SlideShare a Scribd company logo

Azure Security Center

Download as PPTX, PDF
Udaiappa Ramachandran
Udaiappa Ramachandran

Azure Security Center provides security posture management and threat protection for your hybrid cloud workloads. Cloud Security Posture Management includes Policies, initiatives, recommendations, secure scores, and security controls. Cloud Workload Protection protects threats against servers, cloud-native workloads, databases, and storage security alerts and incidents.

1 of 18
Azure Security Center Udaiappa Ramachandran ( Udai ) https://udai.io
About me • Udaiappa Ramachandran ( Udai ) • CTO-Akumina, Inc. • Cloud Expert • Microsoft Azure, Amazon Web Services and Google • New Hampshire Cloud User Group (http://www.meetup.com/nashuaug ) • https://udai.io
Agenda • Introduction • Azure Security Center • Azure Defender • Secure Score • Security Policies • Regulatory Compliance • Security Alerts • Cloud Connectors • Resource Graph • DEMO…DEMO…DEMO… • References
Security/Data Breaches • Adobe • Adult Friend Finder • Ashley Madison • AWS S3 Bucket • Canva • Code Spaces (source code hosting) • Dubsmash • eBay • Equifax • Facebook • Heartland Payment Systems • LinkedIn • Marriott International • My Fitness Pal • MySpace • NetEase • Podesta/Hillary Emails • Sina Weibo • Target • Yahoo • Zynga
Challenges • Threats increasing in volume and sophistication • Attacker business models evolve to maximize attacker return on investment (ROI) • Attack automation and evasion techniques evolving along multiple dimensions • Can’t Stop All Attacks • Must balance investments across prevention, detection, and response • Prevention investments must be focused on real world attacks • Integration is required, but complex and costly • Threat Detection requires context from a diverse signal sources and high volumes of data • Efficient operations requires integration of tools and technology like machine learning • Requires Blend of Human Expertise and Technology • Need human expertise, adaptability, and creativity to combat human threat actors • Difficult to hire people deep expertise, growing skillset takes a long time
Why use Security Center? • Centralized policy management – Ensure compliance with company or regulatory security requirements by centrally managing security policies across all your hybrid cloud workloads. • Continuous security assessment – Monitor the security posture of machines, networks, storage and data services, and applications to discover potential security issues. • Actionable recommendations – Remediate security vulnerabilities before they can be exploited by attackers with prioritized and actionable security recommendations. • Prioritized alerts and incidents - Focus on the most critical threats first with prioritized security alerts and incidents. • Advanced cloud defenses – Reduce threats with just in time access to management ports and adaptive application controls running on your VMs. • Integrated security solutions - Collect, search, and analyze security data from a variety of sources, including connected partner solutions.
Azure Security Center (ASC) • Cloud Security Posture Management • Policies, initiatives and recommendations • Secure Score and security controls • Cloud Workload Protection • Protect threats against Servers, Cloud native workloads, databases and storage • Security alerts and incidents
Security HYGIENE • Software • Code • Third party • Compute & Apps • Network • Data & Storage • Identity
Security Score • Measurement of an organization’s security posture, higher the number lower the risk • Score may fluctuate if no governance on new resource provisioning
Security Policy • Security Policy is the driver for Security Score • Built in set of policies(security controls) automatically assigned on your subscription • The resources are assessed continuously • Each policy is in audit mode and checks for misconfigurations • Customize or Disable policies not relevant to organization
Microsoft Defender (XDR) • M365 Defender • Identities • Endpoints • Apps • E-mail • Cloud Apps • Docs • Azure Defender • SQL • Virtual Machines • Containers • Network • IoT • PaaS Applications (Azure App Services)
Regulatory Compliances • ISO 27001 • PCI DSS 3.2.1 • SOC TSP • NIST SP 800-53 • NIST SP 800 171 • SWIFT CSP CSCF v2020 • UKO and UK NHS • Canada Federal PBMM • HIPAA HITRUST • Azure CIS 1.3.0 • CMMC Level 3 • New Zealand ISM Restricted
Remediation • Manual – Follow the remediation steps • ARM Template • PowerShell • Workflow Automation
Security Alerts • Security alerts • Custom alerts • Thread intelligence • Detected threat types • Threat origin • Threat intelligence map
Continuous Export • Export Types • Security Recommendations • Secure Score • Security alerts • Regulatory compliance • Export frequency • Streaming updates • Snapshots • Export Target • Event Hub • Log Analytics
Cloud Connectors • AWS - Security Hub • https://docs.microsoft.com/en-us/azure/security-center/quickstart-onboard- aws?WT.mc_id=Portal-Microsoft_Azure_Security • GCP - GCP Security Commands • https://docs.microsoft.com/en-us/azure/security-center/quickstart-onboard-gcp
Azure Resource Graph(ARG) - Query • Query ASC Data • Export to CSV • Create Azure Workbook • ARG API
References • http://docs.microsoft.com/en-us/azure/security-center • https://www.youtube.com/playlist?list=PL3ZTgFEc7LysTt_FBVZ1Bw8CyyyPraHGr • https://docs.microsoft.com/en-us/security/cybersecurity-reference- architecture/mcra • https://docs.microsoft.com/en-us/learn/browse • https://azure.microsoft.com/en-us/pricing/details/azure-defender/ • https://docs.microsoft.com/en-us/security/ciso-workshop/ciso-workshop • Git Resources • https://github.com/Azure/Azure-Security-Center • https://github.com/Azure/Azure-Security-Center/tree/main/Workflow%20automation/Notify- ASCRecommendationsAzureResource • https://github.com/Azure/Azure-Security-Center/tree/main/Workflow%20automation/Notify- ResourceExemption

