SlideShare a Scribd company logo

CCI2018 - Azure Security Center - Stato dell’arte e roadmap

W
walk2talk srl

La sicurezza informatica è un tema complesso e articolato, se aggiungiamo ad esso le nuove sfide della cloud pubblica può essere percepita come magia nera. Azure Security Center prova a dare una risposta a questa complessità mettendo a fattor comune la conoscenza maturata da Microsoft nella gestione dei propri servizi, coniugandola con le moderne tecnologie di machine learning e big data. In questa sessione capiremo insieme l’approccio di Azure Security Center (ASC) alla sicurezza delle applicazioni e dei sistemi sia ospitati su Azure sia presso i data center locali. Come è possibile attivare ASC? Quanto mi costa? Quali informazioni sono valutate e come posso essere avvertito se viene rilevata una minaccia o un data breach? Può ASC aiutarmi con la compliance al GDPR? Quali nuove funzionalità verranno rilasciate nei prossimi mesi? Durante la presentazione proveremo a dare risposta a queste e ad altre domande con l’obiettivo di capire se ASC possa essere una soluzione idonea alle esigenze di sicurezza sia sulla cloud sia on-premises. By Daniele Grandini

Technology
1 of 25
SPONSOR
Who am I? Daniele Grandini Technology Director Progel SpA Daniele Grandini daniele.grandini@progel.it Twitter: @DanieleGrandini Microsoft MVP Cloud and DataCenter
Azure Security Center – Stato dell’arte e roadmap Daniele Grandini
Agenda Hybrid IT Security considerations Using Azure Security Center to improve security posture What’s next
Hybrid IT security considerations It’s a tough world out there
IT Security in a hybrid world • Infrastructure increasingly distributed across public clouds and on-premises datacenters • Rapidly changing resources • Old methods (firewall, waf, antimalware, ids, …) are not enough • Old practices are just “old” (see NIST 800- 63B on Digital Identity Guidelines) • Too much noise in suggested remediation (1000 page report on vulnerabilities but no true risk analisys) • Compliance needs and regulations are increasing • ISO 27001 • GDPR • PCI DSS • HIPAA • …
Microsoft security proposition A set of not well integrated technologies (yet) * ATP (Advanced Threat Protection) * Information Protection Azure AD Identity Protection (MFA, conditional access, …) Azure Security Center Cloud App Security Nevertheless a comprehensive and advanced offer
Azure Security Services and Capabilities Network Security • Virtual Network Service Endpoints • DDoS Protection • Network Security Groups • NSG Service Tags • NSG Application Security Groups • NSG Augmented Rules • Global Virtual Network Peering • Azure DNS Private Zones • Site-to-Site VPN • Point-to-Site VPN • ExpressRoute • Azure Virtual Networks • Virtual Network Appliances • Azure Load Balancer • Azure Load Balancer HA Ports • Azure Application Gateway • Azure Firewall • Azure Web Application Firewalls • Service Endpoints
© Microsoft Corporation Secure foundation Physical assets Datacenter operations Cloud infrastructure Microsoft provides built-in controls Virtual machines and networks Apps and workloads Data Cloud security is a shared responsibility
Responsibility zones Data governance & rights management Client endpoints Account access & management Identity & directory infrastructure Application Network controls Virtual Operating System Physical hosts Physical network Physical datacenter PaaSIaaS SaaS On- prem
Using Azure Security Center to improve your security posture Trying to get rid of the mess we’re in
Common scenarios addressed Security posture assessment Threats prioritization and protection Compliance (GDPR, PCI DSS, SOX, HIPAA, …) Security Recommendations exposure
Demo Azure Security Center blade
Azure Security Center Cross platform, cross cloud, modern security assessment and remediation solution Or CWPP (Cloud Workload Protection Platform) Protect against threats Get secure faster Azure Security Center Strengthen security posture Manage organizational security policy and compliance Continuously assess security state Optimize and improve security by configuring recommended controls Detect and block advanced malware and threats for servers Reduce exposure to brute force attacks Protect data services against malicious attacks Automatically discover and onboard Azure resources Extend to server workloads running in other clouds and on-premises datacenter Integrate with existing workflows and tools (SIEM, NG Firewall..)
“Per Gartner” • Agent-based • Server workload protection • Hybrid data center architectures • Physical and virtual machines (VMs) • Multiple public cloud infrastructure as a service (IaaS) • Ideally, container-based too
Export to Excel and Power BI Security Center Architecture IP Geotagging, … Netflow, SQL DB and Storage Logs, … Windows Events, Syslog, CEF, Configurations Threat Detections, Prescriptive Recommendations Security Dashboards Deliver Rapid Insights into Security State Across All Workloads Actionable Security Recommendations Investigation Tools and Log Search Curated, Prioritized Security Alerts Security Dashboards Deliver Rapid Insights into Security State Across All Workloads REST APIs NotificationsAutomation
Securing Compute workloads Data governance & rights management Client endpoints Account access & management Identity & directory infrastructure Application Network controls Virtual Operating System IaaS DATP for Servers, EPP, Updates, config checks, JIT VM access, AAC NSG active & configured, WAF & NGFW, Network map, !SSL usage >>Not covered by Security Center<< Identity recommendations, integration with AAD Identity protection MFA and Access hygiene recommendations Not in scope for Security Center (use WDATP) File Integrity Monitoring, Data classification, Encrypted @ rest
Demo Onboarding, configuring and custom alerts
How to get Azure Security Center Pricing Tiers Basic (Free) Standard Billing Per node / artifacts (~12€ per node per month) Ingested data is included Data is retained for 1 month (up to 2 years with surcharge) FEATURES FREE TIER STANDARD TIER Security policy, assessment, and recommendations Connected partner solutions Security event collection and search Just in time VM Access Adaptive application controls Advanced threat detection Built-in and custom alerts Threat intelligence
What’s next
GA New releases and roadmap  Server EDR with WDATP  Linux threat detection  Organization wide security policies & management groups  Programmatic automation:  Powershell cmdlets  REST APIs  JIT VM Access  Dynamic rule priorities  Adaptive application controls (Windows)  Alerts  Support for “groups for review”  File integrity monitoring  Process investigator- detection of fileless attacks  Azure App services threat detection  Azure Gov  Alerts map  Limited public preview:  Adaptive network hardening  PCI/CIS/ISO/SOC compliance reports  Public preview:  Network map  Secure score IAAS/PAAS  Docker containers on Linux servers  UEBA for Azure resources and identities with Microsoft Cloud App Security  Threat detection for Azure blob storage  Threat detection for Azure PostGresSQL  Threat detection for Azure MySQL Preview
Azure Security Center Cross platform, cross cloud, modern security assessment and remediation solution Or CWPP (Cloud Workload Protection Platform) Protect against threats Get secure faster Azure Security Center Strengthen security posture Manage organizational security policy and compliance Continuously assess security state Optimize and improve security by configuring recommended controls Detect and block advanced malware and threats for servers Reduce exposure to brute force attacks Protect data services against malicious attacks Automatically discover and onboard Azure resources Extend to server workloads running in other clouds and on-premises datacenter Integrate with existing workflows and tools (SIEM, NG Firewall..)
Let the past go and step off into the future

