RSA Conference Highlights & Updates on Sentinel, Defender, and Entra!
April proved to be a remarkable month for Microsoft, marked by a series of noteworthy announcements. If you happened to miss our RSA Conference (RSAC), here are the key highlights around our security tools, including Sentinel, Defender, and Entra.
🤖🕵️♂️ A standout is the Microsoft Security Copilot, powered by #OpenAI's GPT-4 model. This AI-enabled solution provides a security-specific model that can efficiently deploy skills and queries to strengthen security postures, aid in incident response, and detect threats.
💻🎯 In Sentinel, Microsoft’s SIEM solution, two new features were introduced: Workspace Manager and the Hunts capability. The Workspace Manager offers a centralized point for managing multiple workspaces at scale, supporting multi-tenant scenarios with Azure Lighthouse. The Hunts feature allows security operations to manage end-to-end hunting use cases, keeping track of hunts in one place.
🔒🚀 Microsoft also unveiled the public preview of Defender for APIs, a new cloud-native application protection platform. This new feature integrates with Azure API Management, offering ML-driven anomaly detection capabilities to help secure business-critical Azure APIs.
📱🔧 In addition, the company announced integrations for Microsoft Entra and an update for Intune that allows for the management of Windows LAPS (Local Administrator Password Solution) through a cloud-based endpoint management solution.
Links to documentation:
Sentinel: RSAC 2023: Microsoft Sentinel empowering the SOC with next-gen SIEM - Microsoft Community Hub
Defender Firewall for APIs: Microsoft bolsters cloud-native security in Defender for Cloud with new API security capabilities - Microsoft Community Hub
Entra integrations: Building Stronger Identity Solutions with New Microsoft Entra Integrations - Microsoft Community Hub