Recommended

Integrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSIntegrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWS
Amazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud
Amazon Web Services
 
Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...
Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...
Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...
Amazon Web Services
 
Azure governance
Azure governanceAzure governance
Azure governance
Udaiappa Ramachandran
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
Amazon Web Services
 
Introduction to DevSecOps on AWS
Introduction to DevSecOps on AWSIntroduction to DevSecOps on AWS
Introduction to DevSecOps on AWS
Amazon Web Services
 
Azure signalr service
Azure signalr serviceAzure signalr service
Azure signalr service
Udaiappa Ramachandran
 
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in PracticeCSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
Alert Logic
 

Recommended

Integrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSIntegrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWS
Amazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud
Amazon Web Services
 
Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...
Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...
Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...
Amazon Web Services
 
Azure governance
Azure governanceAzure governance
Azure governance
Udaiappa Ramachandran
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
Amazon Web Services
 
Introduction to DevSecOps on AWS
Introduction to DevSecOps on AWSIntroduction to DevSecOps on AWS
Introduction to DevSecOps on AWS
Amazon Web Services
 
Azure signalr service
Azure signalr serviceAzure signalr service
Azure signalr service
Udaiappa Ramachandran
 
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in PracticeCSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
Alert Logic
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
Amazon Web Services
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
Amazon Web Services
 
Shared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure CloudShared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure Cloud
Alert Logic
 
AWS Security
AWS Security AWS Security
AWS Security
Magdy El-Faramawy , MBA,PMP,CISA,CM,ITIL
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in Practice
Alert Logic
 
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Amazon Web Services
 
AWS Summit 2014 - Perth - Keynote
AWS Summit 2014 - Perth - KeynoteAWS Summit 2014 - Perth - Keynote
AWS Summit 2014 - Perth - KeynoteAmazon Web Services
 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security
Amazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: Security
Amazon Web Services
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud Security
Alert Logic
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
Alert Logic
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
Amazon Web Services
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
Alert Logic
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
Amazon Web Services
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWS
Amazon Web Services
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in Practice
Alert Logic
 
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
Amazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
Amazon Web Services
 
K8s monitoring with prometheus
K8s monitoring with prometheusK8s monitoring with prometheus
K8s monitoring with prometheus
Kasun Rajapakse
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
Alert Logic
 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
Asaf Nakash
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
Robert Herjavec
 

More Related Content

What's hot

AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
Amazon Web Services
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
Amazon Web Services
 
Shared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure CloudShared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure Cloud
Alert Logic
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in Practice
Alert Logic
 