Recommended

Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to Hero
Kasun Rajapakse
 
Azure Sentinel Jan 2021 overview deck
Azure Sentinel Jan 2021 overview deck Azure Sentinel Jan 2021 overview deck
Azure Sentinel Jan 2021 overview deck
Matt Soseman
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model Overview
Alert Logic
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
Allessandra Negri
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinel
arnaudlh
 
Using m365 defender to protect against solorigate
Using m365 defender to protect against solorigateUsing m365 defender to protect against solorigate
Using m365 defender to protect against solorigate
Matt Soseman
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the Cloud
Alert Logic
 
Global Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security CenterGlobal Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security Center
Scott Hoag
 

Recommended

Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to Hero
Kasun Rajapakse
 
Azure Sentinel Jan 2021 overview deck
Azure Sentinel Jan 2021 overview deck Azure Sentinel Jan 2021 overview deck
Azure Sentinel Jan 2021 overview deck
Matt Soseman
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model Overview
Alert Logic
 
Microsoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overviewMicrosoft threat protection + wdatp+ aatp overview
Microsoft threat protection + wdatp+ aatp overview
Allessandra Negri
 
Introduction to Azure Sentinel
Introduction to Azure SentinelIntroduction to Azure Sentinel
Introduction to Azure Sentinel
arnaudlh
 
Using m365 defender to protect against solorigate
Using m365 defender to protect against solorigateUsing m365 defender to protect against solorigate
Using m365 defender to protect against solorigate
Matt Soseman
 
CSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the CloudCSS17: Houston - Introduction to Security in the Cloud
CSS17: Houston - Introduction to Security in the Cloud
Alert Logic
 
Global Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security CenterGlobal Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security Center
Scott Hoag
 
Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
Marius Sandbu
 
Azure Sentinel
Azure SentinelAzure Sentinel
Azure Sentinel
Cheah Eng Soon
 
CSS17: Houston - Stories from the Security Operations Center
CSS17: Houston - Stories from the Security Operations CenterCSS17: Houston - Stories from the Security Operations Center
CSS17: Houston - Stories from the Security Operations Center
Alert Logic
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security Center
Cheah Eng Soon
 
Azure sentinal
Azure sentinalAzure sentinal
Azure sentinal
Allied Consultants
 
CSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsCSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web Apps
Alert Logic
 
Modernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure SentinelModernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure Sentinel
Cheah Eng Soon
 
Importance of Azure infrastructure?-Microsoft Azure security infrastructure
Importance of Azure infrastructure?-Microsoft Azure security infrastructure Importance of Azure infrastructure?-Microsoft Azure security infrastructure
Importance of Azure infrastructure?-Microsoft Azure security infrastructure
Zabeel Institute
 
CSS 17: NYC - Building Secure Solutions in AWS
CSS 17: NYC - Building Secure Solutions in AWSCSS 17: NYC - Building Secure Solutions in AWS
CSS 17: NYC - Building Secure Solutions in AWS
Alert Logic
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel
Mighty Guides, Inc.
 
CSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudCSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the Cloud
Alert Logic
 
Protecting Against Web Attacks
Protecting Against Web AttacksProtecting Against Web Attacks
Protecting Against Web Attacks
Alert Logic
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Alert Logic
 
Threat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure SentinelThreat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure Sentinel
Ashwin Patil, GCIH, GCIA, GCFE
 
Cloud Security Demo
Cloud Security DemoCloud Security Demo
Cloud Security Demo
Cheah Eng Soon
 
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alCss sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Alert Logic
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security Center
Lalit Rawat
 
Data Protection & Shadow IT in a cloud era
Data Protection & Shadow IT in a cloud eraData Protection & Shadow IT in a cloud era
Data Protection & Shadow IT in a cloud era
David De Vos
 
MCAS High Level Architecture May 2021
MCAS High Level Architecture May 2021MCAS High Level Architecture May 2021
MCAS High Level Architecture May 2021
Matt Soseman
 
Azure Sentinel with Office 365
Azure Sentinel with Office 365Azure Sentinel with Office 365
Azure Sentinel with Office 365
Cheah Eng Soon
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security Center
Microsoft
 

More Related Content

What's hot

Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
Marius Sandbu
 
Azure Sentinel
Azure SentinelAzure Sentinel
Azure Sentinel
Cheah Eng Soon
 
CSS17: Houston - Stories from the Security Operations Center
CSS17: Houston - Stories from the Security Operations CenterCSS17: Houston - Stories from the Security Operations Center
CSS17: Houston - Stories from the Security Operations Center
Alert Logic
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security Center
Cheah Eng Soon
 
Azure sentinal
Azure sentinalAzure sentinal
Azure sentinal
Allied Consultants
 
CSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsCSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web Apps
Alert Logic
 
Modernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure SentinelModernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure Sentinel
Cheah Eng Soon
 
Importance of Azure infrastructure?-Microsoft Azure security infrastructure
Importance of Azure infrastructure?-Microsoft Azure security infrastructure Importance of Azure infrastructure?-Microsoft Azure security infrastructure
Importance of Azure infrastructure?-Microsoft Azure security infrastructure
Zabeel Institute
 
CSS 17: NYC - Building Secure Solutions in AWS
CSS 17: NYC - Building Secure Solutions in AWSCSS 17: NYC - Building Secure Solutions in AWS
CSS 17: NYC - Building Secure Solutions in AWS
Alert Logic
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel
Mighty Guides, Inc.
 
CSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudCSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the Cloud
Alert Logic
 
Protecting Against Web Attacks
Protecting Against Web AttacksProtecting Against Web Attacks
Protecting Against Web Attacks
Alert Logic
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Alert Logic
 
Threat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure SentinelThreat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure Sentinel
Ashwin Patil, GCIH, GCIA, GCFE
 
Cloud Security Demo
Cloud Security DemoCloud Security Demo
Cloud Security Demo
Cheah Eng Soon
 
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alCss sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Alert Logic
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security Center
Lalit Rawat
 
Data Protection & Shadow IT in a cloud era
Data Protection & Shadow IT in a cloud eraData Protection & Shadow IT in a cloud era
Data Protection & Shadow IT in a cloud era
David De Vos
 
MCAS High Level Architecture May 2021
MCAS High Level Architecture May 2021MCAS High Level Architecture May 2021
MCAS High Level Architecture May 2021
Matt Soseman
 
Azure Sentinel with Office 365
Azure Sentinel with Office 365Azure Sentinel with Office 365
Azure Sentinel with Office 365
Cheah Eng Soon
 

What's hot (20)

Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
 
Azure Sentinel
Azure SentinelAzure Sentinel
Azure Sentinel
 
CSS17: Houston - Stories from the Security Operations Center
CSS17: Houston - Stories from the Security Operations CenterCSS17: Houston - Stories from the Security Operations Center
CSS17: Houston - Stories from the Security Operations Center
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security Center
 
Azure sentinal
Azure sentinalAzure sentinal
Azure sentinal
 
CSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web AppsCSS17: Houston - Protecting Web Apps
CSS17: Houston - Protecting Web Apps
 
Modernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure SentinelModernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure Sentinel
 
Importance of Azure infrastructure?-Microsoft Azure security infrastructure
Importance of Azure infrastructure?-Microsoft Azure security infrastructure Importance of Azure infrastructure?-Microsoft Azure security infrastructure
Importance of Azure infrastructure?-Microsoft Azure security infrastructure
 
CSS 17: NYC - Building Secure Solutions in AWS
CSS 17: NYC - Building Secure Solutions in AWSCSS 17: NYC - Building Secure Solutions in AWS
CSS 17: NYC - Building Secure Solutions in AWS
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel
 
CSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the CloudCSS17: Atlanta - Realities of Security in the Cloud
CSS17: Atlanta - Realities of Security in the Cloud
 
Protecting Against Web Attacks
Protecting Against Web AttacksProtecting Against Web Attacks
Protecting Against Web Attacks
 
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alCss sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
 
Threat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure SentinelThreat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure Sentinel
 
Cloud Security Demo
Cloud Security DemoCloud Security Demo
Cloud Security Demo
 
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alCss sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security Center
 
Data Protection & Shadow IT in a cloud era
Data Protection & Shadow IT in a cloud eraData Protection & Shadow IT in a cloud era
Data Protection & Shadow IT in a cloud era
 
MCAS High Level Architecture May 2021
MCAS High Level Architecture May 2021MCAS High Level Architecture May 2021
MCAS High Level Architecture May 2021
 
Azure Sentinel with Office 365
Azure Sentinel with Office 365Azure Sentinel with Office 365
Azure Sentinel with Office 365
 

Similar to CCI2018 - Azure Security Center - Stato dell’arte e roadmap

Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security Center
Microsoft
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
Karina Matos
 
Nicholas DiCola | Secure your IT resources with Azure Security Center
Nicholas DiCola | Secure your IT resources with Azure Security CenterNicholas DiCola | Secure your IT resources with Azure Security Center
Nicholas DiCola | Secure your IT resources with Azure Security Center
Microsoft Österreich
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
Microsoft Österreich
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentation
laonap166
 
aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...
aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...
aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...
aOS Community
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
Birendra Negi ☁️
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
Amazon Web Services
 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
Asaf Nakash
 
Overall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docxOverall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docx
karlhennesey
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
GenericName6
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the Cloud
Amazon Web Services
 
Top 10 cloud security tools to adopt in 2024.pdf
Top 10 cloud security tools to adopt in 2024.pdfTop 10 cloud security tools to adopt in 2024.pdf
Top 10 cloud security tools to adopt in 2024.pdf
Sparity1
 
Power of the Cloud - Introduction to Microsoft Azure Security
Power of the Cloud - Introduction to Microsoft Azure SecurityPower of the Cloud - Introduction to Microsoft Azure Security
Power of the Cloud - Introduction to Microsoft Azure Security
Adin Ermie
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security Scaling
Amazon Web Services
 
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
David J Rosenthal
 
FireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the CloudFireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the Cloud
Amazon Web Services
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefing
technext1
 
Elastic Security Brochure
Elastic Security BrochureElastic Security Brochure
Elastic Security Brochure
Joseph DeFever
 

Similar to CCI2018 - Azure Security Center - Stato dell’arte e roadmap (20)

Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security Center
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
Nicholas DiCola | Secure your IT resources with Azure Security Center
Nicholas DiCola | Secure your IT resources with Azure Security CenterNicholas DiCola | Secure your IT resources with Azure Security Center
Nicholas DiCola | Secure your IT resources with Azure Security Center
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentation
 
aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...
aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...
aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
 
Compliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by DesignCompliance in the Cloud Using Security by Design
Compliance in the Cloud Using Security by Design
 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
 
Overall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docxOverall Security Process Review CISC 6621Agend.docx
Overall Security Process Review CISC 6621Agend.docx
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the Cloud
 
Top 10 cloud security tools to adopt in 2024.pdf
Top 10 cloud security tools to adopt in 2024.pdfTop 10 cloud security tools to adopt in 2024.pdf
Top 10 cloud security tools to adopt in 2024.pdf
 
Power of the Cloud - Introduction to Microsoft Azure Security
Power of the Cloud - Introduction to Microsoft Azure SecurityPower of the Cloud - Introduction to Microsoft Azure Security
Power of the Cloud - Introduction to Microsoft Azure Security
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security Scaling
 
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
Foster Employee Engagement and Create a Digital Culture Through Microsoft Mod...
 
FireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the CloudFireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the Cloud
 
Microsoft Platform Security Briefing
Microsoft Platform Security BriefingMicrosoft Platform Security Briefing
Microsoft Platform Security Briefing
 
Elastic Security Brochure
Elastic Security BrochureElastic Security Brochure
Elastic Security Brochure
 

More from walk2talk srl

CCI 2019 - SQL Injection - Black Hat Vs White Hat
CCI 2019 - SQL Injection - Black Hat Vs White HatCCI 2019 - SQL Injection - Black Hat Vs White Hat
CCI 2019 - SQL Injection - Black Hat Vs White Hat
walk2talk srl
 
CCI 2019 - Exploiting Custom Vision SDK in Python to create an efficient imag...
CCI 2019 - Exploiting Custom Vision SDK in Python to create an efficient imag...CCI 2019 - Exploiting Custom Vision SDK in Python to create an efficient imag...
CCI 2019 - Exploiting Custom Vision SDK in Python to create an efficient imag...
walk2talk srl
 
CCI 2019 - Come ottimizzare i propri workload su Azure
CCI 2019 - Come ottimizzare i propri workload su AzureCCI 2019 - Come ottimizzare i propri workload su Azure
CCI 2019 - Come ottimizzare i propri workload su Azure
walk2talk srl
 
CCI 2019 - Exchange 2019 da 0 ad HA in 1 ora
CCI 2019 - Exchange 2019 da 0 ad HA in 1 oraCCI 2019 - Exchange 2019 da 0 ad HA in 1 ora
CCI 2019 - Exchange 2019 da 0 ad HA in 1 ora
walk2talk srl
 
CCI 2019 - PowerApps for Enterprise Developers
CCI 2019 - PowerApps for Enterprise DevelopersCCI 2019 - PowerApps for Enterprise Developers
CCI 2019 - PowerApps for Enterprise Developers
walk2talk srl
 
CCI 2019 - Architettare componenti in SPFx, esperienze sul campo
CCI 2019 - Architettare componenti in SPFx, esperienze sul campoCCI 2019 - Architettare componenti in SPFx, esperienze sul campo
CCI 2019 - Architettare componenti in SPFx, esperienze sul campo
walk2talk srl
 
CCI 2019 - Step by step come attivare un servizio voce in MS Teams
CCI 2019 - Step by step come attivare un servizio voce in MS TeamsCCI 2019 - Step by step come attivare un servizio voce in MS Teams
CCI 2019 - Step by step come attivare un servizio voce in MS Teams
walk2talk srl
 
CCI 2019 - Strumenti Azure per l'Anomaly Detection in ambito Industria 4.0
CCI 2019 - Strumenti Azure per l'Anomaly Detection in ambito Industria 4.0CCI 2019 - Strumenti Azure per l'Anomaly Detection in ambito Industria 4.0
CCI 2019 - Strumenti Azure per l'Anomaly Detection in ambito Industria 4.0
walk2talk srl
 
CCI2019 - I've got the Power! I've got the Shell!
CCI2019 - I've got the Power! I've got the Shell!CCI2019 - I've got the Power! I've got the Shell!
CCI2019 - I've got the Power! I've got the Shell!
walk2talk srl
 
CCI2019 - Sistema di controllo del traffico con architettura Big Data
CCI2019 - Sistema di controllo del traffico con architettura Big DataCCI2019 - Sistema di controllo del traffico con architettura Big Data
CCI2019 - Sistema di controllo del traffico con architettura Big Data
walk2talk srl
 
CCI2019 - Governance di una Conversational AI
CCI2019 - Governance di una Conversational AICCI2019 - Governance di una Conversational AI
CCI2019 - Governance di una Conversational AI
walk2talk srl
 
CCI2019 - SQL Server ed Azure: Disaster Recovery per tutti
CCI2019 - SQL Server ed Azure: Disaster Recovery per tuttiCCI2019 - SQL Server ed Azure: Disaster Recovery per tutti
CCI2019 - SQL Server ed Azure: Disaster Recovery per tutti
walk2talk srl
 
CCI2019 - Reagire agli eventi generati dalla propria infrastruttura con Azure...
CCI2019 - Reagire agli eventi generati dalla propria infrastruttura con Azure...CCI2019 - Reagire agli eventi generati dalla propria infrastruttura con Azure...
CCI2019 - Reagire agli eventi generati dalla propria infrastruttura con Azure...
walk2talk srl
 
CCI2019 - What's new in Remote Desktop Services on Windows Server 2019 and Azure
CCI2019 - What's new in Remote Desktop Services on Windows Server 2019 and AzureCCI2019 - What's new in Remote Desktop Services on Windows Server 2019 and Azure
CCI2019 - What's new in Remote Desktop Services on Windows Server 2019 and Azure
walk2talk srl
 
CCI2019 - Teams Direct Routing e servizi fonia avanzati
CCI2019 - Teams Direct Routing e servizi fonia avanzatiCCI2019 - Teams Direct Routing e servizi fonia avanzati
CCI2019 - Teams Direct Routing e servizi fonia avanzati
walk2talk srl
 
CCI2019 - Microservizi: Idee per un'architettura con al centro l'utente
CCI2019 - Microservizi: Idee per un'architettura con al centro l'utenteCCI2019 - Microservizi: Idee per un'architettura con al centro l'utente
CCI2019 - Microservizi: Idee per un'architettura con al centro l'utente
walk2talk srl
 
