Microsoft Security Insights Show Episode 193 - Dhani Abey

Stop by as we highlight and celebrate Women in Cybersecurity Month 2024!Show Notes/Links:* Intern Program: https://www.microsoft.com/en-IE/earlycareers/internsapprenticeships* What went Generally Available (GA) since February 2024?* Granular filtering of Conditional Access (CA) policy list – CA policies can now be filtered on actor, target resources, conditions, grant control and session control. The granular filtering experience can help admins quickly discover policies containing specific configurations.* Microsoft Entra ID Protection: Suspicious API traffic detection for users – This new detection is reported when abnormal Microsoft Graph traffic or directory enumeration is observed by a user. Suspicious API traffic might suggest that a user is compromised and conducting reconnaissance in their environment.* Microsoft Entra ID Protection: Risk remediation on the Azure mobile app – Adds remediation capabilities of Microsoft Entra ID Protection which were previously only available in the Microsoft Entra portal to the Azure mobile app. This capability includes comprehensive reporting, offering insights into risky behaviors such as compromised user accounts and suspicious sign-ins, and includes the Risky users and Risky sign-ins report.New public previews* Authentication Flows for Conditional Access – Supports the ability to configure CA policies to restrict or block the usage of certain authentication flows. The first iteration of this feature is limited to device code flow and authentication transfer.* Conditional Access: Require reauthentication every time - Lets you require users to interactively provide credentials again before accessing critical applications and taking sensitive actions on any resource protected by CA.* Workbook for impact analysis of risk-based Conditional Access policies - The Microsoft ID Protection risk analysis workbook helps admins understand what would happen if you create and enable Microsoft Entra ID Protection risk based CA policies in your environment. Workbooks are a collection of information, including queries, tables, and visualizations over a period of time to help you make sense of underlying data from an existing Log Analytics workspace.Watch the live replay… This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.microsoftsecurityinsights.com