrated Matomo.PNG

Enterprise Web Content Management Integrated with Matomo: VMLAB offers a pre-configured, customizable, and secure integration of WordPress and Matomo, which you can use to create websites, blogs, and apps. It easily provides statistical analysis, SEO optimization, and more.


Enterprise Web Content Management Intergrated MinIO.PNG

Enterprise Web Content Management Integrated with MinIO: VMLAB offers a pre-configured, customizable, and secure integration of WordPress and MinIO, a distributed storage server to host your media files. You can extend WordPress with over 45,000 plugins such as an online store, gallery, or forum.


Enterprise Web Content Management with Multi-Websites Management.PNG

Enterprise Web Content Management with Multi-Websites Management: This integration from VMLAB supports deployment of multiple websites by one server, installation, and database. The websites share themes and plugins but operate independently to facilitate construction and management of the station cluster system.


eSentire MDR with Microsoft 365 Defender MXDR.PNG

eSentire MDR with Microsoft 365 Defender: Unlock the power of Microsoft Defender products with eSentire MDR to stop advanced threats and minimize the risk of business disruptions. eSentire’s continuous managed extended detection and response includes elite threat hunting and original research.


eSentire MDR with Microsoft 365 Defender and Microsoft Sentinel MXDR.PNG

eSentire MDR with Microsoft 365 Defender and Microsoft Sentinel: Expert analysts from eSentire identify, contain, respond to, and remediate threats across your Microsoft SIEM, endpoint, identity, email, and cloud security services to stop threats before they disrupt your business operations.


FEITIAN Security Service 3-Year Subscription.PNG

FEITIAN Security Service: 3-Year Subscription: FEITIAN security provides multi-factor authentication and no-password solutions to give your business secure access to computers, mobile devices, servers, shared workspaces, and internet accounts, all while reducing IT management costs.


Firebird 3.0.7 on Ubuntu 18.04 LTS.PNG

Firebird 3.0.7 on Ubuntu 18.04 LTS: Tidal Media provides a secure, quick deployment of Firebird, a powerful SQL relational database management system for Windows and Linux. It supports stored procedures and triggers, full ACID-compliant transactions, incremental backups, and multiple access methods.


Hive Advanced Analytics for Midmarket.PNG

Hive Advanced Analytics for Midmarket: Measure the effectiveness of your enterprise video webcasts with Hive Advanced Analytics. With it, you can dig into detailed metrics for each video event, including participation, quality of experience (QoE), viewers over time, and bandwidth savings.


Hive Core Video Analytics and Optimization Bundle for Midmarket.PNG

Hive Core Video Analytics and Optimization Bundle for Midmarket: This bundle combines several of Hives most popular solutions, so you can reach more employees than ever with internal broadcasts and ensure the best possible viewing experience, with powerful tools to track and understand performance.


ID Document and Biometric Verification.PNG

ID Document and Biometric Verification: AU10TIX creates end-to-end identity verification solutions applying forensic, biometric, and artificial intelligence technologies. Use their proprietary tools to quickly onboard customers and give them a frictionless experience.


Kockpit MongoDB.PNG

Kockpit MongoDB: MongoDB Community Server is a powerful distributed document database, offering a flexible document model, ad hoc queries, indexing, and real-time aggregation. This image from MongoDB offers sophisticated security controls and advanced functions to satisfy privacy and compliance requirements.


Landing Page and Webhook for Software as a Service.PNG

Landing Page and Webhook for Software as a Service: Save time when publishing software as a service (SaaS) offers with a fully functioning landing page and webhook endpoint from Madatech. These required functions are enough to publish your app and manage your current client base.


Lexop.PNG

Lexop: Retain past-due customers by facilitating self-serve payments with Lexop. Its humanized approach ensures increased debt recovery and a significant ROI with its empathetic past-due experience, offering the benefits of personalized outreach at scale with flexible payment schemes.


MootUp Metaverse.PNG

MootUp Metaverse: The MootUp 3D virtual event platform helps you host immersive and hybrid events that are accessible from any device and require no virtual reality (VR) gear. See yourself and the attendees as personalized avatars and wander around the digital event platform space and exhibits.


Nagios Monitoring System on Ubuntu 20.04.PNG

Nagios Monitoring System on Ubuntu 20.04 LTS: Nagios monitors systems, networks, and infrastructure to alert users about issues and when they’re resolved. This pre-configured image from Tidal Media lets you easily consolidate alerts and notifications while maintaining a safe and secure network.


RISE.PNG

RISE: RISE helps customer relationship management and contact center teams simplify customer handling and improve the customer experience with a wide range of managed touch points. Features include a separate queue for customers with special needs and call insights for each agent.


Rocky Linux 8.4 Minimal.PNG

Rocky Linux 8.4 Minimal: Rocky Linux 8.4 Minimal for Microsoft Azure is a premier Linux distribution for enterprise cloud environments. This image from Ntegral is an excellent virtual machine (VM) platform for all workloads that include Node.js, web applications, and various databases.