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Amazon Web Services
 
AWS Summit 2014 - Perth - Keynote
AWS Summit 2014 - Perth - KeynoteAWS Summit 2014 - Perth - Keynote
AWS Summit 2014 - Perth - KeynoteAmazon Web Services
 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security
Amazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: Security
Amazon Web Services
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud Security
Alert Logic
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
Alert Logic
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
Amazon Web Services
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
Alert Logic
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
Amazon Web Services
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWS
Amazon Web Services
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in Practice
Alert Logic
 
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
Amazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
Amazon Web Services
 
K8s monitoring with prometheus
K8s monitoring with prometheusK8s monitoring with prometheus
K8s monitoring with prometheus
Kasun Rajapakse
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
Alert Logic
 

What's hot (20)

AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
 
Shared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure CloudShared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure Cloud
 
AWS Security
AWS Security AWS Security
AWS Security
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in Practice
 
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
 
AWS Summit 2014 - Perth - Keynote
AWS Summit 2014 - Perth - KeynoteAWS Summit 2014 - Perth - Keynote
AWS Summit 2014 - Perth - Keynote
 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: Security
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud Security
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
 
Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWS
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in Practice
 
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
Advanced Techniques for DDoS Mitigation and Web Application Defense | AWS Pub...
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
 
K8s monitoring with prometheus
K8s monitoring with prometheusK8s monitoring with prometheus
K8s monitoring with prometheus
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
 

Similar to Azure Security Center

Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
Asaf Nakash
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
Robert Herjavec
 
AWS Cloud Security
AWS Cloud SecurityAWS Cloud Security
AWS Cloud Security
Amazon Web Services LATAM
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
Microsoft Österreich
 
AWS Cloud Security
AWS Cloud SecurityAWS Cloud Security
AWS Cloud Security
AWS Riyadh User Group
 
TechTalksUtah-Sentinel-20191108.pptx
TechTalksUtah-Sentinel-20191108.pptxTechTalksUtah-Sentinel-20191108.pptx
TechTalksUtah-Sentinel-20191108.pptx
JustineGarcia32
 
Secure the modern Enterprise
Secure the modern EnterpriseSecure the modern Enterprise
Secure the modern Enterprise
Microsoft Österreich
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
Dinusha Kumarasiri
 
Managed SOC on Multi-Cloud-1.pptx
Managed SOC on Multi-Cloud-1.pptxManaged SOC on Multi-Cloud-1.pptx
Managed SOC on Multi-Cloud-1.pptx
mayaz786
 
366864108 azure-security
366864108 azure-security366864108 azure-security
366864108 azure-security
ober64
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
Amazon Web Services
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public Cloud
CloudHesive
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security Center
Cheah Eng Soon
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security Center
Microsoft
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Aujas Cyber Security
Aujas Cyber SecurityAujas Cyber Security
Aujas Cyber Security
VivianMarcello3
 
Microsoft Sentinel- a cloud native SIEM & SOAR.pdf
Microsoft Sentinel- a cloud native SIEM & SOAR.pdfMicrosoft Sentinel- a cloud native SIEM & SOAR.pdf
Microsoft Sentinel- a cloud native SIEM & SOAR.pdf
Kranthi Aragonda
 
Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0
Trupti Shiralkar, CISSP
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
GenericName6
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and Compliance
Vignesh Ganesan I Microsoft MVP
 

Similar to Azure Security Center (20)

Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
 
AWS Cloud Security
AWS Cloud SecurityAWS Cloud Security
AWS Cloud Security
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 
AWS Cloud Security
AWS Cloud SecurityAWS Cloud Security
AWS Cloud Security
 
TechTalksUtah-Sentinel-20191108.pptx
TechTalksUtah-Sentinel-20191108.pptxTechTalksUtah-Sentinel-20191108.pptx
TechTalksUtah-Sentinel-20191108.pptx
 
Secure the modern Enterprise
Secure the modern EnterpriseSecure the modern Enterprise
Secure the modern Enterprise
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Managed SOC on Multi-Cloud-1.pptx
Managed SOC on Multi-Cloud-1.pptxManaged SOC on Multi-Cloud-1.pptx
Managed SOC on Multi-Cloud-1.pptx
 
