082 - Cross Tenant und Defender Updates
May 20, 2022•47 min
Episode description
NEWS
- Musk kauf Twitter - nicht
- Pwn2Own (TrendMicro), Sandbox Outbreak Teams: 450k $, aber auch privescalation Win11, Ubuntu und Sandbox Outbreak Tesla Infotainment System
- Teams Collaborative Annotations - https://www.microsoft.com/microsoft-365/roadmap?featureid=86732
- Google Pixel Ökosystem wie Apple? - https://www.mobiflip.de/kommentar-google-pixel-oekosystem/
- New Outlook - https://techcommunity.microsoft.com/t5/outlook-blog/things-to-know-about-the-new-outlook-for-windows/ba-p/3383964
- MS Build vom 24. - 16.05.2022 - https://mybuild.microsoft.com/
Cross Tenant Access Policies
- Azure AD External Identities
- Azure AD B2B Collaboration (2017)
- Azure AD B2B Direct Connect (Shared Channels) - https://docs.microsoft.com/en-us/azure/active-directory/external-identities/b2b-direct-connect-overview
- Wichtig: Es gibt kein AAD Object in eurem Tenant mehr
- Conditional Access funktioniert, aber denkt dran dass es keine User Objekt mehr gibt (Trusted Guest Scenario)
- Tech Community Post zu XTAP: https://techcommunity.microsoft.com/t5/microsoft-teams-community-blog/teams-connect-with-your-partners-get-to-know-the-azure-ad-config/ba-p/3267140
- Trust Settings sind cool besonders für Complex Orgs
Defender Updates
- TVM heißt jetzt Microsoft Defender Vulnerability Management: https://docs.microsoft.com/de-de/microsoft-365/security/defender-vulnerability-management/defender-vulnerability-management-capabilities?view=o365-worldwide
- Stand alone oder als Add-On zu P2
- P2
- Device discovery
- Device inventory
- Vulnerability assessment
- Configuration assessment
- Risk based prio
- Remediation tracking
- Software assessment
- Add-on
- Security Baseline Assessment
- Block vuln apps
- Browser extensions
- Certificate assessment
- Network Share Analysis
- MDE Troubleshooting Mode: https://jeffreyappel.nl/microsoft-defender-for-endpoint-troubleshooting-mode-how-to-use-it/