CCI2019i - Implementare Azure Multi-Factor Authentication Lettere dal Fronte
CCI2019i - Implementare Azure Multi-Factor Authentication Lettere dal FronteCCI2019i - Implementare Azure Multi-Factor Authentication Lettere dal Fronte
CCI2019i - Implementare Azure Multi-Factor Authentication Lettere dal Fronte
walk2talk srl
 
CCI2019 - Monitorare SQL Server Senza Andare in Bancarotta
CCI2019 - Monitorare SQL Server Senza Andare in BancarottaCCI2019 - Monitorare SQL Server Senza Andare in Bancarotta
CCI2019 - Monitorare SQL Server Senza Andare in Bancarotta
walk2talk srl
 
CCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure NetworkingCCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure Networking
walk2talk srl
 
CCI2019 - Teams e lo Shadow IT
CCI2019 - Teams e lo Shadow ITCCI2019 - Teams e lo Shadow IT
CCI2019 - Teams e lo Shadow IT
walk2talk srl
 

More from walk2talk srl (20)

CCI 2019 - SQL Injection - Black Hat Vs White Hat
CCI 2019 - SQL Injection - Black Hat Vs White HatCCI 2019 - SQL Injection - Black Hat Vs White Hat
CCI 2019 - SQL Injection - Black Hat Vs White Hat
 
CCI 2019 - Exploiting Custom Vision SDK in Python to create an efficient imag...
CCI 2019 - Exploiting Custom Vision SDK in Python to create an efficient imag...CCI 2019 - Exploiting Custom Vision SDK in Python to create an efficient imag...
CCI 2019 - Exploiting Custom Vision SDK in Python to create an efficient imag...
 
CCI 2019 - Come ottimizzare i propri workload su Azure
CCI 2019 - Come ottimizzare i propri workload su AzureCCI 2019 - Come ottimizzare i propri workload su Azure
CCI 2019 - Come ottimizzare i propri workload su Azure
 
CCI 2019 - Exchange 2019 da 0 ad HA in 1 ora
CCI 2019 - Exchange 2019 da 0 ad HA in 1 oraCCI 2019 - Exchange 2019 da 0 ad HA in 1 ora
CCI 2019 - Exchange 2019 da 0 ad HA in 1 ora
 
CCI 2019 - PowerApps for Enterprise Developers
CCI 2019 - PowerApps for Enterprise DevelopersCCI 2019 - PowerApps for Enterprise Developers
CCI 2019 - PowerApps for Enterprise Developers
 
CCI 2019 - Architettare componenti in SPFx, esperienze sul campo
CCI 2019 - Architettare componenti in SPFx, esperienze sul campoCCI 2019 - Architettare componenti in SPFx, esperienze sul campo
CCI 2019 - Architettare componenti in SPFx, esperienze sul campo
 
CCI 2019 - Step by step come attivare un servizio voce in MS Teams
CCI 2019 - Step by step come attivare un servizio voce in MS TeamsCCI 2019 - Step by step come attivare un servizio voce in MS Teams
CCI 2019 - Step by step come attivare un servizio voce in MS Teams
 
CCI 2019 - Strumenti Azure per l'Anomaly Detection in ambito Industria 4.0
CCI 2019 - Strumenti Azure per l'Anomaly Detection in ambito Industria 4.0CCI 2019 - Strumenti Azure per l'Anomaly Detection in ambito Industria 4.0
CCI 2019 - Strumenti Azure per l'Anomaly Detection in ambito Industria 4.0
 
CCI2019 - I've got the Power! I've got the Shell!
CCI2019 - I've got the Power! I've got the Shell!CCI2019 - I've got the Power! I've got the Shell!
CCI2019 - I've got the Power! I've got the Shell!
 
CCI2019 - Sistema di controllo del traffico con architettura Big Data
CCI2019 - Sistema di controllo del traffico con architettura Big DataCCI2019 - Sistema di controllo del traffico con architettura Big Data
CCI2019 - Sistema di controllo del traffico con architettura Big Data
 
CCI2019 - Governance di una Conversational AI
CCI2019 - Governance di una Conversational AICCI2019 - Governance di una Conversational AI
CCI2019 - Governance di una Conversational AI
 
CCI2019 - SQL Server ed Azure: Disaster Recovery per tutti
CCI2019 - SQL Server ed Azure: Disaster Recovery per tuttiCCI2019 - SQL Server ed Azure: Disaster Recovery per tutti
CCI2019 - SQL Server ed Azure: Disaster Recovery per tutti
 
CCI2019 - Reagire agli eventi generati dalla propria infrastruttura con Azure...
CCI2019 - Reagire agli eventi generati dalla propria infrastruttura con Azure...CCI2019 - Reagire agli eventi generati dalla propria infrastruttura con Azure...
CCI2019 - Reagire agli eventi generati dalla propria infrastruttura con Azure...
 
CCI2019 - What's new in Remote Desktop Services on Windows Server 2019 and Azure
CCI2019 - What's new in Remote Desktop Services on Windows Server 2019 and AzureCCI2019 - What's new in Remote Desktop Services on Windows Server 2019 and Azure
CCI2019 - What's new in Remote Desktop Services on Windows Server 2019 and Azure
 
CCI2019 - Teams Direct Routing e servizi fonia avanzati
CCI2019 - Teams Direct Routing e servizi fonia avanzatiCCI2019 - Teams Direct Routing e servizi fonia avanzati
CCI2019 - Teams Direct Routing e servizi fonia avanzati
 
CCI2019 - Microservizi: Idee per un'architettura con al centro l'utente
CCI2019 - Microservizi: Idee per un'architettura con al centro l'utenteCCI2019 - Microservizi: Idee per un'architettura con al centro l'utente
CCI2019 - Microservizi: Idee per un'architettura con al centro l'utente
 
CCI2019i - Implementare Azure Multi-Factor Authentication Lettere dal Fronte
CCI2019i - Implementare Azure Multi-Factor Authentication Lettere dal FronteCCI2019i - Implementare Azure Multi-Factor Authentication Lettere dal Fronte
CCI2019i - Implementare Azure Multi-Factor Authentication Lettere dal Fronte
 
CCI2019 - Monitorare SQL Server Senza Andare in Bancarotta
CCI2019 - Monitorare SQL Server Senza Andare in BancarottaCCI2019 - Monitorare SQL Server Senza Andare in Bancarotta
CCI2019 - Monitorare SQL Server Senza Andare in Bancarotta
 
CCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure NetworkingCCI2019 - Architecting and Implementing Azure Networking
CCI2019 - Architecting and Implementing Azure Networking
 
CCI2019 - Teams e lo Shadow IT
CCI2019 - Teams e lo Shadow ITCCI2019 - Teams e lo Shadow IT
CCI2019 - Teams e lo Shadow IT
 

Recently uploaded

Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Alpen-Adria-Universität
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
SitimaJohn
 
Recommendation System using RAG Architecture
Recommendation System using RAG ArchitectureRecommendation System using RAG Architecture
Recommendation System using RAG Architecture
fredae14
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
Webinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data WarehouseWebinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data Warehouse
Federico Razzoli
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
Mariano Tinti
 
Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
jpupo2018
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
Matthew Sinclair
 

Recently uploaded (20)

Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing InstancesEnergy Efficient Video Encoding for Cloud and Edge Computing Instances
Energy Efficient Video Encoding for Cloud and Edge Computing Instances
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
 
Recommendation System using RAG Architecture
Recommendation System using RAG ArchitectureRecommendation System using RAG Architecture
Recommendation System using RAG Architecture
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
Webinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data WarehouseWebinar: Designing a schema for a Data Warehouse
Webinar: Designing a schema for a Data Warehouse
 
Mariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceXMariano G Tinti - Decoding SpaceX
Mariano G Tinti - Decoding SpaceX
 
Project Management Semester Long Project - Acuity
Project Management Semester Long Project - AcuityProject Management Semester Long Project - Acuity
Project Management Semester Long Project - Acuity
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 202420240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
 