Rocky Linux 8.6 Minimal.PNG

Rocky Linux 8.6 Minimal: Rocky Linux 8.6 Minimal for Microsoft Azure is a premier Linux distribution for enterprise cloud environments. This image from Ntegral is an excellent virtual machine (VM) platform for all workloads that include Node.js, web applications, and various databases.


Rocky Linux 8.7 Minimal.PNG

Rocky Linux 8.7 Minimal: Rocky Linux 8.7 Minimal for Microsoft Azure is a premier Linux distribution for enterprise cloud environments. This image from Ntegral is an excellent virtual machine (VM) platform for all workloads that include Node.js, web applications, and various databases.


SMART Productivity Licensing.PNG

SMART Productivity Licensing: Companies with multiple subsidiaries or divisions under the same tenant can use SMART Productivity Licensing from Cloudshift for admin delegation. It’s fully integrated into Azure Active Directory and can add users as sub-admins, each granted appropriate permissions.


TCS CUBO.PNG

TCS CUBO: The TCS CUBO workspace helps organizations drive closer collaboration by bringing in an ecosystem of partners to build proofs of concept and technology and offer trials to stakeholders. This evolving, scalable model supports co-innovation, collaboration, and growth.


ThinkBase for Teams.PNG

ThinkBase for Teams: ThinkBase knowledge graphs are the moder, more efficient answer to Expert Systems. You can encode business knowledge, then use the chat interface to interrogate the knowledge graph with new data. ThinkBase lets you describe problems graphically using its fuzzy-logic language rule.


vFunction AI Platform for Application Modernization.PNG

vFunction AI Platform for Application Modernization: The vFunction platform lets software architects and developers rapidly and incrementally modernize legacy applications to unlock the benefits of Microsoft Azure, providing a repeatable and scalable platform for continuous integration and deployment (CI/CD).


vFunction Assessment Hub.PNG

vFunction Assessment Hub: vFunction Assessment Hub provides purpose-build assessment for decision-makers. AI-based analysis condenses data into three high-level indicators so you can assess, prioritize, and drive immediate action on modernization projects by seamlessly onboarding apps into the platform.



Go further with workshops, proofs of concept, and implementations


Espire Infolabs - Machine Learning.PNG

AI/ML Consulting and Implementation: Espire Infolabs will provide comprehensive machine learning solutions for multiple uses. Its extensive pool of experts will work with you to understand the requirements and deliver a solution tailored to your business needs.


App of the Future 5-Day Engagement.PNG

App of the Future: 5-Day Engagement: Insight will help you translate your desired business outcomes into a tangible product using Microsoft Azure, then plan for execution, helping your team better validate, socialize, and estimate your ideas.


Azure Ingestion Framework 4-Week Implementation.PNG

Azure Ingestion Framework: 4-Week Implementation: Adastra will establish a foundational architecture to ingest your data to Microsoft Azure for analytics, integrate a subset of datasets, and build a work/asset report.  


Cloud DevOps Acceleration.PNG

Cloud DevOps Acceleration: Concurrency helps combined cloud and application development team build out automated release management pipelines using GitHub Enterprise, Azure DevOps, and the Microsoft Cloud Adoption Framework.


Cloud Landing Zone and Governance.PNG

Cloud Landing Zone and Governance: Concurrency can help you implement an enterprise landing zone and governance framework consistent with the Azure cloud adoption framework (CAF). This engagement includes education about organizational structures and adoption best practices.


Cloud Migration.PNG

Cloud Migration: Concurrency will help your company migrate necessary resources to Microsoft Azure via lift-and-shift or refactor activities, assessing solutions, preparing wave plans, and migrating per the agreed upon plan.


Competence as a Service 12-Month Consulting Engagemnt.PNG

Competence as a Service: 12-Month Engagement: A squad from RawWorks will help identify and fill knowledge gaps in your IT department, giving you the expertise you need to migrate your environment to Microsoft 365 and Azure.


Connected App Development.PNG

Connected App Development: Concurrency builds end-to-end applications on Azure and container services which interact with IoT and business system endpoints, forming a complete business solution using scalable, secure, and capable platforms.


Infinity Lamps 4-Week Implementation.PNG

Infinity Lamps: 4-Week Implementation: LAMPS is a platform for industrializing cloud migration of SAP workloads. LTI will set up a secure Azure subscription, discuss security concerns, and identify three use cases for your LAMPS pilot before designing and delivering your new solution.


Intelligent Retail Analytics with Azure Synapse 4-Week Proof of Concept.PNG

Intelligent Retail Analytics with Azure Synapse: 4-Week Proof of Concept: Nous’ retail data solution built using Microsoft Cloud for Retail uses Azure Synapse to take data from all sources and make reporting- and AI-ready. This proof of concept modernizes a selected use case so you can experience cloud-scale analytics firsthand.


