Tag Archives: microsoft
Clear cookies for specific URL on browser close?
Hi there! We are migrating some internal URLs from HTTP to HTTPS and have a requirement to clear cookies for these URLs. Currently the only option would be to clear all cookies for the browser, but wondered if there was a way to automate the clearing of cookies for a specific URL? There is already a policy to keep cookies for specific URLs, so just wondering if a new policy could be created to *remove* cookies for a specific URL.
Hi there! We are migrating some internal URLs from HTTP to HTTPS and have a requirement to clear cookies for these URLs. Currently the only option would be to clear all cookies for the browser, but wondered if there was a way to automate the clearing of cookies for a specific URL? There is already a policy to keep cookies for specific URLs, so just wondering if a new policy could be created to *remove* cookies for a specific URL. Read More
Microsoft Forms responses not showing
Hi All, I have a MS Form which has been working for several years and is linked to a powerautomate flow to put the responses into a sharepoint list etc. Randomly, the form has stopped passing its responses to the flow, it is not showing up as a failure on the flow side it’s as if the response was never submitted.
When I go to the form itself, the responses are in the excel document however the total responses says 1089 yet when I view the spreadsheet or go into the individual responses I can go to responses as far as 1099 (Screenshots Below). I’ve tried deleting old responses from the excel doc and it still does not seem to be solving my issue. Has anyone came across this before?
Thanks!
Hi All, I have a MS Form which has been working for several years and is linked to a powerautomate flow to put the responses into a sharepoint list etc. Randomly, the form has stopped passing its responses to the flow, it is not showing up as a failure on the flow side it’s as if the response was never submitted. When I go to the form itself, the responses are in the excel document however the total responses says 1089 yet when I view the spreadsheet or go into the individual responses I can go to responses as far as 1099 (Screenshots Below). I’ve tried deleting old responses from the excel doc and it still does not seem to be solving my issue. Has anyone came across this before? Thanks! Read More
Styles spontaneous changes
I am using the Styles feature in WORD for section titles in a large [500 page] document at irregular intervals WORD spontaneously changes the settings in multiple Stypes. Does anyone know why or what to do about this?
Alan Woodruff
I am using the Styles feature in WORD for section titles in a large [500 page] document at irregular intervals WORD spontaneously changes the settings in multiple Stypes. Does anyone know why or what to do about this? Alan Woodruff Read More
Salesforce agent copilot chat window – how to implement?
check out this “agent copilot” chat window inside of salesforce:
i got this screenshot from our Microsoft sme – but in turn i have yet to receive any step-by-step on how to enable this in our salesforce cloud or if this agent copilot chat window is even possible? as there is no Microsoft article i can find describing this. even talked to the SME that gave the screenshot and all she sent was article on how to setup copilot sales in outlook and teams.
so i ask this community – have you seen this salesforce copilot chat window and how do you implement this??
check out this “agent copilot” chat window inside of salesforce:i got this screenshot from our Microsoft sme – but in turn i have yet to receive any step-by-step on how to enable this in our salesforce cloud or if this agent copilot chat window is even possible? as there is no Microsoft article i can find describing this. even talked to the SME that gave the screenshot and all she sent was article on how to setup copilot sales in outlook and teams.so i ask this community – have you seen this salesforce copilot chat window and how do you implement this?? Read More
Adding Teams calendar to SharePoint
I am trying to add a Teams group calendar to our SharePoint site. I’ve tried to embed it, link it, use the iframe link, but it is not working. Is there an easy way to do this? I need this to only be “view only” for the members to see a monthly view of meetings and deadlines.
Is this possible? I am an owner of the calendar and have access to it on MS Outlook through the email address associated with it.
Thank you!
I am trying to add a Teams group calendar to our SharePoint site. I’ve tried to embed it, link it, use the iframe link, but it is not working. Is there an easy way to do this? I need this to only be “view only” for the members to see a monthly view of meetings and deadlines. Is this possible? I am an owner of the calendar and have access to it on MS Outlook through the email address associated with it. Thank you! Read More
How to recover VM (node) by using azure cli
Hi community,
How to recover vm (node) by using azure cli connecting from macos to linux node ?
