Week 6 · 6 min read
February 2 – February 9, 2026
Act by
- 1 Jun 2026 — Microsoft Entra ID begins blocking Entra Connect Sync / Cloud Sync from hard-matching a new on-premises Active Directory user object onto an existing cloud-managed Entra user that holds an Entra role. It's a safeguard against attackers taking over a privileged cloud account by manipulating AD attributes. Only hybrid tenants that sync privileged users are affected; if you rely on hard-match for role-holding accounts, plan the change now. (Microsoft Entra releases and announcements)
What changed
The Microsoft Copilot data connector for Microsoft Sentinel entered public preview on 3 February. It ingests Copilot audit logs and activities (via the Purview Unified Audit Log) into Sentinel and the Sentinel data lake, so Copilot usage can drive analytics rules, custom detections, workbooks, automation, and data-lake scenarios like custom graphs and the MCP server. The connector is single-tenant and only returns data for tenants that actually have Copilot licenses and SCUs in use; enabling it needs Global Administrator or Security Administrator. For a SOC, this removes the trip to the Purview portal to see Copilot activity and lets you hunt for misuse, data exposure, and anomalous prompts directly in Sentinel — record types include CopilotInteraction, the CopilotPlugin create/update/delete operations, and agent-management events. (Microsoft Sentinel Blog)
Microsoft Defender for Cloud extended its AI threat protection to Microsoft Foundry agents (public preview, announced 3 February). The Defender for AI Services plan now covers agents built with the Foundry Agent Service, adding runtime detection for agent-specific risks — memory poisoning, indirect prompt injection through tools and data sources, and abuse of agent-to-agent orchestration — on top of the existing protections for custom AI apps, aligned to OWASP guidance for LLM and agentic systems. Alerts surface in the Defender portal alongside the rest of your incidents, so agentic AI workloads become another signal source an analyst can triage rather than a blind spot. (Microsoft Defender for Cloud release notes)
Microsoft Sentinel's UEBA behaviors layer reached general availability this month. The behaviors layer aggregates and sequences high-volume raw logs into normalized, human-readable "behaviors" — so instead of correlating individual AWS CloudTrail or firewall events by hand, an analyst sees something like "Inbound remote management session from external address" mapped to MITRE ATT&CK tactics. It ships with a new behaviors workbook in the UEBA essentials solution with Overview, Investigation, and Hunting views. For shift work this is a faster path from noise to "who did what to whom," and the workbook gives detection engineers prebuilt building blocks rather than a blank canvas. (What's new in Microsoft Sentinel)
AI-assisted playbook generation arrived in Microsoft Sentinel (public preview) this month. The SOAR playbook generator builds Python-based automation workflows through a conversational experience with Cline, an AI coding agent, lowering the barrier to writing response automation. For an intern learning SOAR, it's a way to scaffold a working playbook from a plain-language description and then read and tune the generated logic instead of starting from scratch — useful for turning a repetitive triage step into automation. (What's new in Microsoft Sentinel)
Four identity and Microsoft Graph advanced-hunting tables reached general availability in Defender XDR this month. IdentityAccountInfo (account data from sources including Entra ID, linked to the owning identity), EntraIdSignInEvents (interactive and non-interactive sign-ins), EntraIdSpnSignInEvents (service principal and managed-identity sign-ins), and GraphApiAuditEvents (Microsoft Graph API requests against tenant resources) all move out of preview. For anyone writing KQL, this is a stable foundation for identity hunting — service-principal sign-ins and Graph API calls are exactly where token-theft and consent-abuse activity shows up, and GA means the schema is supported for production detections rather than experimental. (What's new in Microsoft Defender XDR)
Defender for Cloud made SQL simulated alerts generally available on 9 February. Simulated alerts generate realistic SQL threat alerts with full SQL and machine context on Azure VMs or Arc-connected machines, produced locally through a safe script extension with no external payloads and no impact to production. For a SOC it's a way to validate SQL detections, automated-response playbooks, and analyst runbooks end to end without waiting for a real attack — useful for onboarding new hires or proving a detection actually fires before you depend on it. (Microsoft Defender for Cloud release notes)
External authentication methods in Microsoft Entra ID reached general availability, renamed External Multifactor Authentication (External MFA). Organizations can meet MFA requirements while keeping their preferred third-party MFA provider, with Entra ID still the control plane — it runs full policy evaluation, real-time Conditional Access enforcement, and sign-in risk assessment on every sign-in. On shift, that means an external MFA provider no longer means an MFA blind spot: the sign-in risk and CA decisions still flow through Entra where you can see and hunt them. (Microsoft Entra releases and announcements)
Microsoft Authenticator is rolling out jailbreak/root detection for Entra credentials on Android, starting this month. The rollout moves from warning mode to blocking mode; users on jailbroken or rooted devices must move to a compliant device to keep using their Entra accounts in Authenticator. This closes a path where a compromised mobile OS could undermine the MFA method itself — expect a small number of users on rooted devices to hit prompts, and be ready to explain that the block is by design. (Microsoft Entra releases and announcements)
Defender for Office 365 extended Microsoft Teams message reporting to Plan 1 this month. Users on MDO Plan 1 can now report external and intra-org Teams messages — from chats, standard/shared/private channels, and meeting conversations — as a security risk, routed to Microsoft, to your custom reporting mailbox, or both. That puts Teams phish on the same user-reporting rails as email, so suspicious chat messages become submissions an analyst can review rather than screenshots in a side channel. (What's new in Microsoft Defender for Office 365)
Worth knowing
The Defender Monthly news — February 2026 digest (published 3 February, recapping January) is worth a skim. Two items stand out for shift work: AI-powered incident prioritization is now in public preview for all Defender customers, and built-in alert tuning rules automatically handle informational and low-severity noise so the queue reflects real threats. The same post reiterates that managing Microsoft Sentinel in the Azure portal is now sunsetting 31 March 2027 (extended from July 2026); the Defender portal becomes the sole interface, so keep planning your migration. (Microsoft Defender XDR Blog)
The What's new in Microsoft Sentinel: February 2026 recap is the other one to read. Beyond the Copilot connector, it leads with multi-tenant content distribution — you can replicate analytics rules, automation rules, workbooks, and alert-tuning rules across tenants instead of rebuilding the same detections one environment at a time, which matters if you work in an MSSP or a multi-tenant estate. It also flags the shift of data connectors from Azure Function-based to the codeless connector framework (CCF) — SaaS-managed, with built-in health monitoring and centralized credential management — plus partner-built agentic experiences surfacing through the Microsoft Security Store. (What's new in Microsoft Sentinel: February 2026)
No Microsoft Patch Tuesday falls in this window — the February 2026 security updates release on 10 February, one day after this issue closes. If you triage vulnerability work, this is the calm before a heavy month: February's release fixes roughly 58 vulnerabilities including six actively exploited zero-days (three of them publicly disclosed) — CVE-2026-21510 (Windows Shell), CVE-2026-21513 (MSHTML), CVE-2026-21514 (Word), CVE-2026-21519 (Desktop Window Manager EoP), CVE-2026-21525 (RAS Connection Manager DoS), and CVE-2026-21533 (Remote Desktop Services EoP). Pre-stage your patch-verification and hunting plans now rather than scrambling on the 10th. (MSRC Security Update Guide)