Information about SharePoint, Microsoft 365, Azure, Mobility and Productivity from the Computer Information Agency
The slides from this month’s webinar are available at:
If you are not a CIAOPS patron you want to view or download a full copy of the video from the session you can do so here:
http://www.ciaopsacademy.com.au/p/need-to-know-webinars
Watch out for next month’s webinar because I’m pretty certain I’m going to do one on Copilot. Stay tuned!
Defender for Cloud unified Vulnerability Assessment powered by Defender Vulnerability Management –
Diamond Sleet supply chain compromise distributes a modified CyberLink installer –
Get email notifications for any actions in Defender XDR –
Elevating Cybersecurity Intelligence with Microsoft Sentinel’s Enrichment Widgets –
BlueHat playlist –
https://www.youtube.com/playlist?list=PLXkmvDo4MfutylXJNJ6gth_qIEwJdeWz7
Microsoft Defender XDR, Security Copilot & Microsoft Sentinel now in one portal –
Orca 2: Teaching Small Language Models How to Reason –
https://www.microsoft.com/en-us/research/blog/orca-2-teaching-small-language-models-how-to-reason/
Social engineering attacks lure Indian users to install Android banking trojans –
Copilot coming to Windows 10 –
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/copilot-coming-to-windows-10/ba-p/3984070
Triage incidents based on enrichment from threat intelligence –
https://learn.microsoft.com/en-us/security-copilot/triage-alert-with-enriched-threat-intel
What’s new in Microsoft Intune (2311) November edition –
Identity at Microsoft Ignite: Securing access in the era of AI –
Introducing MDTI Free Experience for Microsoft Defender XDR –
Microsoft Mesh –
https://www.youtube.com/watch?v=_0InCXA13L8
Our vision to bring Microsoft Copilot to everyone, and more –
Ignite News: Augment your EDR with deception tactics to catch adversaries early –
Microsoft Security Copilot and NIST 800-171 –
After hours
Octopus vs Underwater Maze – https://www.youtube.com/watch?v=7__r4FVj-EI
Editorial
If you found this valuable, the I’d appreciate a ‘like’. This helps me know that people enjoy what I have created. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.
Watch out for the next CIA Brief next week.
Our vision to bring Microsoft Copilot to everyone, and more –
Ignite News: Augment your EDR with deception tactics to catch adversaries early –
Microsoft Security Copilot and NIST 800-171 –
Power Apps accelerates the shift toward modern, AI-infused apps with governance at scale –
Microsoft Defender XDR, Security Copilot & Microsoft Sentinel now in one portal –
https://www.youtube.com/watch?v=snV2joMnSlc&t=1s
What’s new with Windows at Microsoft Ignite 2023! –
Microsoft Backup in public preview –
https://learn.microsoft.com/en-us/microsoft-365/syntex/backup/backup-overview
Simplify IT management with Microsoft Copilot for Azure – save time and get answers fast –
Universal Print makes cloud printing truly “universal” –
Microsoft Archive available in preview –
https://learn.microsoft.com/en-us/microsoft-365/syntex/archive/archive-overview
Meet the new Microsoft Planner –
https://www.youtube.com/watch?v=jwGQPWAihjQ
Copilot Studios | Explained by Microsoft –
https://www.youtube.com/watch?v=06D4G2K9UFs
Microsoft Stream: The Future of Video in Microsoft 365 –
https://www.youtube.com/watch?v=XxuVc9ji3as
Microsoft Loop: built for the new way of work, generally available to Microsoft 365 work accounts –
Microsoft Intune introduces Security Copilot-embedded experience –
Announcing Microsoft Copilot Studio: Customize Copilot for Microsoft 365 and build your own standalone copilots –
Microsoft Stream: The Future of Video in Microsoft 365 –
Announcing Windows 365 GPU-enabled Cloud PC public preview –
Introducing Microsoft Copilot Studio and new features in Copilot for Microsoft 365 –
Microsoft unveils expansion of AI for security and security for AI at Microsoft Ignite –
Microsoft Cloud PKI launches as a new addition to the Microsoft Intune Suite –
Announcing Microsoft Intune Advanced Analytics –
Microsoft Ignite 2023: AI transformation and the technology driving change –
Tailor Windows Update for Business reports with Power BI –
Ten things you need to know before buying Microsoft 365 Copilot –
Microsoft could be bringing its AI Copilot to billions of Windows 10 users –
After hours
Candy Thieves vs Rigged Candy Bowl – https://www.youtube.com/watch?v=Zb01RStdzEs
Editorial
There is still more Microsoft Ignite goodness to digest, so be prepared for lots of links in the CIA Brief next week as well!