Thanks,
Dieudonne
Hi community,How to recover vm (node) by using azure cli connecting from macos to linux node ?Thanks,Dieudonne Read More
How to recover disk corruption on vm (node linux )
Hi community,
How to recover disk corruption on vm (node linux ) by using azure cli ?
Thanks,
Dieudonne
Hi community,How to recover disk corruption on vm (node linux ) by using azure cli ?Thanks,Dieudonne Read More
Dynamic Connection String SSRS Report
Hello. I am creating a report where I want to have a dynamics connection string for based on a parameter for the Database Name.
Error message I am getting is “Format of the initialization string does not conform to specification starting at index 25.”
Is the concatenation syntax wrong in the connection string? Can anyone point me in the right direction? Thanks!
Hello. I am creating a report where I want to have a dynamics connection string for based on a parameter for the Database Name. Error message I am getting is “Format of the initialization string does not conform to specification starting at index 25.” Is the concatenation syntax wrong in the connection string? Can anyone point me in the right direction? Thanks! Read More
Extremely slow load times when signing in to web applications within Microsoft Edge
I am troubleshooting several issues where users at my organization are experiencing extremely slow load times and incomplete loading when trying to login to particular web applications. These issues seem to have surfaced a couple months ago and I haven’t been able to identify a root cause yet.
We’ve noticed that the load experience is sometimes slightly better after clearing cache and cookies or when using an InPrivate browser but doesn’t seem to “stick.” I’ve also noticed that using the Progressive Web App version of the web app and actually “installing” the PWA has seemed to help a little, but I am mostly stumped so far.
Has anyone else experienced similar issues with their users and been able to attribute it to anything? I would summarize the issue as ‘slow load times when signing in to web applications.’
I am troubleshooting several issues where users at my organization are experiencing extremely slow load times and incomplete loading when trying to login to particular web applications. These issues seem to have surfaced a couple months ago and I haven’t been able to identify a root cause yet. We’ve noticed that the load experience is sometimes slightly better after clearing cache and cookies or when using an InPrivate browser but doesn’t seem to “stick.” I’ve also noticed that using the Progressive Web App version of the web app and actually “installing” the PWA has seemed to help a little, but I am mostly stumped so far. Has anyone else experienced similar issues with their users and been able to attribute it to anything? I would summarize the issue as ‘slow load times when signing in to web applications.’ Read More
Collaboratively build AI apps and share resources with hubs and projects
At Microsoft Build ’24 last week, we announced the general availability of Azure AI Studio. With this release, we are also introducing hubs, which enable developers to self-service create project workspaces and access shared company resources without needing an IT administrator’s repeated help.
Hubs provide a central way for a team to govern security, connectivity, and computing resources across playgrounds and projects. Project workspaces that are created using a hub inherit the same security settings and shared resource access. Teams can create as many project workspaces as needed to organize their work, isolate data, and/or restrict access.
By balancing easy, distributed project creation and resource management with centralized controls for security, compute governance, and compliance, Azure AI empowers developer agility and enterprise IT governance at scale.
Rapid AI use case exploration without IT bottlenecks
Successful AI applications and models typically start as prototypes, with developers testing the feasibility of an idea or assessing the quality of data or a model for a particular task. This is a steppingstone towards project funding or a full-scale implementation.
The transition from proving the feasibility of an idea to a funded project is where many organizations encounter a bottleneck in productivity, because a single platform team is responsible for the setup of cloud resources. Such a team may be the only one authorized to configure security, connectivity or other resources that may incur costs. This can cause a huge backlog, resulting in development teams getting blocked on innovating with a new idea.
Azure AI Studio hubs help mitigate this bottleneck. IT can set up a pre-configured, reusable environment, or hub, for a team one time, and a team can use that hub to create their own project workspaces for prototyping, building, and operating AI applications.
Set up and secure a hub for your team
Get started by creating a hub in Azure AI Studio, or use Azure Portal for advanced configuration options. You can customize networking, identity, encryption, monitoring or tags, to meet compliance with your organization’s requirements. Step by step guidance on how to create a hub with customized security settings can be found in our documentation.
Often, projects in a business domain require access to the same company resources such as vector indices, model endpoints or repos. As a team lead, you can pre-configure connectivity with these resources within a hub, so developers can access them from any new project workspace without delay on IT.
