Yesterday, Microsoft made the new Azure Security Center available to all of their cloud customers after an active preview period where several Microsoft customers had the opportunity to get a closer look at their security policies and configurations.
The goal of the Azure Security Center is to provide a higher level of visibility on a companies security posture to provide a proactive means to avoid security breaches that can cost a company significant amounts of manpower and money.
According to Sarah Fender, the Principal Program Manager for Azure Cybersecurity, it can take a company over 200 days to even detect a breach.
"At Microsoft, we believe a new approach is required—one that leverages Microsoft’s unique perspective on threat intelligence, which we have gained by operating cloud services at massive scale. Our new approach integrates security into the platform, and incorporates solutions from our partners. We invest more than $1 billion in research and development each year to advance our capabilities in all of those areas.
In Azure, that investment helps us build a solid foundation of physical, network, and operational security. We base our work on industry best practices and demonstrate our capabilities through a broad set of compliance certifications."
Now, with the general release of the Azure Security Center, even more Microsoft cloud customers can take advantage of the tools in the Azure Security Center to be ready for those cybersecurity threats.
Some of the new features include:
- Log integration. A new connector for Azure streamlines the process of getting security data, including Azure Security Center alerts, into security information and event management solutions, such as HP ArcSight, IBM Qradar, Splunk, and others.
- Support for more Azure resource types. Security Center can now more extensively monitor the security of RedHat and many more Linux distros, including system update status, OS configurations, and disk encryption. It can also monitor security health for Cloud Services (Web and Worker Roles) and recommend outdated OS instances be updated.
- Email notifications. Respond to threats more quickly with email notification when a new high severity security alert is detected.
- New detections. Security Center now has improved ability to detect lateral movement, outgoing attacks, and malicious scripts, and researchers are constantly adding new capabilities.
- Security incidents. By using analytics to connect the dots between distinct security alerts, Security Center can now provide a single view of an attack campaign and all of the related alerts so you can quickly understand what actions the attacker took and what resources were impacted.
- REST APIs. For customers who want to integrate with their existing change management or security operations systems, we published REST API documentation.
- Integrated vulnerability assessment. In the coming weeks, customers will be able to deploy vulnerability assessment solutions from partners like Qualys in just a few clicks.
If you are already a Microsoft Azure customer you can get started with the Azure Security Center immediately.
Looking for an awesome, no-nonsense technical conference for IT Pros, Devs, and Devops? Check out IT/Dev Connections!