Merge pull request #249458 from ElazarK/WI149907-MDC-in-the-field-epsiode-37

v-regandowner · web-flow · commit ede3bd961ac0 · 2023-08-29T10:09:55.000-04:00
created episode 37
diff --git a/articles/defender-for-cloud/TOC.yml b/articles/defender-for-cloud/TOC.yml
@@ -877,7 +877,11 @@
     - name: Understanding the DevOps Threat Matrix
       href: episode-thirty-four.md
     - name: Security alert correlation
-      href: episode-thirty-five.md                 
+      href: episode-thirty-five.md
+    - name: Defender CSPM support for GCP and more updates
+      href: episode-thirty-six.md
+    - name: Capabilities to counter identity-based supply chain attacks
+      href: episode-thirty-seven.md               
   - name: Manage user data
     href: privacy.md
   - name: Microsoft Defender for IoT documentation
diff --git a/articles/defender-for-cloud/episode-thirty-five.md b/articles/defender-for-cloud/episode-thirty-five.md
@@ -7,7 +7,7 @@ ms.date: 08/08/2023
 
 # Security alert correlation
 
-**Episode description**:  In this episode of Defender for Cloud in the Field, Daniel Davrayev joins Yuri Diogenes to talk about security alert correlation capability in Defender for Cloud. Daniel talks about the importance of have a built-in capability to correlate alerts in Defender for Cloud, how this saves time for SOC analysts to investigate alert and respond to potential threats. Daniel also explains how data correlation works and demonstrate how this correlation appears in Defender for Cloud dashboard as a security incident.
+**Episode description**:  In this episode of Defender for Cloud in the Field, Daniel Davrayev joins Yuri Diogenes to talk about security alert correlation capability in Defender for Cloud. Daniel talks about the importance of have a built-in capability to correlate alerts in Defender for Cloud, how this capability saves time for SOC analysts to investigate alert and respond to potential threats. Daniel also explains how data correlation works and demonstrate how this correlation appears in Defender for Cloud dashboard as a security incident.
 
 > [!VIDEO https://aka.ms/docs/player?id=6573561d-70a6-4b4c-ad16-9efe747c9a61]
 
@@ -34,4 +34,4 @@ ms.date: 08/08/2023
 ## Next steps
 
 > [!div class="nextstepaction"]
-> [New AWS Connector in Microsoft Defender for Cloud](episode-one.md)
+> [Defender CSPM support for GCP and more updates](episode-thirty-six.md)
diff --git a/articles/defender-for-cloud/episode-thirty-seven.md b/articles/defender-for-cloud/episode-thirty-seven.md
@@ -0,0 +1,36 @@
+---
+title: Capabilities to counter identity-based supply chain attacks | Defender for Cloud in the Field 
+description: Learn about Defender for Cloud's capability to counter identity-based supply chain attacks.
+ms.topic: reference
+ms.date: 08/29/2023
+---
+
+# Capabilities to counter identity-based supply chain attacks
+
+**Episode description**: In this episode of Defender for Cloud in the Field, Security Researcher, Hagai Kestenberg joins Yuri Diogenes to talk about Defender for Cloud capabilities to counter identity-based supply chain attacks. Hagai explains the different types of supply chain attacks and focuses on the risks of identity-based supply chain attacks. Hagai makes recommendations to mitigate this type of attack and explain the new capability in Defender for Resource Manager that can be used to identify this type of attack. Hagai also demonstrates the new alert generated by Defender for Resource Manager when this type of attack is identified. 
+
+> [!VIDEO https://aka.ms/docs/player?id=d69fb652-46a7-4f8c-8632-8cf2cbc3685a]
+
+- [01:41](/shows/mdc-in-the-field/counter-identity-based-supply-chain-attacks#time=01m41s) - Intro
+- [04:04](/shows/mdc-in-the-field/counter-identity-based-supply-chain-attacks#time=04m04s) - Understanding identity-based supply chain attacks
+- [06:50](/shows/mdc-in-the-field/counter-identity-based-supply-chain-attacks#time=06m50s) - Identity-based supply chain attacks sample scenario
+- [08:26](/shows/mdc-in-the-field/counter-identity-based-supply-chain-attacks#time=08m26s) - Best practices to prevent identity-based supply chain attacks
+- [10:29](/shows/mdc-in-the-field/counter-identity-based-supply-chain-attacks#time=10m29s) - Demonstration
+
+## Recommended resources
+
+- [Learn more](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/announcing-microsoft-defender-for-cloud-capabilities-to-counter/ba-p/3876012)
+- Subscribe to [Microsoft Security on YouTube](https://www.youtube.com/playlist?list=PL3ZTgFEc7LysiX4PfHhdJPR7S8mGO14YS)
+- Learn more about [Microsoft Security](https://msft.it/6002T9HQY)
+
+- Follow us on social media:
+
+  - [LinkedIn](https://www.linkedin.com/showcase/microsoft-security/)
+  - [Twitter](https://twitter.com/msftsecurity)
+
+- Join our [Tech Community](https://aka.ms/SecurityTechCommunity)
+
+## Next steps
+
+> [!div class="nextstepaction"]
+> [New AWS Connector in Microsoft Defender for Cloud](episode-one.md)
diff --git a/articles/defender-for-cloud/episode-thirty-six.md b/articles/defender-for-cloud/episode-thirty-six.md
@@ -0,0 +1,35 @@
+---
+title: Defender CSPM support for GCP and more updates | Defender for Cloud in the Field
+description: Learn about Defender for CSPM's support for GCP and more updates for Defender for Cloud.
+ms.topic: reference
+ms.date: 08/29/2023
+---
+
+# Defender CSPM support for GCP and more updates
+
+**Episode description**: In this episode of Defender for Cloud in the Field, Amit Biton joins Yuri Diogenes to talk about the new Defender CSPM support for GCP. Amit talks about the recent investments in multicloud and the alignment with Microsoft CNAPP strategy. Amit covers the capabilities that were released in Defender CSPM to cover GCP, including the new Microsoft Cloud Security Benchmark for GCP. Amit also demonstrate the use of Attack Path and Cloud Security explorer in a multicloud environment.
+
+> [!VIDEO https://aka.ms/docs/player?id=673a8d91-3b0e-4bfb-986c-888ae7532320]
+
+- [01:23](/shows/mdc-in-the-field/support-gcp#time=01m23s) - Overview of the new announcements for multicloud
+- [05:09](/shows/mdc-in-the-field/support-gcp#time=05m09s) - Microsoft CNAPP strategy
+- [08:55](/shows/mdc-in-the-field/support-gcp#time=08m55s) - Agentless capability
+- [12:54](/shows/mdc-in-the-field/support-gcp#time=12m54s) - Demonstration
+
+## Recommended resources
+
+- [Learn more](/azure/defender-for-cloud/concept-cloud-security-posture-management)
+- Subscribe to [Microsoft Security on YouTube](https://www.youtube.com/playlist?list=PL3ZTgFEc7LysiX4PfHhdJPR7S8mGO14YS)
+- Learn more about [Microsoft Security](https://msft.it/6002T9HQY)
+
+- Follow us on social media:
+
+  - [LinkedIn](https://www.linkedin.com/showcase/microsoft-security/)
+  - [Twitter](https://twitter.com/msftsecurity)
+
+- Join our [Tech Community](https://aka.ms/SecurityTechCommunity)
+
+## Next steps
+
+> [!div class="nextstepaction"]
+> [Capabilities to counter identity-based supply chain attacks](episode-thirty-seven.md)
