![Page 1: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/1.jpg)
Joe Stocker, CISSP, MCITP, VTSP
Patriot Consulting
![Page 2: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/2.jpg)
2
Principal Systems Architect with 17 Years of experience
Technical certifications: MCSE, MCITP Office 365, CISSP
B.S. Biola University.
Microsoft “Virtual Technology Sales Professional” [email protected]
Twitter: @ITGuySoCal
Blog: www.TheCloudTechnologist.com
LinkedIN: https://www.linkedin.com/in/jstocker101
My Company: www.PatriotConsultingTech.com
Microsoft Cloud Evangelist at Patriot Consulting
![Page 3: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/3.jpg)
Top 10 Security Threats and how Azure Security Solutions can help.
Live demonstration of the newest Microsoft Security technologies:
- Azure AD Identity Protection
- Azure AD Privileged Identity Management
- Azure Information Protection
- Cloud App Discovery
- Azure Security Center
- Advanced Security Management
- Advanced Threat Protection
- OMS Security Suite
![Page 4: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/4.jpg)
![Page 5: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/5.jpg)
![Page 6: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/6.jpg)
Targeting
So
ph
isticatio
n
2003–2004 2005–present 2012–beyond
![Page 7: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/7.jpg)
How do I know what apps
are used in my environment?
Shadow IT
How do I ensure appropriate
access to my cloud apps?
Access control
Visibility/reporting
How do I gain visibility into
cloud apps and usage?
How do I prevent
data leakage?
Data protectionThreat prevention
How do I know if my users
have been breached?
How do I address
regulatory mandates?
Compliance
![Page 8: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/8.jpg)
![Page 9: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/9.jpg)
Security Issue #1
Data breaches
involve weak, default, or stolen passwords.
63%
![Page 10: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/10.jpg)
![Page 11: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/11.jpg)
CLOUD-POWERED PROTECTION
Risk severity calculation
Remediation recommendations
Risk-based conditional access automatically protects against suspicious logins and compromised credentials
Gain insights from a consolidated view of machine learning based threat detection
Leaked credentials
Infected devices Configuration
vulnerabilities Risk-based
policies
MFA Challenge Risky Logins
Block attacks
Change bad credentials
Machine-Learning Engine
Brute force attacks
Suspicious sign-in activities
![Page 12: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/12.jpg)
![Page 13: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/13.jpg)
Security Issue #2
Attackers target global admins
Privileged
Accounts
![Page 14: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/14.jpg)
CLOUD-POWERED PROTECTION
Discover, restrict, and monitor privileged identities
Enforce on-demand, just-in-time administrative access when needed
Provides more visibility through alerts, audit reports and access reviews
Global Administrator
Billing Administrator
Exchange Administrator
User Administrator
Password Administrator
![Page 15: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/15.jpg)
![Page 16: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/16.jpg)
Security Issue #3
Sensitive
files being
leaked
![Page 17: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/17.jpg)
DOCUMENT
TRACKING
DOCUMENT
REVOCATION
Monitor &
respond
LABELINGCLASSIFICATION
Classification
& labeling
ENCRYPTION
Protect
ACCESS
CONTROLPOLICY
ENFORCEMENT
![Page 18: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/18.jpg)
Azure InformationProtection DOCUMENT
TRACKING
DOCUMENT
REVOCATION
Monitor &
respond
LABELINGCLASSIFICATION
Classification
& labeling
ENCRYPTION
Protect
ACCESS
CONTROLPOLICY
ENFORCEMENT
Full Data
Lifecycle
![Page 19: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/19.jpg)
![Page 20: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/20.jpg)
Security Issue #4
Shadow IT
![Page 21: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/21.jpg)
Microsoft Azure Active Directory Cloud app discovery
Source: Help Net Security 2014
as many Cloud apps are in use than IT estimates
• SaaS app category
• Number of users
• Utilization volume
Comprehensivereporting
Discover all SaaS apps in use within your organization
CLOUD-POWERED PROTECTION
![Page 22: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/22.jpg)
![Page 23: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/23.jpg)
Security Issue #5
Spear Phishing
91% of successful data breaches started with a
spear-phishing attack
[Source: Trend Micro]
![Page 24: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/24.jpg)
From: Real CEO’s Full Name [mailto:[email protected]]
Sent: Monday, March 21, 2016 9:53 AM
To: (Unsuspecting End-User – Probably in Accounting
Department) <[email protected]>
Subject: RE: Invoice Payment
Jane,
I need you to process an urgent payment, which needs to go out
today as a same value day payment. Let me know when you are
set to proceed, so i can have the account information forwarded to
you once received.
Awaiting your response.
Regards
Thanks.
![Page 25: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/25.jpg)
![Page 26: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/26.jpg)
![Page 27: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/27.jpg)
![Page 28: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/28.jpg)
Security Issue #6
Detecting
Intrusions
200 days. That’s the average time an attacker goes
undetected.
