{"id":5390,"date":"2020-12-17T02:34:35","date_gmt":"2020-12-17T02:34:35","guid":{"rendered":"https:\/\/pariswells.com\/blog\/?p=5390"},"modified":"2021-12-17T02:35:19","modified_gmt":"2021-12-17T02:35:19","slug":"azure-security","status":"publish","type":"post","link":"https:\/\/pariswells.com\/blog\/research\/azure-security","title":{"rendered":"Azure Security"},"content":{"rendered":"<p class=\"x_MsoNormal\">\u00a0<\/p><p class=\"x_MsoNormal\"><b><u>Microsoft 365 Defender<\/u><\/b><\/p><ul type=\"disc\"><li class=\"x_MsoListParagraph\">Users and Device health\/security<\/li><li class=\"x_MsoListParagraph\">Accessible from\u00a0<a href=\"https:\/\/security.microsoft.com\/\" target=\"_blank\" rel=\"noopener noreferrer\" data-auth=\"NotApplicable\" data-linkindex=\"0\">https:\/\/security.microsoft.com<\/a><\/li><li class=\"x_MsoListParagraph\">Allows creation\/customization of policies to send email alerts<\/li><li class=\"x_MsoListParagraph\">Min. license requirements for FULL SUITE (<a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/defender\/prerequisites?view=o365-worldwide#licensing-requirements\" target=\"_blank\" rel=\"noopener noreferrer\" data-auth=\"NotApplicable\" data-linkindex=\"1\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/defender\/prerequisites?view=o365-worldwide#licensing-requirements<\/a>)<\/li><li class=\"x_MsoListParagraph\">Secure Score &amp; Improvements available for any license tier (it seems)<\/li><li class=\"x_MsoListParagraph\">Not available through Partner DAP \u2013 Requires logging in as Global Admin or Security Admin<\/li><\/ul><p class=\"x_MsoNormal\">\u00a0<\/p><p class=\"x_MsoNormal\"><b><u>Microsoft 365 Lighthouse<\/u><\/b><\/p><ul type=\"disc\"><li class=\"x_MsoListParagraph\">User and device health\/security<\/li><li class=\"x_MsoListParagraph\">Accessible from\u00a0<a href=\"https:\/\/lighthouse.microsoft.com\/\" target=\"_blank\" rel=\"noopener noreferrer\" data-auth=\"NotApplicable\" data-linkindex=\"2\">https:\/\/lighthouse.microsoft.com<\/a><\/li><li class=\"x_MsoListParagraph\">Still in Preview<\/li><li class=\"x_MsoListParagraph\">Currently limited baseline options and improvements<\/li><li class=\"x_MsoListParagraph\">Client license requirements: M365 Business Premium or M365 E3\u00a0<b><u>ONLY<\/u><\/b>\u00a0(Yes\u2026 if they have higher, it doesn\u2019t work\u2026 yet)<\/li><li class=\"x_MsoListParagraph\">Friendly MSP console &amp; utilizes partner centre relationships<\/li><\/ul><p class=\"x_MsoNormal\">\u00a0<\/p><p class=\"x_MsoNormal\"><b><u>Microsoft Defender for Cloud<\/u><\/b><\/p><p class=\"x_MsoNormal\">@Dennis \u2013 Can I get approval to run the free 30-day trial? This will let us get a better idea as to what\u2019s available under the hood here.<\/p><p><img loading=\"lazy\" decoding=\"async\" width=\"984\" height=\"269\" class=\"alignnone size-full wp-image-5391  img-responsive\" src=\"https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2021\/11\/img_618db230e21e3.png\" alt=\"\" srcset=\"https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2021\/11\/img_618db230e21e3.png 984w, https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2021\/11\/img_618db230e21e3-300x82.png 300w, https:\/\/pariswells.com\/blog\/wp-content\/uploads\/2021\/11\/img_618db230e21e3-768x210.png 768w\" sizes=\"auto, (max-width: 984px) 100vw, 984px\" \/><\/p><ul type=\"disc\"><li class=\"x_MsoListParagraph\">Targets security of resources within Azure Subscriptions (VMs, storage accounts, etc)<b><u><\/u><\/b><\/li><li class=\"x_MsoListParagraph\">It\u2019s an app within the Azure Portal<b><u><\/u><\/b><\/li><\/ul><ul type=\"disc\"><li class=\"x_MsoListParagraph\">Min. license requirement: (<a href=\"https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/defender\/prerequisites?view=o365-worldwide#licensing-requirements\" target=\"_blank\" rel=\"noopener noreferrer\" data-auth=\"NotApplicable\" data-linkindex=\"3\">https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/defender\/prerequisites?view=o365-worldwide#licensing-requirements<\/a>)<\/li><li class=\"x_MsoListParagraph\">Limited\/no access without the min. license<\/li><\/ul><p class=\"x_MsoNormal\"><b><u>\u00a0<\/u><\/b><\/p><p class=\"x_MsoNormal\">There is no \u201cOne place to check\u201d kind of thing &amp; the available information will vary depending on the licenses purchased by the client.<\/p><p class=\"x_MsoNormal\">\u00a0<\/p><p class=\"x_MsoNormal\"><b><u>What can be easily included for any M365 customer through the free tier of Microsoft Defender 365 and\/or Lighthouse<\/u><\/b><\/p><p class=\"x_MsoNormal\">\u00a0<\/p><ul type=\"disc\"><li class=\"x_MsoListParagraph\">Current \u201cRisky Users\u201d<ul type=\"circle\"><li class=\"x_MsoListParagraph\">Risky Sign in behaviour<\/li><li class=\"x_MsoListParagraph\">User accounts with no MFA registrations<\/li><\/ul><\/li><li class=\"x_MsoListParagraph\">Current default MFA stance (Conditional Access, MS Security Defaults)<\/li><li class=\"x_MsoListParagraph\">Device Compliance (assuming Microsoft Endpoint Manager (Intune) is in play)<\/li><li class=\"x_MsoListParagraph\">Current Security Posture Score and Improvements<\/li><\/ul><p class=\"x_MsoNormal\">\u00a0<\/p><p class=\"x_MsoNormal\"><b><u>With M365 E5 (or equivalent) licensing:<\/u><\/b><\/p><p class=\"x_MsoNormal\">\u00a0<\/p><ul type=\"disc\"><li class=\"x_MsoListParagraph\">Incident\/Alert management &amp; history<\/li><li class=\"x_MsoListParagraph\">A degree of alert email notifications<\/li><li class=\"x_MsoListParagraph\">Azure Security Posture Score &amp; Improvements\/Recommendations<\/li><\/ul>","protected":false},"excerpt":{"rendered":"<p>\u00a0Microsoft 365 DefenderUsers and Device health\/securityAccessible from\u00a0https:\/\/security.microsoft.comAllows creation\/customization of policies to send email alertsMin. license requirements for FULL SUITE (https:\/\/docs.microsoft.com\/en-us\/microsoft-365\/security\/defender\/prerequisites?view=o365-worldwide#licensing-requirements)Secure Score &amp; Improvements available for any license [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-5390","post","type-post","status-publish","format-standard","hentry","category-research"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/5390","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/comments?post=5390"}],"version-history":[{"count":2,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/5390\/revisions"}],"predecessor-version":[{"id":5393,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/5390\/revisions\/5393"}],"wp:attachment":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/media?parent=5390"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/categories?post=5390"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/tags?post=5390"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}