Monthly updates for April 2019
Govern employee and partner access requests, approvals, auditing, and reviews for any app integrated with Azure AD.
User group membership information can be emitted from SAML and OIDC/OAuth tokens issued by Azure AD so organizations so apps that require this information can be managed and secured from the cloud.
We are introducing some important changes to support more fine-grained role-based access to sensitive configuration information from HDInsight clusters. As part of these changes, some user action may be required.
Azure Active Directory activity logs integration with Diagnostics Logs for Azure Monitor and Log Analytics in Azure Monitor
Gain insights from Azure AD user activity logs stored in an Azure storage account and streamed to your preferred SIEM or custom environment, or integration with Log Analytics in Azure Monitor directly in the Azure portal.
TLS 1.2 is recommended for all Power BI Embedded applications to ensure that customers have control over the security of communications with Microsoft services.
Azure is now the first major public cloud with end-to-end security for IoT for your devices, hubs and cloud resources. We are adding advanced threat protection for IoT to three key services: Azure Security Center, Azure Sentinel and Azure IoT Hub.
The dashboard helps you streamline your compliance process by providing insight into your compliance posture for a set of supported standards and regulations.
Security Center can now protect your VM scale sets. Easily monitor the security posture of your VM scale sets with security recommendations to increase their overall security, reduce vulnerabilities, and detect threats.
Advanced Threat Protection for Azure Storage provides an additional layer of security intelligence that detects unusual and potentially harmful attempts to access or exploit storage accounts.
The Azure portal has been updated in the areas of IaaS, Azure Data Explorer, Security Center, Azure Site Recovery, RBAC, support, and more.
Azure AD password protection helps you eliminate easily guessed passwords from your environment, which can dramatically lower the risk of being compromised by a password spray attack.