Scheer
Scheer
Scheer Wiki

Menu

Wiki

12.08.2020

Security on Azure – Threat Protection

In 2020, technical solutions and cloud security services are among the greatest security challenges concerning the cloud. Available are resources and services secured by design and updated automatically, however. High availability is no longer a complex task and DDoS protection runs by default.

These great advantages notwithstanding, security in the cloud is negatively affected by lack of visibility, rapidly changing workloads and infrastructures, sophisticated attacks and shortages in the security workforce.

A long time ago in a galaxy far, far away

Back in 1983 the great emperor warned: “You will pay the price for your lack of vision!” – and such is our predicament today.

Without visibility and a unified security management system you won’t be able to meet the security challenges of 2020. The risk of becoming compromised is omnipresent: Once under attack, you will no longer be able to provide services for your organization or customers –
and you will pay the price.

To face this challenge, Microsoft Azure provides a powerful, centralized Security Management System for reinforcing your security levels. Let’s take a look at the light side of the Force:
the Azure Security Center.

Azure Security Center

The Azure Security Center is a standard component, or default element, of Azure and provides unified security management and visibility. It identifies and fixes misconfigurations, summarizes the security status of your resources and issues an alert should malicious threats appear. The Center covers protection of resources in the cloud and on-premises, so that you can also protect your hybrid cloud infrastructures.

Another great feature is the management of organization security policies and compliance. You can identify shadow IT resources and monitor compliance and governance over time.

Darstellung Azure

Best practices and recommendations based on your workloads appear on top and afford you the opportunity of optimizing and improving your security. A security droid, so to speak, will be working for you.

In sum, the Azure Security Center provides visibility and analytics. But now you might ask yourself: “Where are the other thread protection elements like hunting, investigation and responding?”

No worries, these features are included – with Azure Sentinel.

Darstellung Azure

Power! Unlimited power!

In the universe of Cloud Computing, on-premises security concepts and technologies became obsolete. At first sight, the changes and new challenges seem stressful and overwhelming. People must be trained and a new mindset must be reached. With these Best Practices, you are prepared to manage the challenges and to perform your first steps to secure the new first line of defense. Microsoft Azure provides a great toolset to reach your goal to protect and manage your identities!

Keep calm and use the force of identity and access management!

Darstellung Azure
Darstellung Azure

Azure Sentinel…

  • collects data at cloud scale (both on-premises and in multiple clouds)
Darstellung Azure
  • detects previously undetected threats
Darstellung Azure
  • employs artificial intelligence to investigate threats
Darstellung Azure
  • rapidly responds to incidents
Darstellung Azure

In sum, Azure sentinel enables you to keep your environment safe. Apart from the Security Center, Azure Sentinel provides additional options for digging deeper and correlating events, logs and actions in order to detect complex attacks.

Consider it as the master of the Security Center – like Yoda for Luke. But only the combination of the two makes the full power available.

Darth Bane

The Rule of Two Two there should be. No more, no less. One to embody power, the other to crave it.

We recommend using Azure Security Center and Azure Sentinel side by side.

Use the Azure Security Center for threat protection of workloads and connect the Center to Azure Sentinel.
Once the two are connected, you’ll be able to combine data with sources in order to perform proactive threat hunting and threat mitigation.

The full power of Threat Protection on Azure will then be unleashed!

Darstellung Azure

Author: Dominic Iselt, IT Security Engineering Expert