Programmatically Updating Defender for Cloud Integration Settings and enabling the Unified Agent

Overview Defender for Cloud has several integrations with Microsoft’s security ecosystem. These integrations allow data sharing between Defender for Cloud Apps, Defender for Endpoint, and Microsoft Sentinel. Most of these integrations are enabled by default on subscriptions, however in some circumstances some of these settings may not be enabled. The most common setting not enabled … Read more

Automating Network Security Group Creation with Defender for Cloud

As a best practice its generally advised to always have a network security group associated with a subnet which will ensure all resources in the subnet have the capability to be protected with layer 4 access control rules. Specific to virtual machines if you plan on using Defender for Servers Just-in-time virtual machine access a … Read more

Reporting on Defender for Endpoint Agent Status

Report on Defender for Endpoint’s health across Defender 365 and Defender for Cloud

What’s New in Microsoft Security — April Edition

What’s New in Microsoft Security

Defender for Cloud Cost Estimation

In an ongoing effort to understand and plan for costs associated with Defender for Cloud plans the team at Microsoft has been developing workbooks to assist with cost estimation. Each Defender Plan has a different pricing model based on the resource type. These pricing models are best viewed via the Pricing — Azure Defender | Microsoft … Read more

What’s New in Microsoft Security — February Edition

Sentinel Search, Basic Ingestion, Archive, and Data Restoration Ingestion-time transformations and Custom Logs v2 Advanced Security Information Model (ASIM) — out of the box MITRE view Run playbooks on incidents on demand Run playbooks on workbooks on demand Azure Purview Integration Codeless Connector Platform Large Watchlists Defender for Cloud Native CSPM for GCP and threat … Read more

%d bloggers like this: