Security on Azure – Threat Protection

Azure Security Center and Azure Sentinel

In 2020, technical solutions and cloud security services are among the greatest security challenges concerning the cloud. Available are resources and services secured by design and updated automatically, however. High availability is no longer a complex task and DDoS protection runs by default.

These great advantages notwithstanding, security in the cloud is negatively affected by lack of visibility, rapidly changing workloads and infrastructures, sophisticated attacks and shortages in the security workforce.

A long time ago in a galaxy far, far away

Back in 1983 the great emperor warned: “You will pay the price for your lack of vision!” – and such is our predicament today.

Without visibility and a unified security management system you won’t be able to meet the security challenges of 2020. The risk of becoming compromised is omnipresent: Once under attack, you will no longer be able to provide services for your organization or customers –
and you will pay the price.

To face this challenge, Microsoft Azure provides a powerful, centralized Security Management System for reinforcing your security levels. Let’s take a look at the light side of the Force:
the Azure Security Center.

Azure Security Center

The Azure Security Center is a standard component, or default element, of Azure and provides unified security management and visibility. It identifies and fixes misconfigurations, summarizes the security status of your resources and issues an alert should malicious threats appear. The Center covers protection of resources in the cloud and on-premises, so that you can also protect your hybrid cloud infrastructures.

– Source: Microsoft

Another great feature is the management of organization security policies and compliance. You can identify shadow IT resources and monitor compliance and governance over time.

– Source: Microsoft

Best practices and recommendations based on your workloads appear on top and afford you the opportunity of optimizing and improving your security. A security droid, so to speak, will be working for you.

In sum, the Azure Security Center provides visibility and analytics. But now you might ask yourself: “Where are the other thread protection elements like hunting, investigation and responding?”

No worries, these features are included – with Azure Sentinel.

– Source: Microsoft

Power! Unlimited power!

In the universe of Cloud Computing, on-premises security concepts and technologies became obsolete. At first sight, the changes and new challenges seem stressful and overwhelming. People must be trained and a new mindset must be reached. With these Best Practices, you are prepared to manage the challenges and to perform your first steps to secure the new first line of defense. Microsoft Azure provides a great toolset to reach your goal to protect and manage your identities!

Keep calm and use the force of identity and access management!

azure5

– Source: Microsoft

Azure Sentinel…

  • collects data at cloud scale (both on-premises and in multiple clouds)

– Source: Microsoft

  • detects previously undetected threats)

– Source: Microsoft

  • employs artificial intelligence to investigate threats

– Source: Microsoft

  • rapidly responds to incidents

– Source: Microsoft

In sum, Azure sentinel enables you to keep your environment safe. Apart from the Security Center, Azure Sentinel provides additional options for digging deeper and correlating events, logs and actions in order to detect complex attacks.

Consider it as the master of the Security Center – like Yoda for Luke. But only the combination of the two makes the full power available.

The Rule of Two

Two there should be. No more, no less. One to embody power, the other to crave it.

– Darth Bane

We recommend using Azure Security Center and Azure Sentinel side by side.

Use the Azure Security Center for threat protection of workloads and connect the Center to Azure Sentinel.
Once the two are connected, you’ll be able to combine data with sources in order to perform proactive threat hunting and threat mitigation.

The full power of Threat Protection on Azure will then be unleashed!

– Source: Microsoft

Dominic-Iselt-rund

Dominic Iselt

IT – Security Engineer

Scheer GmbH
Uni Campus Nord
66123 Saarbrücken
Germany

T+49 681 96777 738
Contact

About the author

As a security engineer at Scheer GmbH I work in the Managed Services division of the company. I am responsible for the secure operation of the infrastructure including its strategic development in respect of security organisation and technologies.

My extensive experience gained from working in security related projects and the running of workshops plays a major role in my work. My focus lies in the tasks of developing and implementing security concepts. In this context, I concentrate on cloud security as well as the adherence to and implementation of compliance requirements in the cloud.

Facebook Icon Twitter icon - Logo Xing Icon - Logo Linkedin Logo - Icon Icon von Youtube Contact icon