Connections let you access objects in AI Studio that are managed outside of your hub. For example, uploaded data on an Azure storage account, or model deployments on an existing Azure OpenAI resource. A connection can be shared with every project or made accessible to one specific project, with the option to configure key-based access or EntraID-passthrough to authorize access to users on the connected resource. Plus, as an administrator, you can easily track, audit, and manage connections across the organization from a single view in AI Studio.
Prototype on your idea in the playground
Once your hub is set up, you can immediately discover and deploy models from the Azure AI model catalog, to start experimenting in the playground without the need for a defined project. The playground in AI Studio helps developers understand how a model behaves in a controlled environment. For example, you can experiment with different system message prompts to assess the feasibility of a new idea.
Once you’re ready to integrate a model into code, you can transition to working in a project. You can get the API key from the deployment page, and select AI services, such as Azure AI Speech and Azure AI Language, come with additional REST APIs and SDKs to ease integration.
Build customized AI applications using a project
Projects are containers to help organize work and collaborate on a single use case. They help organize components, let you upload or connect with data in isolation, and restrict access to you and other project members. Projects inherit the hub’s security settings and shared resources. This includes virtual network, encryption settings, computing and storage.
In AI Studio, a project grants access to customization tools including prompt flow, content safety, fine-tuning, and assistants. With these tools, you can connect or upload your company data, add content filters for problematic inputs or outputs, evaluate your entire application for quality and safety metrics, then deploy as a webapp and monitor it in production.
If you are working in Azure Machine Learning, you can now create a project workspace from within the studio experience, too. This feature is now available in preview. By selecting a hub, you get access to shared company resources made available by your administrator including compute, connections and network connectivity.
The same project workspace can be accessed from both AI Studio and Azure Machine Learning. For teams with a mix of developers and data scientists, this means developers can use AI Studio to build and operate GenAI applications responsibly, and data scientists can user Azure Machine Learning to build and operate custom machine learning models, all while sharing components, including datasets and flows.
Organize for your team’s development needs
The number of hubs and projects you need depends on your way of working. Typically, customers aim to create a hub for a large team with similar data access needs to maximize cost efficiency, resource sharing, and minimize setup overhead. For example, you might create a hub for all projects related to customer support.
If your organization requires segregation between dev, test and production environments as part your LLMOps or MLOps strategy, consider creating a hub for each environment. Dependent on the readiness of your solution for production, you may decide to replicate your project workspace in every environment or keep it just in one.
Use Azure Role-Based Access Control (RBAC) to configure with granularity who can create hubs, projects and connections in your organization. The built-in Azure AI developer role grants permissions for common development tasks in AI Studio, so is ideal for a contributing user on a project workspace. Any user with an AI developer role assigned on a hub workspace can also create new project workspaces.
Get started in Azure
To sum up, hubs provide a shared Azure environment for a team with shared connectivity, compute and governance, yielding enhanced self-serve capabilities and business agility for development teams.
The following links provide further information on concepts and how to get started in AI Studio or Azure Machine Learning, including infrastructure template examples.
Develop and deploy generative AI apps responsibly with Azure AI Studio
Azure AI hub resource concepts – Azure AI Studio
How to create and manage an Azure AI hub resource – Azure AI Studio
Create an AI hub using a Bicep template – Azure AI Studio
What are hub workspaces? – Azure Machine Learning
Manage workspaces in portal or Python SDK (v2) – Azure Machine Learning
Microsoft Tech Community – Latest Blogs –Read More
Tech for Social Impact announces winner of Hack4Good
The winning design from the Healthcare team will help Care Design NY assist individuals with IDD in accessing essential support and services.
We’ve just wrapped up the second annual Microsoft Tech for Social Impact (TSI) Hack4Good hackathon in our NYC Times Square office. The event brought together TSI employees with customers and partners working in seven participating teams to design and build innovative hacks, creatively leveraging AI to accelerate nonprofit missions through innovative use cases across a number of sector categories, including Healthcare, Humanitarian Care and Relief, Social Services, Research, Supply Chain, Museums and Archives and AI Industry.
