This document provides an overview of Azure Security Center, which is a service that helps secure hybrid cloud environments. It discusses how Azure Security Center provides improved security across Azure subscriptions by delivering security recommendations, dashboards to monitor security state, and APIs to integrate with other security tools. The presentation includes an agenda that covers why cloud security is needed, how Azure Security Center addresses security as a shared responsibility, and demonstrations of its key capabilities like threat detection, secure score assessments, and recommendations for configuring security controls.

1. Azure Security Center
Zero to Hero
Kasun Rajapakse

2. About Me
MCSA : Cloud Platform, MCSE, MCT, AWS
SAA/Dev/SysOps
Technical Consultant
5+ Experience in Cloud & Server Technology
OMS, SCOM, AWS, Azure & Windows Server
Blog- http://www.allaboutwindowssl.com/
Twitter : @kasunsjc
LinkedIn : http://www.linkedin.com/in/kasunraj

3. Agenda
• Why we need cloud security?
• Use of Azure Security Center for improved security in the cloud
• Demos
• Q & A

4. Cloud security is a shared responsibility
Secure foundation
Physical assets
Datacenter operations
Cloud infrastructure
Microsoft provides built-in controls
Virtual machines and networks
Apps and workloads
Data

5. New Approach to face Hybrid Cloud
• Rapid change in resources
• Increasingly sophisticate attacks
• Security skills are in short supply
• Shadow IT

6. Improving security across hybrid cloud
environments
Protect against threats Get secure faster
Azure Security Center
Strengthen security posture

7. Security Center Architecture
Export to Excel
and Power BI
IP Geotagging, …
Netflow, SQL DB
and Storage Logs, …
Windows Events, Syslog,
CEF, Configurations
Threat Detections, Prescriptive
Recommendations
Security Dashboards
Deliver Rapid Insights into
Security State Across All
Workloads
Actionable Security
Recommendations
Investigation Tools
and Log Search
Curated, Prioritized
Security Alerts
Security Dashboards Deliver
Rapid Insights into Security
State Across All Workloads
REST APIs NotificationsAutomation

8. Review coverage for Azure
Security Center across
different subscriptions
Easily set centralized security
policies across multiple
subscriptions
Track and review policy
compliance and governance
over time
Manage organizational security policy and
compliance

9. Get insights on the security
state across your
infrastructure
Prioritized
recommendations with a
security score
Understand the network
topology and visualize
configurations
Continuously assess and optimize with Secure
Score

10. Apply a secure
configuration standard
with built-in
recommendations
Reduce attack surface by
applying proactive
hygiene measures
Optimize and improve security by configuring
recommended controls

11. DEMO

12. Detect and block advanced malware for
Windows and Linux servers
Detect threats on servers
with behavior analytics
and machine learning
Get Windows server EDR
with the integration of
Windows Defender ATP
Automate application
whitelisting with a ML
based solution

13. Detect threats across services
Detect threats targeting Azure
services such as Azure App
Services, Azure SQL, Storage
services and more
Get Azure UEBA with the
integration of Microsoft Cloud
App Security
Investigate and respond to an
attack with ASC Fusion kill chain
analysis

14. Limit exposure to brute force attacks
Reduce access to VM ports
only when it is needed
with Just-in-Time VM
Access
Access automatically
granted
for selected ports, and for
limited time, approved
users and source IPs

15. Protect data services
Assess potential
vulnerabilities across Azure
SQL and Storage services
Classify and audit access
to sensitive data in Azure
SQL

16. Integrating with security partners
Recommends and streamlines
provisioning of partner
solutions
Integrates signals for centralized
alerting and advanced detection
Enables monitoring and basic
management

17. DEMO