CYBERSECURITY21 November, 2023 min de lectura

Microsoft Ignite 2023: Discover what’s new in cybersecurity with generative AI at the forefront

The annual Microsoft Ignite 2023 event has once again left the technology community intrigued and excited by the more than 100 innovations presented in the Microsoft cloud; news related to Microsoft Copilot, Data and AI, infrastructure and, of course, cybersecurity.

Our experts in cybersecurity Softeng have followed the event in detail to identify the most important developments and unpack their keys to know how to maximize their potential, with the aim of improving and strengthening cybersecurity in enterprises.

1. Microsoft Defender XDR: New unified user experience with Sentinel, Threat Intelligence and Defender for Cloud Console (SIEM+XDR) capabilities.

Microsoft Defender Extended Detection and Response (XDR), is a security solution that provides integrated and automated protection across an organization’s entire IT infrastructure.

For the first time, Microsoft Defender XDR capabilities integrates all cybersecurity services on a single platform: Threat Intelligence, Microsoft 365 Defender, Microsoft Sentinel and Microsoft Defender for Cloud.

This allows access to all security operations tools in a single interface, making them easier to use and improving efficiency. In addition, with this integration we can take full advantage of automation and artificial intelligence technologies to improve cybersecurity.

From our SOC team, we are investigating the new capabilities offered by Microsoft Defender XDR to incorporate the new unified user experience to our modern CyberSOC service for security incident management and response(Softeng-CSIRT).

Defender XDR - Microsoft Ignite 2023 Cybersecurity News

Microsoft Security Copilot has added Entra, Defender for Cloud and Purview to extend the use cases to identity, infrastructure and data protection.

Microsoft has also shared news on new AI capabilities in cybersecurity, particularly in incident investigation and response.

Microsoft Security Copilot is a generative AI-powered security product that helps cybersecurity teams increase their productivity. Therefore, with the addition of Entra, Defender for Cloud and Purview, Microsoft Security Copilot can extend its use cases to include identity, infrastructure and data protection.

For example, you can help determine why a login requires two-factor authentication, or summarize risks and define remediation steps for users, groups, logins or permissions.

Copilot in Microsoft Entra - News Microsoft Ignite 2023

3. Microsoft Defender CSPM: Proactive attack path analysis

Finally, Microsoft Defender for Cloud has enhanced the attack analysis engine with recommendations based on more complex risks, such as inter-cloud attack paths.

In addition, the new code-to-cloud mapping will also allow cybersecurity teams to reduce time and optimize effort to address critical security flaws directly in the code itself.

This way, our modern SOC team will have more visibility into attack exposure from Azure, AWS or GCP clouds.

Microsoft Defender CSPM (Attack Path Analysis) - News Microsoft Ignite 2023

4. Automatic Conditional Access Policies in Microsoft Entra: Optimizing Identity Protection

In order to better control how users access corporate resources, Microsoft has announced the automatic deployment of Microsoft Entra universal conditional access policies.

This new functionality uses real-time signals and machine learning to determine when to allow, block or limit access to application and sensitive data, ensuring that only healthy and trusted devices can access corporate resources. This maximizes safety without compromising productivity.

Automatic Conditional Access - Ignite 2023 News

5. Microsoft Enters Private Access: Multifactor authentication is added for all local applications.

In addition to automatic conditional access controls, Microsoft Entra Private Access adds multi-factor authentication for on-premise computing resources, i.e. those that are physically located on an organization’s premises, increasing the security of applications and data.

In Softeng, our team of cybersecurity experts is already working on a digital event in which we will show the capabilities of Microsoft Entra, and, among them, Microsoft Entra Private Access. We will announce it soon on our LinkedIn account! Follow us at >

MFA on premise - News Microsoft Ignite 2023

6. Microsoft Entra ID: Compatibility of passkeys with Microsoft Authenticator

By early 2024, Microsoft has promised that Entra ID users will be able to sign in with passkeys managed by the Microsoft Authenticator app.

The interesting thing about this new feature is that it will reinforce the two-factor methods, a mechanism that is resistant to phishing, leaks and allows us to log in more securely.

Passkeys in Authenticator - News Microsoft Ignite 2023

Related article: How can the 6 most common cyberattacks affect business assets?

7. AI Hub on Microsoft Purview: Sensitive Data Leak Detection in Generative AI SaaS Applications

Microsoft has announced the release of a trial version of its AI Hub on Microsoft Purview, an integrated solution that enables organizations to govern, secure and manage the use of generative AI applications across the enterprise.

With this solution, organizations can gain a complete view of the use of generative artificial intelligence applications, such as ChatGPT, Bard and others, and the associated data security and compliance risks.

The IA Hub solution in Microsoft Purview is an invaluable tool for organizations looking to better protect their sensitive data and comply with privacy and security regulations.

8. Microsoft Purview DLP: Preventing and blocking sensitive data leakage in generative AI SaaS applications.

Data Loss Prevention (DPL) in Microsoft Purview allows organizations to create policies to prevent their users from pasting sensitive information on specific websites, personal email, applications and social networks, among others.

Microsoft has announced this new functionality that extends the capabilities of Microsoft Purview DLP to block sensitive data leakage in non-corporate generative AI applications.

Purview DLP - News Microsoft Ignite 2023

From Softeng, we move forward with confidence to embrace digital innovation

In Softeng we are one of Top Partner Cloud Microsoft most qualified in Europe, allowing us to accompany our customers by maximizing the power of the Microsoft cloud to drive digital innovation with security and intelligence.

The new developments announced at Microsoft Ignite 2023 motivate us to continue to embrace and simplify innovation, in order to accompany ambitious companies to move faster in their digitization in a secure way.

If you want your company to be well protected in order to move forward without fear, we invite you to learn more about what we can do together.