If you found this valuable, the I’d appreciate a ‘like’. This helps me know that people enjoy what I have created. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.
Watch out for the next CIA Brief next week.
November the 11th is the anniversary of the end of the ‘Great War’ as it was known. Millions and millions of people had their lives shortened and their existences turned upside down by the trauma of that event. Even those as far as here in Australia were impacted by such events all those years ago. Many left our shores in search of what they thought was adventure only to die in a muddy quagmire in northern Europe were the reality of industrial modernity provided the ultimate reality check to the ‘innocence’ of ideal. Many now lie in unmarked graves remembered only be name.
Perhaps it was this ‘loss of innocence’ that makes the result of World War One even more poignant. We look back with a degree of detachment believing, but more likely, hoping that it will never happen again. The only arbiters of that will be ourselves. We only have to look at current world events to appreciate that, unfortunately, war is part of human nature and is never far away.
This is why it is important today to pause and remember all who died in all conflicts, whether they be combatants or simply innocent victims. War is not glorious, it is horrific and most will luckily live their lives devoid of experiencing it first hand. For those who lived and died in the firing line of human conflict we say thank you for your service. Many did not know exactly what they were fighting for but they went, suffered and died for something they believed in. No matter which side of a war people found themselves on, the commonality was nothing short of horrific where the real enemy was the spectre death not the opposition.
Most of today’s memories will be for the ‘glories’ of the ‘winners’. That is not what we should focus on. It is the individual who bears the greatest cost for events like these. It is their families who wear the scars for generations as even those that return from conflict are ‘never the same’. Our energies should be focus not on the ‘glory of victory’ but on celebrating the courage of the individual who endured the worst that humanity can throw at them. Most all, we should remember all those who never had a chance to fulfil their potential as war cut their them down in their prime.
So on the 11th hour of the 11th day of the 11th month, pause, reflect, and remember those who lived and died through the unspeakable. Don’t celebrate victory, celebrate humanity and resilience. Finally, take a moment always to be a little kinder to someone else as this is the only way that we have a hope of avoiding war and changing the human propensity for it.
Lest We Forget.
If you are interested in the history of the ANZAC battlefields of World War One visit my site – http://www.anzacsinfrance.com/
How AI Can Improve Threat Intelligence Gathering and Usage – https://techcommunity.microsoft.com/t5/educator-developer-blog/how-ai-can-improve-threat-intelligence-gathering-and-usage/ba-p/3975449
Reflecting on 20 years of Windows Patch Tuesday – https://blogs.windows.com/windowsexperience/2023/11/09/reflecting-on-20-years-of-windows-patch-tuesday/
Must-have skills for the AI era | AI at work with Microsoft’s Jared Spataro – https://www.youtube.com/watch?v=F8nzcGC8la0
Using Microsoft Defender Threat Intelligence with the Diamond Model for Threat Intelligence – https://techcommunity.microsoft.com/t5/microsoft-defender-threat/using-microsoft-defender-threat-intelligence-with-the-diamond/ba-p/3976100
Insights from Microsoft Security Copilot early adopters – https://www.microsoft.com/en-us/security/blog/2023/11/08/insights-from-microsoft-security-copilot-early-adopters/
Microsoft shares threat intelligence at CYBERWARCON 2023 – https://www.microsoft.com/en-us/security/blog/2023/11/09/microsoft-shares-threat-intelligence-at-cyberwarcon-2023/