Each team created a high-level pitch showcasing the merits of their project. Submissions were evaluated by their potential to drive mission impact and responsible use of AI, as well as their ease of access, ability to scale, and the estimated cost to bring to market. We were honored to have industry thought leaders Billy Bickett, Head of Maker’s Lab for Tech Soup and Bob Benoit, CIO for The Gates Foundation as part of our judge’s panel.
The designs were rooted in real need and provided real value to the sector.
I’m proud to announce the top honors went to the healthcare team, who elected to take on building a solution that addresses challenges faced by Care Design NY, a nonprofit in New York State that provides care management to individuals with Intellectual and Developmental Disabilities (IDD).
Our work at TSI aims to empower every nonprofit and mission driven organization with Microsoft technology to accelerate social good. Now, we are pitting AI against some of the world’s biggest problems and supporting the development of solutions to address them.
This year’s Hack4Good challenge was to design a concept with broad application and sector reusability while addressing the specifics of the chosen use case. The input, guidance, and expertise of the participating nonprofits were critical in ensuring that the designs were rooted in real need and produced something that provided real value to the sector.
The idea was to enable Care Design NY to spend more time working directly and providing services to individuals.
The winning design from the Healthcare team will help Care Design NY assists individuals with IDD in accessing essential support and services. To achieve this, they create “In Process Life Plans”—documents submitted to the Office for People with Developmental Disabilities (OPWDD) for service approval. These plans typically take eight hours to produce, but Care Design NY aims to streamline the process to just two hours while maintaining a thorough, person-centered approach.
Hack4Good’s Healthcare team lead Robert Dolney explained, “Our goal was to enable Care Design NY to spend more time working directly and providing services to individuals much faster than before. And so far, the feedback has been extremely positive. We are already exploring possible next steps with Care Design NY to scale the solution and bring it to the entire organization!”
And Joe Shen, Care Design NY’s Chief Strategy Officer put it best when he said, “The individuals and families we support are at the center of all we do, and we are excited to see how the work we’ve done through the Hack4Good hackathon can improve access to services, as well as provide Care Design NY’s workforce with the tools they need do their crucial jobs effectively and efficiently.”
Over the coming months, we’ll stay in touch with Care Design NY to share updates about how they’re further developing and deploying the project, and any early outcomes it’s producing.
Congratulations to Team Healthcare on their hack project and the runners up on Team Supply Chain and Team Museums and Archives. A huge thanks to all the participants for an incredible event. I can still feel the energy and passion, and I already look forward to next year!
A complete summary of the other competing teams and brief details on their hacks:
Humanitarian Care and Relief – The Humanitarian team developed HELP4GOOD, an application to aid refugees in their struggle for survival and safety and to connect them with support services. The app employs intelligent document processing and language translation capabilities and support for refugees who cannot communicate in the local language. It can also facilitate connections with experts, such as doctors, during emergencies.
Social Services – The Social Services team developed CONFIA, a conversational friendly intelligent application aimed at improving mental health through interactive AI whereby users can talk and seek advice without judgment, which helps address a niche in the care pathway and narrows the mental health gap.
Research – The Research team developed AI Driven Data Analytics Platform Tool (ADDAPT), an app that uses AI to achieve school integration and equity. It provides a dynamic tool that integrates demographic, educational, and housing data to map and analyze segregation patterns in urban areas. The ultimate goal is to offer a resource for policymakers, urban planners, and community organizers to make informed decisions that promote integration and inclusivity.
Supply Chain – The Supply Chain team developed an app for Vitalant, one of the nation’s largest nonprofit blood and biotherapies healthcare organizations. Using relevant data to build a machine learning model and use AI to predict how much inventory to stock at the nearest distribution center, the app enables Vitalant managers to make better informed decisions about where blood products and services are needed most should go.
Museums and Archives – The Museum team developed Gallery Glider, an AI-powered accelerator that enables museums to create a bespoke interactive application that engages and inspires all visitors with by extending their experience to ‘real life’ and into the magic of the museum’s collections. Social Services.
Continue the conversation by joining us in the Nonprofit Community! Want to share best practices or join community events? Become a member by “Joining” the Nonprofit Community. To stay up to date on the latest nonprofit news, make sure to Follow or Subscribe to the Nonprofit Community Blog space!