366864108 azure-security
366864108 azure-security366864108 azure-security
366864108 azure-security
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public Cloud
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security Center
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security Center
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Aujas Cyber Security
Aujas Cyber SecurityAujas Cyber Security
Aujas Cyber Security
 
Microsoft Sentinel- a cloud native SIEM & SOAR.pdf
Microsoft Sentinel- a cloud native SIEM & SOAR.pdfMicrosoft Sentinel- a cloud native SIEM & SOAR.pdf
Microsoft Sentinel- a cloud native SIEM & SOAR.pdf
 
Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
 
Fundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and ComplianceFundamentals of Microsoft 365 Security , Identity and Compliance
Fundamentals of Microsoft 365 Security , Identity and Compliance
 

More from Udaiappa Ramachandran

RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AI
Udaiappa Ramachandran
 
Level up your security using Intune.pptx
Level up your security using Intune.pptxLevel up your security using Intune.pptx
Level up your security using Intune.pptx
Udaiappa Ramachandran
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
Udaiappa Ramachandran
 
AI-Plugins-Planners-Persona-SemanticKernel.pptx
AI-Plugins-Planners-Persona-SemanticKernel.pptxAI-Plugins-Planners-Persona-SemanticKernel.pptx
AI-Plugins-Planners-Persona-SemanticKernel.pptx
Udaiappa Ramachandran
 
DOTNET8.pptx
DOTNET8.pptxDOTNET8.pptx
DOTNET8.pptx
Udaiappa Ramachandran
 
AzureSynapse.pptx
AzureSynapse.pptxAzureSynapse.pptx
AzureSynapse.pptx
Udaiappa Ramachandran
 
Vector Search using OpenAI in Azure Cognitive Search.pptx
Vector Search using OpenAI in Azure Cognitive Search.pptxVector Search using OpenAI in Azure Cognitive Search.pptx
Vector Search using OpenAI in Azure Cognitive Search.pptx
Udaiappa Ramachandran
 
SecureAzureServicesUsingADAuthentication.pptx
SecureAzureServicesUsingADAuthentication.pptxSecureAzureServicesUsingADAuthentication.pptx
SecureAzureServicesUsingADAuthentication.pptx
Udaiappa Ramachandran
 
AzureOpenAI.pptx
AzureOpenAI.pptxAzureOpenAI.pptx
AzureOpenAI.pptx
Udaiappa Ramachandran
 
OpenAI-Copilot-ChatGPT.pptx
OpenAI-Copilot-ChatGPT.pptxOpenAI-Copilot-ChatGPT.pptx
OpenAI-Copilot-ChatGPT.pptx
Udaiappa Ramachandran
 
DiagnoseAndSolveproblems.pptx
DiagnoseAndSolveproblems.pptxDiagnoseAndSolveproblems.pptx
DiagnoseAndSolveproblems.pptx
Udaiappa Ramachandran
 
MAUI.pptx
MAUI.pptxMAUI.pptx
MAUI.pptx
Udaiappa Ramachandran
 
CosmosDB.pptx
CosmosDB.pptxCosmosDB.pptx
CosmosDB.pptx
Udaiappa Ramachandran
 
.NET7.pptx
.NET7.pptx.NET7.pptx
.NET7.pptx
Udaiappa Ramachandran
 
AzureDevOps
AzureDevOpsAzureDevOps
AzureDevOps
Udaiappa Ramachandran
 
AzureCostManagementAndBilling
AzureCostManagementAndBillingAzureCostManagementAndBilling
AzureCostManagementAndBilling
Udaiappa Ramachandran
 
.NET6.pptx
.NET6.pptx.NET6.pptx
.NET6.pptx
Udaiappa Ramachandran
 
Azure Automation and Update Management
Azure Automation and Update ManagementAzure Automation and Update Management
Azure Automation and Update Management
Udaiappa Ramachandran
 
Azure staticwebapps
Azure staticwebappsAzure staticwebapps
Azure staticwebapps
Udaiappa Ramachandran
 
Azure privatelink
Azure privatelinkAzure privatelink
Azure privatelink
Udaiappa Ramachandran
 

More from Udaiappa Ramachandran (20)

RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AI
 
Level up your security using Intune.pptx
Level up your security using Intune.pptxLevel up your security using Intune.pptx
Level up your security using Intune.pptx
 
Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
AI-Plugins-Planners-Persona-SemanticKernel.pptx
AI-Plugins-Planners-Persona-SemanticKernel.pptxAI-Plugins-Planners-Persona-SemanticKernel.pptx
AI-Plugins-Planners-Persona-SemanticKernel.pptx
 
DOTNET8.pptx
DOTNET8.pptxDOTNET8.pptx
DOTNET8.pptx
 
AzureSynapse.pptx
AzureSynapse.pptxAzureSynapse.pptx
AzureSynapse.pptx
 
Vector Search using OpenAI in Azure Cognitive Search.pptx
Vector Search using OpenAI in Azure Cognitive Search.pptxVector Search using OpenAI in Azure Cognitive Search.pptx
Vector Search using OpenAI in Azure Cognitive Search.pptx
 
SecureAzureServicesUsingADAuthentication.pptx
SecureAzureServicesUsingADAuthentication.pptxSecureAzureServicesUsingADAuthentication.pptx
SecureAzureServicesUsingADAuthentication.pptx
 
AzureOpenAI.pptx
AzureOpenAI.pptxAzureOpenAI.pptx
AzureOpenAI.pptx
 
OpenAI-Copilot-ChatGPT.pptx
OpenAI-Copilot-ChatGPT.pptxOpenAI-Copilot-ChatGPT.pptx
OpenAI-Copilot-ChatGPT.pptx
 
DiagnoseAndSolveproblems.pptx
DiagnoseAndSolveproblems.pptxDiagnoseAndSolveproblems.pptx
DiagnoseAndSolveproblems.pptx
 
MAUI.pptx
MAUI.pptxMAUI.pptx
MAUI.pptx
 
CosmosDB.pptx
CosmosDB.pptxCosmosDB.pptx
CosmosDB.pptx
 
.NET7.pptx
.NET7.pptx.NET7.pptx
.NET7.pptx
 
AzureDevOps
AzureDevOpsAzureDevOps
AzureDevOps
 
AzureCostManagementAndBilling
AzureCostManagementAndBillingAzureCostManagementAndBilling
AzureCostManagementAndBilling
 
.NET6.pptx
.NET6.pptx.NET6.pptx
.NET6.pptx
 
Azure Automation and Update Management
Azure Automation and Update ManagementAzure Automation and Update Management
Azure Automation and Update Management
 
Azure staticwebapps
Azure staticwebappsAzure staticwebapps
Azure staticwebapps
 
Azure privatelink
Azure privatelinkAzure privatelink
Azure privatelink
 

Recently uploaded

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 

Recently uploaded (20)

Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 

Azure Security Center

  • 1. Azure Security Center Udaiappa Ramachandran ( Udai ) https://udai.io
  • 2. About me • Udaiappa Ramachandran ( Udai ) • CTO-Akumina, Inc. • Cloud Expert • Microsoft Azure, Amazon Web Services and Google • New Hampshire Cloud User Group (http://www.meetup.com/nashuaug ) • https://udai.io
  • 3. Agenda • Introduction • Azure Security Center • Azure Defender • Secure Score • Security Policies • Regulatory Compliance • Security Alerts • Cloud Connectors • Resource Graph • DEMO…DEMO…DEMO… • References
  • 4. Security/Data Breaches • Adobe • Adult Friend Finder • Ashley Madison • AWS S3 Bucket • Canva • Code Spaces (source code hosting) • Dubsmash • eBay • Equifax • Facebook • Heartland Payment Systems • LinkedIn • Marriott International • My Fitness Pal • MySpace • NetEase • Podesta/Hillary Emails • Sina Weibo • Target • Yahoo • Zynga
  • 5. Challenges • Threats increasing in volume and sophistication • Attacker business models evolve to maximize attacker return on investment (ROI) • Attack automation and evasion techniques evolving along multiple dimensions • Can’t Stop All Attacks • Must balance investments across prevention, detection, and response • Prevention investments must be focused on real world attacks • Integration is required, but complex and costly • Threat Detection requires context from a diverse signal sources and high volumes of data • Efficient operations requires integration of tools and technology like machine learning • Requires Blend of Human Expertise and Technology • Need human expertise, adaptability, and creativity to combat human threat actors • Difficult to hire people deep expertise, growing skillset takes a long time
  • 6. Why use Security Center? • Centralized policy management – Ensure compliance with company or regulatory security requirements by centrally managing security policies across all your hybrid cloud workloads. • Continuous security assessment – Monitor the security posture of machines, networks, storage and data services, and applications to discover potential security issues. • Actionable recommendations – Remediate security vulnerabilities before they can be exploited by attackers with prioritized and actionable security recommendations. • Prioritized alerts and incidents - Focus on the most critical threats first with prioritized security alerts and incidents. • Advanced cloud defenses – Reduce threats with just in time access to management ports and adaptive application controls running on your VMs. • Integrated security solutions - Collect, search, and analyze security data from a variety of sources, including connected partner solutions.
  • 7. Azure Security Center (ASC) • Cloud Security Posture Management • Policies, initiatives and recommendations • Secure Score and security controls • Cloud Workload Protection • Protect threats against Servers, Cloud native workloads, databases and storage • Security alerts and incidents
  • 8. Security HYGIENE • Software • Code • Third party • Compute & Apps • Network • Data & Storage • Identity
  • 9. Security Score • Measurement of an organization’s security posture, higher the number lower the risk • Score may fluctuate if no governance on new resource provisioning
  • 10. Security Policy • Security Policy is the driver for Security Score • Built in set of policies(security controls) automatically assigned on your subscription • The resources are assessed continuously • Each policy is in audit mode and checks for misconfigurations • Customize or Disable policies not relevant to organization
  • 11. Microsoft Defender (XDR) • M365 Defender • Identities • Endpoints • Apps • E-mail • Cloud Apps • Docs • Azure Defender • SQL • Virtual Machines • Containers • Network • IoT • PaaS Applications (Azure App Services)
  • 12. Regulatory Compliances • ISO 27001 • PCI DSS 3.2.1 • SOC TSP • NIST SP 800-53 • NIST SP 800 171 • SWIFT CSP CSCF v2020 • UKO and UK NHS • Canada Federal PBMM • HIPAA HITRUST • Azure CIS 1.3.0 • CMMC Level 3 • New Zealand ISM Restricted
  • 13. Remediation • Manual – Follow the remediation steps • ARM Template • PowerShell • Workflow Automation
  • 14. Security Alerts • Security alerts • Custom alerts • Thread intelligence • Detected threat types • Threat origin • Threat intelligence map
  • 15. Continuous Export • Export Types • Security Recommendations • Secure Score • Security alerts • Regulatory compliance • Export frequency • Streaming updates • Snapshots • Export Target • Event Hub • Log Analytics
  • 16. Cloud Connectors • AWS - Security Hub • https://docs.microsoft.com/en-us/azure/security-center/quickstart-onboard- aws?WT.mc_id=Portal-Microsoft_Azure_Security • GCP - GCP Security Commands • https://docs.microsoft.com/en-us/azure/security-center/quickstart-onboard-gcp
  • 17. Azure Resource Graph(ARG) - Query • Query ASC Data • Export to CSV • Create Azure Workbook • ARG API
  • 18. References • http://docs.microsoft.com/en-us/azure/security-center • https://www.youtube.com/playlist?list=PL3ZTgFEc7LysTt_FBVZ1Bw8CyyyPraHGr • https://docs.microsoft.com/en-us/security/cybersecurity-reference- architecture/mcra • https://docs.microsoft.com/en-us/learn/browse • https://azure.microsoft.com/en-us/pricing/details/azure-defender/ • https://docs.microsoft.com/en-us/security/ciso-workshop/ciso-workshop • Git Resources • https://github.com/Azure/Azure-Security-Center • https://github.com/Azure/Azure-Security-Center/tree/main/Workflow%20automation/Notify- ASCRecommendationsAzureResource • https://github.com/Azure/Azure-Security-Center/tree/main/Workflow%20automation/Notify- ResourceExemption

