Posted by: kurtsh | January 22, 2021

INFO: Microsoft Security Rebranding “Decoder Ring”

Our Enterprise Security Executive, Andreae Pohlman, helped me understand the rebranding and all the “renaming of products” that occurred when we moved to the the “Microsoft Defender” branding of our security solutions.

Here’s a cheat sheet she shared with me.  Hopefully it’s useful for you too.

New Microsoft “Defender” Branding

Previous Microsoft Product Name

Microsoft 365 Defender

Microsoft Threat Protection

Microsoft Defender for Identity

Azure Advanced Threat Protection

Microsoft Defender for Endpoint

Microsoft Defender Advanced Threat Protection

Microsoft Defender for Office 365

Office 365 Advanced Threat Protection

Azure Defender for Servers

Azure Security Center (Std)

Azure Defender for IoT

Azure Security Center for IoT

Azure Defender for SQL

Advanced Threat Protection for SQL

(Much of this rebranding was announced in this bbog post announcement:

Additionally, there are other “Defender” branded security protection technologies available:

  • Azure Defender for App Service
  • Azure Defender for MySQL (Preview)
  • Azure Defender for PostgreSQL (Preview)
  • Azure Defender for Storage
  • Azure Defender for Kubernetes
  • Azure Defender for ACR
  • Azure Defender for Key Vault
  • Azure Defender for ARM (Preview)
  • Azure Defender for DNS (Preview)

This week, we extended the previous “limit increases” made to Live Events.  Initially set to expire Jan 1, 2021, the “limit increases” will now expire on June 30, 2021.

imageMicrosoft 365 live event limit increases

To continue supporting our customers’ needs, through June 30, 2021, we will extend temporary limit increases for live events, including:

  • Event support for up to 20,000 attendees
  • 50 events can be hosted simultaneously across a tenant
  • Event duration of 16 hours per broadcast

Additionally, Live Events with up to 100,000 attendees can be planned through the Microsoft 365 assistance program. The team will assess each request and work with you to determine options that may be available. Learn more.

See the NEW limit extension date documented here:

Alex Weinert & the Microsoft Identity team worked hard to build you an Azure Active Directory monitor workbook to help you hunt for Solorigate Identity activity in your environment – Check it out!

imageIn the interest of helping customers concerned about the Solorigate attacks we are publishing a new workbook in the Azure AD admin portal to assist investigations into the Identity Indicators of Compromise related to the attacks. The information in this workbook is available in Azure AD audit and sign in logs, but the workbook helps you collect and visualize the information in one view.

The workbook is split into 5 sections, each aimed at providing information associated with the attack patterns we have identified:

  1. Modified application and service principal credentials/authentication methods
  2. Modified federation settings
  3. Azure AD STS Refresh token modifications by service principals and applications other than DirectorySync
  4. New permissions granted to service principals
  5. Directory role and group membership updates for service principals

Read more & access the Workbook here:

Posted by: kurtsh | December 22, 2020

TRAINING: Surface Hub 2S Learning Resources

imageI recently was asked:

“What sort of training is available for Surface Hub?”

    The teams that formerly staffed the physical Microsoft Stores operate virtually now and will offer virtual training on the Surface Hub’s basic usage and operation. You can contact them directly at
    The following Microsoft Partners offer customized & personalized training for organizations around the usage of Surface Hub for a fee.
      1. CollabTech Group
        CollabTech offers customized training & produced the Microsoft online video training below.
      2. YorkTel
        YorkTel produces industry-specific training for various workflows as well as on-prem support.
      1. Surface Hub 2S on-demand adoption and training videos – Surface Hub | Microsoft Docs (Numerous videos)
      2. Surface Hub 2S Demo: The Experience [Webinar] – YouTube (Video walk through as well)

AzureGovMeetupThe accelerated adoption of cloud last year due to COVID-19 was phenomenal; advancing IT modernization for many organizations while also bringing a wealth of lessons learned. While much progress was made, many government agencies find there can still be challenges to getting started with cloud.

With that in mind, we invite you to RSVP and join us to kick off the New Year learning how agencies can master cloud fundamentals in 2021 during an Azure Government Meetup hosted on Teams Live.

During this event, which is free and open to the public, we will discuss:

  • Cloud fundamentals: What you need to know to get started
  • Security and compliance considerations
  • Planning, assessing and migrating to the cloud
  • Training resources and reskilling for cloud 2021
  • Plus, demos of tools to ease your move to cloud

Register for this no cost event here:

imageRead this Gartner report (published 10/2/2020) to learn about taking advantage of security solutions from infrastructure as a service (IaaS) providers. This report tells you how:

  • The automation, programmatic infrastructure and built-in security capabilities of leading IaaS providers enable enterprises to improve and scale the protection of public cloud infrastructure.
  • Properly managed, security and risk management leaders can secure cloud better than their data centers.

Read the full report here, available for download:


For customers renewing their Enterprise Agreements or agreements involving Software Assurance, the Software Assurance Benefits policies have changed in 2020.

Here are some details around what has happened to Software Assurance Planning Services:

What are the key changes that occurred with Software Assurance Benefits earlier this year?
Below are key changes that occurred with Software Assurance Benefits in early calendar year 2020:

  • February 1, 2020: DPS cloud engagements retired and all cloud customers will be directed to FastTrack programs. For DPS cloud engagement vouchers created before February 1, 2020, customers have 180 days to redeem and use the cloud engagement voucher. Customers have until January 2022 to use their deployment planning days for on-premises planning.
  • Due to impacts from COVID-19, Microsoft is extending active vouchers for an additional 90 days for those vouchers created before 1 April 2020. This applies to all active Deployment Planning Services vouchers for cloud and on-premises engagements. To help our customers and partners work as efficiently as possible while remote, we’re also waiving the onsite requirement policy for delivery partners and allowing for remote Deployment Planning Services engagements through June 30, 2020. We still expect partners to provide customers with collaborative consultative sessions resulting in a comprehensive and actionable deployment plan.
  • February 1, 2021: Customers will no longer accrue DPS days.
    • New contracts won’t have any DPS days assigned and existing contracts won’t receive any additional DPS days.
    • Current customers can continue to use any accrued DPS days until January 1, 2022.

For more details on this and other Software Assurance Benefits, visit:

imageMicrosoft Teams has become the new way to work for over 115 million daily users who come together every day to meet, call, chat, and collaborate.

Today, we are honored to be recognized by Gartner as a Leader for both Meeting Solutions and Unified Communications as a Service in their latest Magic Quadrants. Microsoft was positioned highest among all vendors for ability to execute in both reports. This is Microsoft’s second consecutive year as a Leader for Unified Communications as a Service and the 14th time in which Microsoft has been recognized as a Leader for Meetings Solutions.

Read and download the full report here:

For organizations deploying Microsoft Teams looking for guidance on how to plan & structure Teams and Channels in their organization, the following may be useful:

The presentation goes over different structures that can be applied to Teams and Teams Channels when deploying, however it also talks to how these structures can be implemented at the same time to encourage cross-organizational sharing.

When organizing the content of the Teams themselves, the following “Best Practices” guidance may be useful:


Your data has the power to help your business build long-term agility and resilience, no matter what the future brings. But to realize its full potential, you need to have a strategic, unified framework for using data and analytics to gain insights, make decisions, and improve business outcomes.

Join us at this digital event with Microsoft CEO Satya Nadella to learn how to create a flowing continuum of trusted, accurate data that produces timely, actionable insights. Register to:

  • Understand why prioritizing data and analytics now is critical to building future agility and resilience.
  • Get guidance from industry leaders and customers on how to develop a strategic view of your analytics initiatives and create a framework for implementing successful solutions.
  • Be the first to learn about the new Azure data governance service and take an in-depth look at how it works together with Azure Synapse Analytics to provide a unified, end-to-end platform for data and analytics.
  • Ask questions and get expert answers during live Q&A.

Register below:

  • Shape Your Future with Azure Data and Analytics
    Thursday, December 3, 2020
    9:00 AM–10:30 AM Pacific Time (UTC-8)


Older Posts »