Microsoft Tech Community – Latest Blogs –Read More
New Right and Left justify of Outlook content
Beginning about 2 weeks ago, Outlook is right and left justifying Mailchimp campaign content. How do I force it to left justify?
Beginning about 2 weeks ago, Outlook is right and left justifying Mailchimp campaign content. How do I force it to left justify? Read More
Change the value in one cell when a date changes occurs in another cell
Hi,
I’ve seen a few similar posts but can’t quite find what I’m looking for, hopefully someone can help.
I’m looking for a macro that will change a value from ‘Y’ to ‘N’ when a date change occurs in the previous column, for example as below. If a date change occurs in column C, the value in column D changes to ‘N’ (column C pulls the date from another location using an XLOOKUP, and I want to be alerted if there is a change date).
Any help would be much appreciated, thanks in advance
Hi, I’ve seen a few similar posts but can’t quite find what I’m looking for, hopefully someone can help. I’m looking for a macro that will change a value from ‘Y’ to ‘N’ when a date change occurs in the previous column, for example as below. If a date change occurs in column C, the value in column D changes to ‘N’ (column C pulls the date from another location using an XLOOKUP, and I want to be alerted if there is a change date). Any help would be much appreciated, thanks in advance Read More
To activate Visio on Microsoft Teams
Hello
Please i need your help on this issue.
I would like to know activate visio on Microsoft Teams.
I have Microsoft 365 Business Standard license
Hello Please i need your help on this issue. I would like to know activate visio on Microsoft Teams. I have Microsoft 365 Business Standard license Read More
New document content for existing file not showing up quickly
I have a document library that has workflow that will update the content of a file. This sometimes doesn’t seem to work. Or, it is showing me a cached version after the contents are updated. I test this by updating the file and opening the new file content and I see the old content. If I ask someone else to open the file they often see the new content. This leads me to believe that this is a cache issue. Is there a way to stop Sharepoint from caching in a document library? Thanks!
I have a document library that has workflow that will update the content of a file. This sometimes doesn’t seem to work. Or, it is showing me a cached version after the contents are updated. I test this by updating the file and opening the new file content and I see the old content. If I ask someone else to open the file they often see the new content. This leads me to believe that this is a cache issue. Is there a way to stop Sharepoint from caching in a document library? Thanks! Read More
Microsoft is letting Temu go out of control
Temu is attaching itself to my personal browsing in the Microsoft Start page of Edge. Aside from having a very large ad presence they are creating bizarre ads for products they don’t sell and associations with companies they don’t have using my browsing data. Temu sells cheap Chinese products. Why would they offer services from a local bottle depot or medical lab? Or why would they offer products and services from third party companies? It’s pure click bait and worse than spam.
Temu is attaching itself to my personal browsing in the Microsoft Start page of Edge. Aside from having a very large ad presence they are creating bizarre ads for products they don’t sell and associations with companies they don’t have using my browsing data. Temu sells cheap Chinese products. Why would they offer services from a local bottle depot or medical lab? Or why would they offer products and services from third party companies? It’s pure click bait and worse than spam. Read More
“Notify When Available” Has Returned!
New Teams now has the “notify when available” option back! I am on Early Access version 24124.2311.2896.3219
I do not see any documentation stating this and Microsoft’s “what’s changing in the New Teams” page has not updated that this feature will be coming back, but does anyone else see this or have more information?
New Teams now has the “notify when available” option back! I am on Early Access version 24124.2311.2896.3219 I do not see any documentation stating this and Microsoft’s “what’s changing in the New Teams” page has not updated that this feature will be coming back, but does anyone else see this or have more information? Read More
New Blog | Microsoft Security Exposure Management Graph: unveiling the power
Introduction
In the complicated and rapidly evolving realm of cybersecurity, Exposure Management plays a pivotal role in fortifying organization’s defenses against potential threats. To empower security teams, Microsoft Security Exposure Management has unveiled two new powerful tables within
Advanced Hunting: ExposureGraphNodes and ExposureGraphEdges.
The introduction of these tables opens novel capabilities for security teams. It enables efficient investigation of security posture across organizational assets. This is the first in a series of posts where we will present the tables and share investigation scenarios (along with relevant queries) for Advanced Hunting. These queries unlock capabilities that were previously unattainable. We’ll provide screenshots and Kusto Query Language snippets to guide you through your reading.