IoT Data Collection 2-Month Implementation.PNG

IoT Data Collection: 2-Month Implementation: Hitachi Systems will create an IoT data collection service for your public or private cloud that visualizes data from sensors and devices, issuing alerts based on value threshold judgments. This implementation is only available in Japanese.


Security Operations Center Service.PNG

Security Operations Center Service: Sii sp. z oo secure operations center (SOC) service can continuously monitor and improve your organization’s security posture while preventing, analyzing, and responding to threats. Included threat intelligence analyzes current trends to understand future threats.


SIEM and SOAR with Azure Sentinel 2-Week Proof of Concept.PNG

SIEM and SOAR with Azure Sentinel: 2-Week Proof of Concept: Experts from Nous will help design, experience, and adopt Azure Sentinel to secure your products and applications so you can stop threats before they cause harm.


Skaylink Update Management with Azure Arc 1-Day Implementation.PNG

Skaylink Update Management with Azure Arc: 1-Day Implementation: Available in German, this offering from Skaylink simplifies the management of your public and private cloud environments with a centralized tool powered by Azure Arc.



Contact our partners



Azure Business Continuity and Disaster Recovery: 1-Week Assessment



Azure Cost Optimization: 1-Day Assessment



Azure Virtual Desktop: 2-Hour Briefing



Cloud Security Assessment



ControlUp for Physical Endpoints and Apps



Data Warehouse Migration Assessment



DeepBrain AI



FusionOS



Managed Security for Microsoft 365



Nodeflux VisionAIre



Oracle to PostgreSQL Migration Assessment



Reblaze



Retail Analytics Transformation: 2-Week Assessment



Retail Analytics with Synapse: 2 Hour Briefing



SAP Migration Readiness: 2-Week Assessment



Sustainability Assessment



Track Unifying Add-in


Customer Offerings: Security: Microsoft Defender – Advanced Dashboards with Power BI

Customer Offerings: Security: Microsoft Defender – Advanced Dashboards with Power BI

This article is contributed. See the original author and article here.

Introduction


As Microsoft Cloud Solution Architects, we get asked by Businesses, IT Managers and Cybersecurity Experts to accurately report on the Vulnerabilities and CVEs in our environments. This could be as easy as just deploying Endpoint Protection updates or as advanced as deploying every category and 3rd Party Updates using Microsoft Defender for Endpoint.


 


Microsoft Defender for Endpoint Vulnerability Reporting with Power BI – involves implementing a cloud-based reporting and visualization solution that brings exposure to active threats into sharp focus. It is intended to provide value to IT Leaders, Stakeholders, Security & Compliance teams, and Operations Teams that are responsible for mitigating CVE documented risks. The reports provide rich drill throughs that enable full understanding of an organization’s current data and trends. The data is sourced from Microsoft Defender for Endpoint using API calls, stored in a small serverless Azure SQL instance, and can be accessed from anywhere on any device.


 


Outcomes​


Dashboard with summary view that shows CVE vulnerability status for the current month (n-0), the previous month (n-1), and all prior.​


Customization options to exclude specific CVEs and classes of vulnerabilities.​


Cloud installation that creates a small Azure serverless SQL instance, an Azure Automation Account, and an Azure Service Principal.


 


The Report


 


Picture1.png


 


Picture2.png


 


Picture3.png


 


Conclusion


This solution will provide accurate reporting of your Vulnerabilities across the entire Defender for Endpoint Estate.


 


How do I book this engagement?


If you are a Microsoft Premier or Unified customer, you can reach out to your Customer Success Account Manager (CSAM) for more questions!


 


Special thanks to the Dev Team:


Chris Sugdinis, Ken Wygant, Michael Schmidt, Nathan Hughes, Shawn Rand, Todd Sterrett, Jon Ellis, Suhail Abdul Salam, Vikram Sahay, Werner Rall


 


Disclaimer


The sample scripts or Power BI Dashboards are not supported under any Microsoft standard support program or service. The sample scripts or Power BI Dashboards are provided AS IS without warranty of any kind. Microsoft further disclaims all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you. In no event shall Microsoft, its authors, or anyone else involved in the creation, production, or delivery of the scripts or Power BI Dashboards be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or inability to use the sample scripts or documentation, even if Microsoft has been advised of the possibility of such damages.

CISA Releases Eight Industrial Control Systems Advisories

Apple Releases Security Updates for Multiple Products 

This article is contributed. See the original author and article here.

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

SSL

Secure .gov websites use HTTPS

A lock (lock icon) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

CISA Releases Two Industrial Control Systems Advisories

This article is contributed. See the original author and article here.

CISA released two Industrial Control Systems (ICS) advisories on January 24, 2023.These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: