You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/defender-for-cloud/release-notes.md
+15-1Lines changed: 15 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,7 +2,7 @@
2
2
title: Release notes for Microsoft Defender for Cloud
3
3
description: A description of what's new and changed in Microsoft Defender for Cloud
4
4
ms.topic: reference
5
-
ms.date: 03/03/2022
5
+
ms.date: 03/10/2022
6
6
---
7
7
# What's new in Microsoft Defender for Cloud?
8
8
@@ -23,6 +23,8 @@ Updates in March include:
23
23
24
24
-[Deprecated the recommendations to install the network traffic data collection agent](#deprecated-the-recommendations-to-install-the-network-traffic-data-collection-agent)
25
25
-[Defender for Containers can now scan for vulnerabilities in Windows images (preview)](#defender-for-containers-can-now-scan-for-vulnerabilities-in-windows-images-preview)
26
+
-[New alert for Microsoft Defender for Storage (preview)](#new-alert-for-microsoft-defender-for-storage-preview)
27
+
26
28
### Deprecated the recommendations to install the network traffic data collection agent
27
29
28
30
Changes in our roadmap and priorities have removed the need for the network traffic data collection agent. Consequently, the following two recommendations and their related policies were deprecated.
@@ -39,6 +41,18 @@ Defender for Container's image scan now supports Windows images that are hosted
39
41
40
42
Learn more in [Use Microsoft Defender for Container to scan your images for vulnerabilities](defender-for-container-registries-usage.md).
41
43
44
+
### New alert for Microsoft Defender for Storage (preview)
45
+
46
+
To expand the threat protections provided by Microsoft Defender for Storage, we've added a new preview alert.
47
+
48
+
Threat actors use applications and tools to discover and access storage accounts. Microsoft Defender for Storage detects these applications and tools so that you can block them and remediate your posture.
49
+
50
+
This preview alert is called `Access from a suspicious application`. The alert is relevant to Azure Blob Storage, and ADLS Gen2 only.
|**PREVIEW - Access from a suspicious application**<br>(Storage.Blob_SuspiciousApp) | Indicates that a suspicious application has successfully accessed a container of a storage account with authentication.<br>This might indicate that an attacker has obtained the credentials necessary to access the account, and is exploiting it. This could also be an indication of a penetration test carried out in your organization.<br>Applies to: Azure Blob Storage, Azure Data Lake Storage Gen2 | Initial Access | Medium |
0 commit comments