Understanding the tables
As John Lambert’s saying that is well-known in the security domain goes, ‘Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win.’ By exposing the context around each asset, relations between assets and the graph-based toolset for exploring them, we hope to start changing this.
Read the full post here: Microsoft Security Exposure Management Graph: unveiling the power
By Andrey Karpovsky
Introduction
In the complicated and rapidly evolving realm of cybersecurity, Exposure Management plays a pivotal role in fortifying organization’s defenses against potential threats. To empower security teams, Microsoft Security Exposure Management has unveiled two new powerful tables within Advanced Hunting: ExposureGraphNodes and ExposureGraphEdges.
The introduction of these tables opens novel capabilities for security teams. It enables efficient investigation of security posture across organizational assets. This is the first in a series of posts where we will present the tables and share investigation scenarios (along with relevant queries) for Advanced Hunting. These queries unlock capabilities that were previously unattainable. We’ll provide screenshots and Kusto Query Language snippets to guide you through your reading.
Understanding the tables
As John Lambert’s saying that is well-known in the security domain goes, ‘Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win.’ By exposing the context around each asset, relations between assets and the graph-based toolset for exploring them, we hope to start changing this.
Read the full post here: Microsoft Security Exposure Management Graph: unveiling the power Read More
New Blog | Best Practices to Manage and Mitigate Security Recommendations
In the fast-evolving landscape of cloud security, Microsoft Defender for Cloud (MDC) stands as a robust Cloud Native Application Protection Platform (CNAPP). One of its standout features is the premium Cloud Security Posture Management (CSPM) solution, known as Defender CSPM. Among the myriads of advanced capabilities offered by Defender CSPM, the “Governance Rule” feature is a game-changer. This empowers security teams to streamline and automate the assignment, management, and tracking of security recommendations.
In this blog, we’ll delve into best practices for leveraging Governance Rule to ensure effective, efficient, and timely remediation actions and explore practical use cases for maximizing its potential.
Understanding Governance Rule
Governance Rule in Defender CSPM is designed to simplify the management of security recommendations by enhancing accountability. You can define rules that assign an owner and a due date for addressing recommendations for specific resources. This provides resource owners with a clear set of tasks and deadlines for remediating recommendations. By making the assignment and tracking of these tasks more visible, Governance Rule ensures that critical security issues are promptly addressed, reducing the risk of breaches and enhancing overall security posture.
Best Practices for Utilizing Governance Rule
Define Clear Remediation Ownership
Assigning remediation tasks to specific owners is crucial for accountability. Governance Rule allows you to specify who is responsible for each security recommendation. Ensure that each task is assigned to the most appropriate individual or team with the necessary expertise and authority to address the issue. Clear ownership helps avoid confusion and ensures that remediation actions are taken seriously.
Set Realistic ETAs and Grace Periods
Establishing realistic Estimated Time of Arrival (ETA) and grace periods for remediation tasks is essential for maintaining a balance between urgency and feasibility. Overly aggressive timelines can lead to rushed and potentially ineffective fixes, while overly lenient deadlines may delay critical security improvements. Analyze the complexity and impact of each security finding to set achievable timelines that encourage timely resolution without compromising quality.
Prioritize Based on Risk
Not all security recommendations are created equal. Use severity-based prioritization to determine which issues need immediate attention and which can be scheduled for later remediation. Defender CSPM’s Governance Rule allows you to categorize tasks based on their severity and potential impact on your organization’s security posture. Focus on high-severity findings first to mitigate the most significant threats promptly.
Automate Workflow Integration
Leverage the automation capabilities of Governance Rule to integrate remediation workflows with your existing security tools and processes. Automated notifications, status updates, and task assignments can significantly reduce manual effort and improve coordination across teams. By integrating these workflows, you ensure that security recommendations are seamlessly managed from detection to resolution.
Regularly Monitor and Adjust Rules
The dynamic nature of cloud environments means that security needs can change rapidly. Regularly review and adjust your Governance Rules to ensure they remain aligned with your organization’s security objectives and compliance requirements. Monitor the performance of these rules and gather feedback from your security teams to identify areas for improvement.
