Microsoft has announced new Azure Security enhancements at their Microsoft Ignite Conference held last November. These new features are designed to help customers with their security, compliance, and identity requirements.
Coverage with platform for community and partners (In Preview)
Use Security Center to receive recommendations not only from Microsoft but also from existing solutions from partners such as Check Point , Tenable and CyberArk with many more integrations coming. Security Center’s simple onboarding flow can connect your existing solutions to Security Center, enabling you to view your security posture recommendations in a single place, run unified reports and leverage all of Security Center’s capabilities against both built-in and partner recommendations. You can also export Security Center recommendations to partner products.
Cloud security posture management enhancement
- Secure score simplified
- Support for custom policies (In Preview)
- Additional regulatory compliance standards (In preview)
- Quick Fix for bulk resources (Generally Available)
Custom Policy support
Many customers have sought to extend their current policy in Azure Security Center’s coverage of security assessments with their own security assessments based on policies that they create in Azure Policy. Microsoft is announcing that Azure Security Center now supports custom policies in preview release. These new policies will be part of the Azure Security Center recommendations experience, secure score, and the regulatory compliance standards dashboard.
“Quick fix” for bulk resources (Generally Available)
Secure score reviews a customer’s security recommendations and prioritizes them, so customers know which recommendations to perform first. With multiple tasks included as part of secure score, effectively remediating issues across a large fleet can be challenging and slow.
Azure Security Center – Enhanced threat protection for your cloud resources
Azure Security Center’s threat protection enables you to detect and prevent threats across a wide variety of services from Infrastructure-as-a-Service (IaaS) layer to Platform-as-a-Service (PaaS) resources in Azure such as IoT and App Service and finally with on-premises virtual machines.
Azure Security Center’s in-depth threat detection findings can be streamlined to Microsoft’s cloud SIEM offering—Azure Sentinel—for investigation, threat hunting, correlation with signals from other security solutions, and overall SOC level management.
Azure Security Center – Advanced data security for SQL Server on Azure
virtual machines (In Preview)
2 new important security enhancement for SQL databases running on IaaS Virtual Machines :
- Vulnerability assessment – is an easy-to-configure service that can discover, track, and help remediate potential database vulnerabilities. It provides visibility into a business’s security posture as part of secure score and includes the steps to resolve security issues and enhance database fortifications.
- Advanced Threat Protection – detects anomalous activities indicating unusual and potentially harmful attempts to access or exploit a customer’s SQL Server. It continuously monitors databases for suspicious activities and provides action-oriented security alerts on anomalous database access patterns. These alerts provide suspicious activity details and recommended actions to investigate and mitigate the threat.
Azure Security Center – Vulnerability assessment (In Preview)
Powered by Qualys. Applications that are installed in virtual machines can be prone to vulnerabilities that could lead to a breach of the virtual machine. We are announcing that the Security Center Standard tier includes built-in vulnerability assessment for virtual machines for no additional fee. The vulnerability assessment, powered by Qualys in the public preview, will allow you to continuously scan all the installed applications in a virtual machine to find vulnerable applications and present findings in the Security Center’s portal’s experience. Security Center takes care of all deployment operations so that no extra work is required from the user.
Azure Security Center – Platform enhancements
- Workflow automation with Azure Logic Apps (Generally Available)
- Enabling advanced integrations with continuous export of Security Center (In Preview)
- Improved reporting for Security Center alerts and recommendations (Public Preview)
- Onboard on-premises servers to Azure Security Center from Windows Admin Center (Generally Available)
- Azure Security Center Community – Centralized GitHub, open for contribution, with additional scripts and content