** It is recommended to review these areas frequently to ensure there is no new exposures or gaps to your security posture. **
Azure Active Directory
Review Risky Sign-ins – Azure AD detects suspicious actions that are related to your user accounts. For each detected action, a record called risk event
Documentation on Azure Active Directory risk events
Identity Secure Score – How secure is your Azure AD tenant? If you don’t know how to answer this question, read this article to learn how the identity secure score helps you to monitor and improve your identity security posture.
Cloud App Security Dashboard – We recommend that you check the dashboard daily to see what new alerts have been triggered. It is also a good place to keep an eye on the health of your cloud environment to get a sense of what’s happening across your cloud environment. Documentation
Security and Compliance Dashboard – The Security & Compliance Center enables your organization to manage data protection and compliance. Security & Compliance Center features a new Security Dashboard you can use to review your threat protection status, and view and act on security alerts. Documentation
Monitor Security and Compliance in O365 – Along with your users, data is the lifeblood of your organization. As a result, it’s critical to lay the groundwork to:
Lock down access to it, Prevent data from getting into the wrong hands, Manage its lifecycle, Keep it safe from external threats. After taking these steps, be sure to regularly monitor your data’s health, compliance, and security and, if needed, take action.
Identify and contextualizing attacker activity within sessions in Exchange Online – Empower admin and defenders to better understand account activity and better distinguish malicious attackers from regular employees by analyzing the session context in the exchange audit log
Windows Defender AV
Security Update Deployment hygiene/guidance
Microsoft Exploitability Index – helps customer prioritize their deployment of the monthly security updates.
Getting Started with Security Update Guide
MSRC Security Update Guide – investigates all reports of security vulnerabilities affecting Microsoft products and services, and provides the information here as part of the ongoing effort to help you manage security risks and help keep your systems protected.
Protect against Rapid Cyber Attacks (Petya, WannaCrypt, and similar variants) – Webinar – Rapid cyberattacks like Petya and WannaCrypt were able to take down all IT systems at global enterprises in about an hour, creating a new challenge for IT and Security leadership and practitioners to manage. Join us to learn about these attacks and Microsoft’s prescriptive roadmap of recommended mitigations to protect your organization against this type of attack.
Windows Defender ATP
Review your Windows Defender ATP Secure Score – The Secure score dashboard expands your visibility into the overall security posture of your organization. From this dashboard, you’ll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization – all in one place. From there you can take action based on the recommended configuration baselines.