Editor's Notes

  1. AWS BUCKETS - https://www.scmagazine.com/contractor-misconfigures-aws-exposes-data-of-50000-australian-employees/article/704873/ AWS BUCKETS - https://www.tripwire.com/state-of-security/featured/preventing-yet-another-aws-s3-storage-breach-with-tripwire/ PODESTA / HILLARY - https://en.wikipedia.org/wiki/Podesta_emails OPM - https://en.wikipedia.org/wiki/Office_of_Personnel_Management_data_breach TARGET - https://krebsonsecurity.com/2014/02/target-hackers-broke-in-via-hvac-company/ ASHLEY MADISON – ENUMERATION ATTACK Other Breaches Source: https://www.csoonline.com/article/2130877/the-biggest-data-breaches-of-the-21st-century.html Thread Landscape 90+ million cyber incidents 4+ million cost per breach 400+ billion loss from cyber attacks
  2. Rapidly changing resource Increasingly sophisticated attacks Security skills are in short supply Security hygiene is important https://outpost24.com/Press-Release-37-of-organisations-have-suffered-a-cyberattack-on-cloud-environments-due-to-the-lack-of-basic-cloud-security-hygiene https://blog.automox.com/bad-cyber-hygiene-breaches-tied-to-unpatched-vulnerabilities
  3. https://www.youtube.com/watch?v=p_yCOAhgSQk https://techcommunity.microsoft.com/t5/azure-sentinel/integrating-azure-security-center-with-azure-sentinel/ba-p/482847
  4. https://www.youtube.com/watch?v=p_yCOAhgSQk
  5. https://www.youtube.com/watch?v=p_yCOAhgSQk
  6. XDR-Extended Detection and Response DMZ=Demilitarized Zone DVR=Digital Video Recorder CVE=Common Vulnerabilities and Exposures CVSS=Common Vulnerability Scoring System
  7. ISO=International Organization for Standardization PCI=Payment Card Industry SOC TSP=Service Organization Controls Trust Service Criteria(Principles) NIST=National Institute of Standards and Technology CIS=Center for Internet Security CMMC=Cybersecurity Maturity Model Certification NZISM=New Zealand Information Security Manual HIPAA=The Health Insurance Portability and Accountability Act of 1996
  8. Determine the nature of the attack. Determine the attack point of origin. Determine the intent of the attack. Was the attack directed at your organization to acquire specific information, or was it random? Identify the systems that were compromised. Identify the files that were accessed and determine the sensitivity of those files.
  9. securityresources | where * contains 'Diagnostic logs should be enabled in App service' | where properties.status.code has 'unhealthy' securityresources | where * contains 'Azure Cosmos DB accounts should have firewall rules' | where properties.status.code has 'unhealthy'
  10. Privileged identity management –PIM, just in time administration MAM, MDM – Mobile application management , mobile device management https://aka.ms/ops101-learn https://aka.ms/ops101-blog https://aka.ms/ops101-docs https://docs.microsoft.com/en-us/security/ciso-workshop/ciso-workshop https://channel9.msdn.com/Shows/IT-Ops-Talk/OPS101-Securing-your-Hybrid-environment-Part-1-Azure-Security-Center https://channel9.msdn.com/Shows/IT-Ops-Talk/OPS103-Securing-your-Hybrid-environment--Part-2-Azure-Sentinel https://github.com/Azure/Azure-Security-Center https://github.com/Azure/Azure-Security-Center/tree/main/Workflow%20automation/Notify-ASCRecommendationsAzureResource https://github.com/Azure/Azure-Security-Center/tree/main/Workflow%20automation/Notify-ResourceExemption https://techcommunity.microsoft.com/t5/azure-security-center/how-to-keep-track-of-resource-exemptions-in-azure-security/ba-p/1770580 https://techcommunity.microsoft.com/t5/azure-security-center/send-asc-recommendations-to-azure-resource-stakeholders/ba-p/1216663 https://techcommunity.microsoft.com/t5/azure-security-center/creating-a-custom-dashboard-for-azure-security-center-with-azure/ba-p/1518647