Copilot in Microsoft 365 Chat | Uncover Similar Themes – https://www.youtube.com/watch?v=Hj5xpC5_ZJw
Create a company-wide signature or disclaimer in Microsoft 365 – https://www.youtube.com/watch?v=r-JDQPeoLig
Microsoft 365 Chat | Generate New Ideas with Copilot – https://www.youtube.com/watch?v=tU96RtPhQ0k
Microsoft 365 Chat | Manage Your Inbox – https://www.youtube.com/watch?v=yWC2XcRvH7E
Copilot in Teams | Get meeting overviews – https://www.youtube.com/watch?v=UNQeA2uqNPA
Now is the time—manage your Mac endpoints with Microsoft Intune – https://techcommunity.microsoft.com/t5/microsoft-intune-blog/now-is-the-time-manage-your-mac-endpoints-with-microsoft-intune/ba-p/3974449
Simplified security settings management is now generally available – https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/simplified-security-settings-management-is-now-generally/ba-p/3975158
Getting started with Microsoft Lists – Edit a view of a list – https://www.youtube.com/watch?v=Xcd7IW3p8Fw
Copilot in Microsoft 365 Chat | Grow your knowledge – https://www.youtube.com/watch?v=hkS-qS0ClSs
Discover, prepare, and recap your meetings in one place with Meet in Microsoft Teams – https://www.youtube.com/watch?v=JBxI4qiBPdk
Getting started with OneDrive – Share files and folders with Microsoft 365 – https://www.youtube.com/watch?v=Rs7hqD8nzyw
Emphasizing Security by Default with Advanced Microsoft Authenticator Features. – https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/emphasizing-security-by-default-with-advanced-microsoft/ba-p/3773130
Automatic Conditional Access policies in Microsoft Entra streamline identity protection – https://www.microsoft.com/en-us/security/blog/2023/11/06/automatic-conditional-access-policies-in-microsoft-entra-streamline-identity-protection/
Enterprise IoT security with Defender for IoT now included in Microsoft 365 E5 and E5 Security plans – https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/enterprise-iot-security-with-defender-for-iot-now-included-in/ba-p/3967533
What’s new for Security: Training and Certification – https://techcommunity.microsoft.com/t5/microsoft-learn-blog/what-s-new-for-security-training-and-certification/ba-p/3644507
Complete the new 30 Days to Learn It Challenge and explore the new trainings in Security – https://techcommunity.microsoft.com/t5/security-compliance-and-identity/complete-the-new-30-days-to-learn-it-challenge-and-explore-the/ba-p/3966324
Copilot in Outlook | Manage your inbox – https://www.youtube.com/watch?v=PSTSOyBccnY
Copilot in Word | Locate key information – https://www.youtube.com/watch?v=hxc5t3AfpKo
Copilot in Word | Transform a document – https://www.youtube.com/watch?v=Tx0IbvgI4NA
Announcing Microsoft Secure Future Initiative to advance security engineering – https://www.microsoft.com/en-us/security/blog/2023/11/02/announcing-microsoft-secure-future-initiative-to-advance-security-engineering/
After hours
Candy Thieves vs Rigged Candy Bowl – https://www.youtube.com/watch?v=Zb01RStdzEs
Editorial
Next week is going to be a firehose with Microsoft Ignite taking place, so be prepared for lots of links in the CIA Brief next week.
If you found this valuable, the I’d appreciate a ‘like’. This helps me know that people enjoy what I have created. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.
Watch out for the next CIA Brief next week.
In a previous article:
Adding a secret to an Azure Key Vault
I showed how a secure credential could be saved to an Azure Key Vault and then retrieved either from the browser, or PowerShell. You can however, also retrieve a secret using Power Automate.
You can see I have the same ‘super secret’ password stored in the Azure Key Vault above.
The Azure Key Vault connector in Power Automate is a premium connector which means you’ll either need an advanced Power Platform license or you’ll need to set up a
Power Platform PAYG configuration
which is probably the more cost effective approach.