CCI2018 - Azure Security Center - Stato dell’arte e roadmap

  • 1.
  • 3. Who am I? Daniele Grandini Technology Director Progel SpA Daniele Grandini daniele.grandini@progel.it Twitter: @DanieleGrandini Microsoft MVP Cloud and DataCenter
  • 4. Azure Security Center – Stato dell’arte e roadmap Daniele Grandini
  • 5. Agenda Hybrid IT Security considerations Using Azure Security Center to improve security posture What’s next
  • 6. Hybrid IT security considerations It’s a tough world out there
  • 7. IT Security in a hybrid world • Infrastructure increasingly distributed across public clouds and on-premises datacenters • Rapidly changing resources • Old methods (firewall, waf, antimalware, ids, …) are not enough • Old practices are just “old” (see NIST 800- 63B on Digital Identity Guidelines) • Too much noise in suggested remediation (1000 page report on vulnerabilities but no true risk analisys) • Compliance needs and regulations are increasing • ISO 27001 • GDPR • PCI DSS • HIPAA • …
  • 8. Microsoft security proposition A set of not well integrated technologies (yet) * ATP (Advanced Threat Protection) * Information Protection Azure AD Identity Protection (MFA, conditional access, …) Azure Security Center Cloud App Security Nevertheless a comprehensive and advanced offer
  • 9. Azure Security Services and Capabilities Network Security • Virtual Network Service Endpoints • DDoS Protection • Network Security Groups • NSG Service Tags • NSG Application Security Groups • NSG Augmented Rules • Global Virtual Network Peering • Azure DNS Private Zones • Site-to-Site VPN • Point-to-Site VPN • ExpressRoute • Azure Virtual Networks • Virtual Network Appliances • Azure Load Balancer • Azure Load Balancer HA Ports • Azure Application Gateway • Azure Firewall • Azure Web Application Firewalls • Service Endpoints
  • 10. © Microsoft Corporation Secure foundation Physical assets Datacenter operations Cloud infrastructure Microsoft provides built-in controls Virtual machines and networks Apps and workloads Data Cloud security is a shared responsibility
  • 11. Responsibility zones Data governance & rights management Client endpoints Account access & management Identity & directory infrastructure Application Network controls Virtual Operating System Physical hosts Physical network Physical datacenter PaaSIaaS SaaS On- prem
  • 12. Using Azure Security Center to improve your security posture Trying to get rid of the mess we’re in
  • 13. Common scenarios addressed Security posture assessment Threats prioritization and protection Compliance (GDPR, PCI DSS, SOX, HIPAA, …) Security Recommendations exposure
  • 15. Azure Security Center Cross platform, cross cloud, modern security assessment and remediation solution Or CWPP (Cloud Workload Protection Platform) Protect against threats Get secure faster Azure Security Center Strengthen security posture Manage organizational security policy and compliance Continuously assess security state Optimize and improve security by configuring recommended controls Detect and block advanced malware and threats for servers Reduce exposure to brute force attacks Protect data services against malicious attacks Automatically discover and onboard Azure resources Extend to server workloads running in other clouds and on-premises datacenter Integrate with existing workflows and tools (SIEM, NG Firewall..)
  • 16. “Per Gartner” • Agent-based • Server workload protection • Hybrid data center architectures • Physical and virtual machines (VMs) • Multiple public cloud infrastructure as a service (IaaS) • Ideally, container-based too
  • 17. Export to Excel and Power BI Security Center Architecture IP Geotagging, … Netflow, SQL DB and Storage Logs, … Windows Events, Syslog, CEF, Configurations Threat Detections, Prescriptive Recommendations Security Dashboards Deliver Rapid Insights into Security State Across All Workloads Actionable Security Recommendations Investigation Tools and Log Search Curated, Prioritized Security Alerts Security Dashboards Deliver Rapid Insights into Security State Across All Workloads REST APIs NotificationsAutomation
  • 18. Securing Compute workloads Data governance & rights management Client endpoints Account access & management Identity & directory infrastructure Application Network controls Virtual Operating System IaaS DATP for Servers, EPP, Updates, config checks, JIT VM access, AAC NSG active & configured, WAF & NGFW, Network map, !SSL usage >>Not covered by Security Center<< Identity recommendations, integration with AAD Identity protection MFA and Access hygiene recommendations Not in scope for Security Center (use WDATP) File Integrity Monitoring, Data classification, Encrypted @ rest
  • 19.
  • 21. How to get Azure Security Center Pricing Tiers Basic (Free) Standard Billing Per node / artifacts (~12€ per node per month) Ingested data is included Data is retained for 1 month (up to 2 years with surcharge) FEATURES FREE TIER STANDARD TIER Security policy, assessment, and recommendations Connected partner solutions Security event collection and search Just in time VM Access Adaptive application controls Advanced threat detection Built-in and custom alerts Threat intelligence
  • 23. GA New releases and roadmap  Server EDR with WDATP  Linux threat detection  Organization wide security policies & management groups  Programmatic automation:  Powershell cmdlets  REST APIs  JIT VM Access  Dynamic rule priorities  Adaptive application controls (Windows)  Alerts  Support for “groups for review”  File integrity monitoring  Process investigator- detection of fileless attacks  Azure App services threat detection  Azure Gov  Alerts map  Limited public preview:  Adaptive network hardening  PCI/CIS/ISO/SOC compliance reports  Public preview:  Network map  Secure score IAAS/PAAS  Docker containers on Linux servers  UEBA for Azure resources and identities with Microsoft Cloud App Security  Threat detection for Azure blob storage  Threat detection for Azure PostGresSQL  Threat detection for Azure MySQL Preview
  • 24. Azure Security Center Cross platform, cross cloud, modern security assessment and remediation solution Or CWPP (Cloud Workload Protection Platform) Protect against threats Get secure faster Azure Security Center Strengthen security posture Manage organizational security policy and compliance Continuously assess security state Optimize and improve security by configuring recommended controls Detect and block advanced malware and threats for servers Reduce exposure to brute force attacks Protect data services against malicious attacks Automatically discover and onboard Azure resources Extend to server workloads running in other clouds and on-premises datacenter Integrate with existing workflows and tools (SIEM, NG Firewall..)
  • 25. Let the past go and step off into the future

Editor's Notes

  1. Hyperfish intro We are really excited to bring you something great
  2. payment card industry security standards council
  3. UEBA User and Entity Behavior Analysis