![Page 29: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/29.jpg)
Gain enhanced visibility and
context into your Office 365
usage and shadow IT – no
agents required.
Identify high-risk and abnormal
usage, security incidents,
and threats
Shape your Office 365
environment with granular
security controls and policies
![Page 30: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/30.jpg)
![Page 31: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/31.jpg)
Security Issue #7
Employee Exits
How do I wipe business data from a personally
owned mobile phone or tablet?
![Page 32: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/32.jpg)
Maximize mobile productivity and protect corporate resources
with Office mobile apps – including multi-identity support
Extend these capabilities to your existing line-of-business
apps using the Intune App Wrapping Tool
Enable secure viewing of content using the Managed Browser,
PDF Viewer, AV Player, and Image Viewer apps
Managed apps
Personal appsPersonal apps
Managed apps
ITUser
Corporate data
Personaldata
Multi-identity policy
![Page 33: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/33.jpg)
![Page 34: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/34.jpg)
Security Issue #8
Conventional
Antivirus is
insufficient10% of viruses get by antivirus “blacklists’
![Page 35: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/35.jpg)
Windows Defender ATP
![Page 36: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/36.jpg)
![Page 37: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/37.jpg)
Security Issue #9
Assume
Breach
There are companies who have been hacked
And companies who don’t know they have been hacked
![Page 38: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/38.jpg)
Advanced Threat Analytics
![Page 39: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/39.jpg)
Microsoft Advanced Threat Analytics
brings the behavioral analytics concept
to IT and the organization’s users.
An on-premises platform to identify advanced security attacks and insider threats before they cause damage
DETECT ATTACKS BEFORE THEY CAUSE DAMAGE
Behavioral
Analytics
Detection of advanced
attacks and security risks
Advanced Threat
Detection
![Page 40: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/40.jpg)
Analyze1
DETECT ATTACKS BEFORE THEY CAUSE DAMAGE
ATA Analyzes all Active
Directory-related traffic and
collects relevant events from
SIEM
ATA Builds the organizational security
graph, detects abnormal behavior,
protocol attacks and weaknesses and
constructs an attack timeline
ATA automatically learns all entities’
behaviors
Learn2 Detect3
![Page 41: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/41.jpg)
Abnormal resource access
Account enumeration
Net Session enumeration
DNS enumeration
SAM-R Enumeration
Abnormal working hours
Brute force using NTLM, Kerberos, or LDAP
Sensitive accounts exposed in plain text authentication
Service accounts exposed in plain text authentication
Honey Token account suspicious activities
Unusual protocol implementation
Malicious Data Protection Private Information (DPAPI) Request
Abnormal authentication requests
Abnormal resource access
Pass-the-Ticket
Pass-the-Hash
Overpass-the-Hash
MS14-068 exploit (Forged PAC)
MS11-013 exploit (Silver PAC)
Skeleton key malware
Golden ticket
Remote execution
Malicious replication requests
Reconnaissance
Compromised
Credential
Lateral
Movement
Privilege
Escalation
Domain
Dominance
![Page 42: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/42.jpg)
Security Issue #10
Privilege
Escalation
Mimikatz… nuff said.
![Page 43: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/43.jpg)
![Page 44: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/44.jpg)
http://www.winbeta.org/news/us-department-defense-move-windows-10-february-2017-upgrading-4-million-seats
![Page 45: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/45.jpg)
Azure Security Center vs OMS
![Page 46: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/46.jpg)
So what’s the difference?
VM's patched, running antivirus, using Network Security Groups, any endpoints without access control lists.
OMS Security is a cloud-based service that enables customers to quickly and easily assess the security posture and detect security threats across hybrid cloud environments
![Page 47: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/47.jpg)
![Page 48: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/48.jpg)
![Page 49: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/49.jpg)
Summary
![Page 50: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/50.jpg)
![Page 51: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/51.jpg)
![Page 52: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/52.jpg)
Security Solution Overview
Secure the Enterprise
Protect your users, devices, and apps
Azure
Information
Protection
Detect problems early with visibility
and threat analytics
ATA
INTUNE
Users
Protect your data, everywhere
AZURE ACTIVE
DIRECTORY
IDENTITY
PROTECTION
Extend enterprise-grade security to your cloud and SaaS apps
Protect application access from identity attacks
MICROSOFT
CLOUD APP
SECURITY
Time Limited Access and Just in Time Activation
Privileged
Identity and
Access Mgmt
Administrators
![Page 53: Joe Stocker, CISSP, MCITP, VTSP Patriot Consultingfiles.meetup.com/18259330/Azure User Group 10-27-2016 San Diego.pdf · Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting. 2 Principal](https://reader030.vdocument.in/reader030/viewer/2022040807/5e4938aa6ab5bc69473af2d6/html5/thumbnails/53.jpg)