You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: exposure-management/whats-new.md
+23-2Lines changed: 23 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,10 +3,10 @@ title: Release notes
3
3
description: This page is updated frequently with the latest updates in Microsoft Security Exposure Management.
4
4
ms.author: dlanger
5
5
author: dlanger
6
-
manager: rayne-wiselman
6
+
manager: ornat-spodek
7
7
ms.topic: overview
8
8
ms.service: exposure-management
9
-
ms.date: 09/09/2025
9
+
ms.date: 09/16/2025
10
10
11
11
---
12
12
@@ -26,6 +26,27 @@ Learn more about MSEM by reading the blogs, [here](https://techcommunity.microso
26
26
27
27
## September 2025
28
28
29
+
### New predefined classifications
30
+
31
+
The following predefined **Device** classification rules were added to the critical assets list:
32
+
33
+
| Classification | Description |
34
+
| -------------- | ----------- |
35
+
| SharePoint Server | The SharePoint server is responsible for secure content management, collaboration, and document sharing across teams. It hosts intranet portals and enterprise search within an organization. Compromise could lead to unauthorized access to sensitive information and disruption of content services. |
36
+
| Microsoft Entra ID Cloud Sync | The Microsoft Entra ID Cloud Sync agent is responsible for syncing on-premises directory data to the Microsoft Entra ID tenant using lightweight infrastructure. Compromise could disrupt identity synchronization, leading to authentication issues and potential security breaches. |
37
+
38
+
Microsoft Entra ID Cloud Sync has been introduced alongside Microsoft Entra ID Connect. While both support identity synchronization, Microsoft Entra ID Connect is designed for hybrid environments with on-premises Active Directory, whereas Microsoft Entra ID Cloud Sync offers a lightweight, cloud-native solution optimized for cloud-only setups.
39
+
40
+
Additionally, SharePoint device role is now available, introduced in response to recent vulnerability events. This role enhances tracking and management of SharePoint-related assets.
41
+
42
+
For more information, see [Predefined classification](predefined-classification-rules-and-levels.md).
43
+
44
+
### Migration from AzureAdConnectServer to EntraConnectServer
45
+
46
+
The legacy Azure AD Connect asset rule has been removed from Critical Assets. Its associated device role, AzureADConnectServer, will be deprecated in December 2025. Ensure all relevant custom rules are transitioned to use the new device role, EntraConnectServer, to maintain compliance and visibility.
47
+
48
+
For more information, see [Predefined classification](predefined-classification-rules-and-levels.md).
49
+
29
50
### Refined attack path experience
30
51
31
52
Cloud Attack Paths now reflect real, externally driven and exploitable risks that adversaries could use to compromise your organization, helping you cut through the noise and act faster. The paths now focus on external entry points and how attackers could progress through your environment reaching business-critical targets.
0 commit comments