Foster a Culture of Continuous Improvement
Encourage a culture where continuous improvement is the norm. Use insights gained from the Governance Rule feature to identify recurring security issues and root causes. Implement lessons learned to refine your security policies and practices, reducing the likelihood of similar issues arising in the future.
Before you begin
The Defender Cloud Security Posture Management (CSPM) plan must be enabled.
You need Contributor, Security Admin, or Owner permissions on the Azure subscriptions.
For AWS accounts and GCP projects, you need Contributor, Security Admin, or Owner permissions on the Defender for Cloud AWS or GCP connectors.
Read the full post here: Best Practices to Manage and Mitigate Security Recommendations
By Giulio Astori
In the fast-evolving landscape of cloud security, Microsoft Defender for Cloud (MDC) stands as a robust Cloud Native Application Protection Platform (CNAPP). One of its standout features is the premium Cloud Security Posture Management (CSPM) solution, known as Defender CSPM. Among the myriads of advanced capabilities offered by Defender CSPM, the “Governance Rule” feature is a game-changer. This empowers security teams to streamline and automate the assignment, management, and tracking of security recommendations.
In this blog, we’ll delve into best practices for leveraging Governance Rule to ensure effective, efficient, and timely remediation actions and explore practical use cases for maximizing its potential.
Understanding Governance Rule
Governance Rule in Defender CSPM is designed to simplify the management of security recommendations by enhancing accountability. You can define rules that assign an owner and a due date for addressing recommendations for specific resources. This provides resource owners with a clear set of tasks and deadlines for remediating recommendations. By making the assignment and tracking of these tasks more visible, Governance Rule ensures that critical security issues are promptly addressed, reducing the risk of breaches and enhancing overall security posture.
Best Practices for Utilizing Governance Rule
Define Clear Remediation OwnershipAssigning remediation tasks to specific owners is crucial for accountability. Governance Rule allows you to specify who is responsible for each security recommendation. Ensure that each task is assigned to the most appropriate individual or team with the necessary expertise and authority to address the issue. Clear ownership helps avoid confusion and ensures that remediation actions are taken seriously.
Set Realistic ETAs and Grace PeriodsEstablishing realistic Estimated Time of Arrival (ETA) and grace periods for remediation tasks is essential for maintaining a balance between urgency and feasibility. Overly aggressive timelines can lead to rushed and potentially ineffective fixes, while overly lenient deadlines may delay critical security improvements. Analyze the complexity and impact of each security finding to set achievable timelines that encourage timely resolution without compromising quality.
Prioritize Based on RiskNot all security recommendations are created equal. Use severity-based prioritization to determine which issues need immediate attention and which can be scheduled for later remediation. Defender CSPM’s Governance Rule allows you to categorize tasks based on their severity and potential impact on your organization’s security posture. Focus on high-severity findings first to mitigate the most significant threats promptly.
Automate Workflow IntegrationLeverage the automation capabilities of Governance Rule to integrate remediation workflows with your existing security tools and processes. Automated notifications, status updates, and task assignments can significantly reduce manual effort and improve coordination across teams. By integrating these workflows, you ensure that security recommendations are seamlessly managed from detection to resolution.
Regularly Monitor and Adjust Rules
The dynamic nature of cloud environments means that security needs can change rapidly. Regularly review and adjust your Governance Rules to ensure they remain aligned with your organization’s security objectives and compliance requirements. Monitor the performance of these rules and gather feedback from your security teams to identify areas for improvement.
Foster a Culture of Continuous Improvement
Encourage a culture where continuous improvement is the norm. Use insights gained from the Governance Rule feature to identify recurring security issues and root causes. Implement lessons learned to refine your security policies and practices, reducing the likelihood of similar issues arising in the future.
Before you begin
The Defender Cloud Security Posture Management (CSPM) plan must be enabled.
You need Contributor, Security Admin, or Owner permissions on the Azure subscriptions.
For AWS accounts and GCP projects, you need Contributor, Security Admin, or Owner permissions on the Defender for Cloud AWS or GCP connectors.
Read the full post here: Best Practices to Manage and Mitigate Security Recommendations Read More
ProcDump 3.3 for Linux and Process Explorer v17.06
Microsoft Tech Community – Latest Blogs –Read More