If you are a security professional or enthusiast, you might be interested in the new announcements from Microsoft secure event that took place on March 28, 2023. Microsoft secure is a new annual security event designed to empower the security community with the latest innovations, insights, and best practices across security, compliance, identity, management, and privacy. In this blog post, we will summarize some of the highlights and key takeaways from the event.
Microsoft secure keynote: AI-driven future for cybersecurity
The event kicked off with a keynote by Vasu Jakkal, Corporate Vice President of Security, Compliance, Identity, and Management at Microsoft, and Charlie Bell, Executive Vice President of Microsoft Security. They shared their vision of how an AI-driven future in cybersecurity can create a safer world for all. They emphasized that security is human-first and tech-driven, and that AI and machine learning can help augment human capabilities and intelligence to detect and respond to threats faster and more effectively.
They also showcased some of the latest AI-powered security innovations from Microsoft, such as:
– Security Copilot: an AI assistant that helps network admins respond to threats in minutes, not days. Security Copilot can analyze alerts, prioritize actions, provide guidance, and automate tasks based on best practices and contextual information.
– Microsoft Sentinel: a cloud-native security information and event management (SIEM) and extended detection and response (XDR) solution that leverages AI to collect, analyze, and correlate data from multiple sources and provide a unified view of the threat landscape.
– Microsoft Purview: a data governance solution that helps organizations manage insider risk and safeguard sensitive information across platforms, apps, and clouds. Microsoft Purview can scan data sources, classify data based on sensitivity and compliance requirements, monitor data activity and access, and enforce policies and controls.
– Microsoft Entra: a zero trust identity solution that enables smarter, real-time access decisions for all identities and cloud-managed endpoints. Microsoft Entra can verify identity using multi-factor authentication (MFA), device health, location, behavior, and risk signals, and grant least-privilege access based on dynamic policies.
– Microsoft Defender for Cloud: a comprehensive cloud security solution that helps organizations protect their cloud workloads from cyberattacks. Microsoft Defender for Cloud can monitor cloud configuration and posture, detect and prevent threats across infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS) environments, and provide recommendations to improve security hygiene and performance.
Microsoft secure innovation sessions: product updates and demos
Following the keynote, there were several innovation sessions that highlighted the latest product updates and demos across security, compliance, identity, management, and privacy. Some of the topics covered were:
– How to use Microsoft Sentinel to proactively hunt for threats using queries, bookmarks, and livestream features.
– How to use Microsoft Purview Insider Risk Management to prevent, detect, and contain internal risks in an organization using built-in policy templates, case management tools, and action capabilities.
– How to create, configure, and manage users and groups in Microsoft Entra using custom security attributes and automatic user provisioning features.
– How to use Microsoft Defender for Cloud to secure your cloud workloads using features such as just-in-time access (JIT), adaptive application controls (AAC), Azure Firewall Manager (AFM), Azure Security Center (ASC), Azure Defender (AD), Azure Sentinel (AS), Microsoft Cloud App Security (MCAS), Microsoft Defender for Endpoint (MDE), Microsoft Defender for Identity (MDI), Microsoft Defender for Office 365 (MDO), Microsoft Defender for Business (MDB), etc.
Microsoft secure breakout sessions: hands-on workshops and product deep dives
Around midday, there were also breakout sessions that offered hands-on workshops and product deep dives organized around four themes: discover technology enabled by AI; enable smarter access decisions; minimize insider risk; maximize privacy protection. Some of the sessions were:
– How to use Security Copilot to respond to a ransomware attack scenario using simulated data and alerts.
– How to use Microsoft Purview Data Map to discover data sources across your hybrid environment and apply data classification labels based on sensitivity levels.
– How to use Microsoft Entra Conditional Access to create dynamic policies based on user identity attributes such as department or role.
– How to use Microsoft Defender for Cloud Secure Score to track and improve your security posture based on best practices.