nicholas dicola | secure your it resources with azure security center
TRANSCRIPT
Secure your IT resources with Azure Security Center
Nicholas DiColaPrincipal Program Manager
http://aka.ms/MSFTSecDay2017WS2.3
StorageComputeIdentity Networking
90%
1: Rightscale: 2017 State of Cloud Survey http://www.rightscale.com/blog/cloud-industry-insights/cloud-computing-trends-2017-state-cloud-survey#hybrid-cloud
of Fortune 500 use
Microsoft Cloud
Cloud
StorageComputeIdentity Networking
cloud
>67%
1: Rightscale: 2017 State of Cloud Survey http://www.rightscale.com/blog/cloud-industry-insights/cloud-computing-trends-2017-state-cloud-survey#hybrid-cloud
Enterprises adopting
hybrid cloud in 20171
On-premises and
Hybrid cloud requires a new approach for security
Distributed infrastructure
Need better visibility and control
Rapidly changing cloud resources
Require solutions that keep pace with speed and agility of cloud
Increasingly sophisticated threats
Leverage analytics and threat intelligence to detect threats quickly
Dynamically discover and manage the
security of your hybrid cloud workloads in
a single cloud-based console
Built-in Azure, no setup required
Automatically discover and monitor security of Azure resources
Gain insights for hybrid resources
Easily onboard resources running in other clouds and on-premises
Central policy management
Define a security policy for each subscription in Security Center
Apply across multiple subscriptions using Azure Management Groups
Quickly identify list of notable events that require your attention
Out of the box notable events in dashboard or create custom queries
Search and analyze security data using a flexible query language
Use built-in or custom queries with Log Analytics search
Integrated partners
Connected security solutions running in Azure, e.g. firewalls and antimalware solutions
Microsoft security
Azure Active Directory Information Protection
Advanced Threat Analytics
Many others
Any security solution that supports Common Event Format (CEF)
Enable actionable, adaptive protections
that identify and mitigate risk to reduce
exposure to attacks
Continuous assessment of machines, networks, and Azure services
Hundreds of built-in security assessments, or create your own
Fix vulnerabilities quickly
Prioritized, actionable security recommendations
Lock down ports on virtual machines
Enable just-in-time access to virtual machines
Access automatically granted for limited time
Allow safe applications only
Adaptive whitelisting learns application patterns
Simplified management with recommended whitelists
Use advanced analytics and Microsoft Intelligent
Security Graph to rapidly detect and respond to
evolving cyber threats
Built-in intelligence and advanced analytics
Powered by Microsoft Intelligent Security Graph
Detect threats across the kill chain
Get prioritized security alerts
Details about detected threats and recommendations
Detect threats across the kill chain
Alerts that conform to kill chain patterns are fused into a single incident
Visualize source of attacks with interactive map
Analyzes data from your computers and firewalls logs
Gain insights through threat reports
Attacker’s known objectives, tactics, and techniques
Quickly assess the scope and impact of an attack
Interactive experience to explore links across alerts, computers and users
Use predefined or ad hoc queries for deeper examination
Automate and orchestrate common security workflows
Create playbooks with integration of Azure Logic Apps
Trigger workflows from any alert to enable conditional actions
MONISH DARDA
Co-founder and Chief Technology Officer
ICERTIS
“The prospect of having a single
dashboard where we can prevent,
detect, and respond to threats with
increased visibility and control
over our resources was very exciting…
Today, our operations team saves at
least 30 percent of its time by using
Azure Security Center.”
“We get consistent levels of infrastructure
security with Azure because we can
leverage a wealth of security technologies
that Microsoft is constantly improving.
We also have fewer endpoints to
manage. We use Azure Security Center to
monitor our environment, and with it we
can be much more responsive when
threats are identified.”
HAROLD GROOTHEDDE
Technology Solutions Director
COATS
To learn more, visit azure.microsoft.com/en-us/services/security-center/
Use Security Center to manage security for
Azure resources
Get advanced threat protection with Security
Center standard
Onboard on-premises and other cloud
workloads
Azure Security Center
Dynamically discover and manage the security of your hybrid cloud workloads in a single cloud-based console
Unified visibility and control
Enable actionable, adaptive protections that identify and mitigate risk to reduce exposure to attacks
Adaptive threat prevention
Use advanced analytics and Microsoft Intelligent Security Graph to rapidly detect and respond to evolving cyber threats
Intelligent detection and response
Thank you
FEATURESFREE (AZURE RESOURCES ONLY)
STANDARD(HYBRID INCL. AZURE)
Security policy, assessment, and recommendations
Connected partner solutions
Security event collection and search --
Just-in-time VM Access --
Adaptive application controls --
Advanced threat detection for networks, VMs/servers, and Azure services --
Built-in and custom alerts --
Threat intelligence --
Included data Not applicable 500 MB per day1
Price Free $15 / node / month
1:The daily included data allocation is pooled across nodes. For example, if there are 10 nodes connected to the service, then the total ‘included data’ allocation is 5,000 MB per day.
Security Dashboards
Deliver Rapid Insights into
Security State Across All
Workloads
API