You’ll firstly need to login to your Power Platform environment and select Connectors from the menu on the left as shown above. In here look for the Azure Key Vault connector. If it is not there select the +New connector from the menu at the top.
Search for key vault in the top right and then select Azure Key Vault as shown above. You will note that this connector is a Premium connector as highlighted earlier.
Enter the vault name and select Create.
You should now see the connector displayed in the list as shown above.
If you select this connector you will see additional information and the connection Status as well. Icons on the menu bar at the top that allow you to maintain this connector if needed.
Create a new flow and add a new step. Search for key vault as shown and select Get Secret as the action below as shown above.
If you pull down the Name of the secret field you should see your secret name previously created in the Azure Key Vault as shown above, which you can select.
Complete your flow. Here I’m just going to output the value of the secret (i.e. the password) to a Microsoft Team channel.
If you now run the flow you see that it succeeds.
You should also see the output of the secret (i.e. here the password) stored in the Azure Key Vault displayed as shown above.
Another advantage of using an Azure Key Vault is that you can use it a variety of tools such as PowerShell and Power Automate as I have shown here. This means that the credentials stay secure and can still be accessed via your automation process.
Join me for the free monthly CIAOPS Need to Know webinar. Along with all the Microsoft Cloud news we’ll be taking a look at the Microsoft 365 video service, Stream.
Shortly after registering you should receive an automated email from Microsoft Teams confirming your registration, including all the event details as well as a calendar invite.
You can register for the regular monthly webinar here:
November Webinar Registrations
(If you are having issues with the above link copy and paste – https://bit.ly/n2k2311
The details are:
CIAOPS Need to Know Webinar – November 2023
Thursday 30th of November 2023
11.00am – 12.00am Sydney Time
All sessions are recorded and posted to the CIAOPS Academy.
The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:
or purchase them individually at:
Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.
I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.
An Azure Key Vault is a great location for storing credential securely. In a recent article I cover how to:
next, I want to cover how you can actually put credentials in there.
Step one is to navigate the Azure Key Vault you have created, and select the Secrets option from the menu on the left as shown above. From the menu on the right select +Generate/Import as shown.
Simply complete the fields as shown and select the Create button at the bottom of the window.
You will note that your secret (say a password) has a Name and potentially an activation and expiration date if desired. You can also enable or disable if desired.
You should now see that the secret has been created as shown above. To view the details simply click on the secret.
Here you’ll now see all the details about the secret. The good thing about information about an Azure Key Vault credential is that you can easily update it if required and previous versions will be retained. You can also control access to this individual secret via the Access control (IAM) on the menu on the left hand side.
If you now select the Current version displayed in the middle of the page you will get more details like so:
Here, you can update the settings for secret as well as reveal what the secret is by selecting the Show Secret Value button as shown.
You see the super secret password shown above.
One of the main reasons reasons for using an Azure Key Vault is that we can access this information also programmatically, for example by using PowerShell.
If I connect to Azure using the Azure PowerShell module with a user that has rights to access the vault and secret, I can run a command like:
get-azkeyvaultsecret -vaultname “vaultname” -name “secretname”
and the results will be shown above. But how do I get to the actual secret?
Basically, you repeat the previous command but this time assign it to a variable and add the –asplaintext option, like shown above. The command would look like:
$pwd = get-azkeyvaultsecret -vaultname “vaultname” -name “secretname” –asplaintext
Now the secret value (say password) is in the variable $pwd for use in my code.
PowerShell is not the only method you can use to obtain what is in an Azure Key Vault. You can use something like Power Automate and Flow, which I’ll cover off in an upcoming articles. However, PowerShell allows just about any function with vaults including creating, reading, deleting, updating and so on. Thus, using an Azure Key Vault provides a secure yet flexible method of storing credentials you want to protect as well as make potentially portable (i.e. you can use them anywhere on any device that runs PowerShell and connect to the internet).
So an Azure Key Vault provides secure storage for credentials that you can easily access programmatically using something like PowerShell and Power Automate. What can now be achieved with this? Stay tuned to find out more.
CIAOPS 