SlideShare a Scribd company logo

Integrating OMS and Azure Security Center for Enhanced Cloud Security

M
MaryJWilliams2

Explore the synergy between Operations Management Suite (OMS) and Azure Security Center in this comprehensive guide designed for IT professionals and cloud administrators. Learn how to leverage the combined power of OMS's log analytics and Azure Security Center's enhanced security posture management to monitor, detect, and respond to threats in real-time across your Azure and hybrid environments. To Know more: https://stonefly.com/white-papers/demonstration-of-oms-and-azure-security/

Technology
1 of 10
Download to read offline
A DEMONSTRATION OF OMS AND AZURE SECURITY CENTER © 2023 StoneFly, Inc. | All rights reserved.
Security in the Cloud OMS Demonstration How many of you have a centralized pane of glass that tell you, you have malicious traffic attacks, you have identity and access information that is there? You have computers with security updates that are missing?. Do you have all of this in a centralized pane of glass? Or do you have different tools that you use to find out what’s what? Those are the benefits that you have with Microsoft’s Operations Management Suite (OMS). We are going to jump right into a demo, and we are going to go right into Microsoft’s OMS (Operations Management Suit). Operations Management Suite (OMS) Inside of here you have different assessments and analysis that are running for your organization. Now, because you are using this primarily for cloud services, you can see that you have preventions and things like that, that are here to assess your environment. But you also see that you have had a brute force attack. Page 1
Security in the Cloud OMS Demonstration So, you can see that we have a brute force attack, and we also have double extension files being executed and things like that. So, you have your systems being attacked at your organization. Now, if we look at the process of how to diagnose, assess, and things like that, this system, or this platform, is already starting to diagnose intelligently in the background across all these different assessments that you see here. So, you have your malware assessment that is running, you have an update assessment that is running, you have network security and distinct IP address assessment that is running. You also have a threat intelligence assessment that is running. This is where it is going to start to say, here are the malicious IPs in your organization, here is where they are coming from, here is where you are, and here is where somebody else is actually controlling your server and that is where we see the malicious IP coming from. We will walk through this a little bit more in depth. What To Do Once You Are Breached? Now that you have been breached, you see that there is a brute force at- tack or you see that there is a double extension on file. You have to click into the attack link to find out what is going on, and what server has been compromised and where things are happening. So, you can clearly see that you have a domain controller that has been compromised. What happens when a domain controller is compromised? Or is starting to have brute force attacks on it? They take control of your entire environment. Right now it is a warning, but before it becomes compromised, let us go ahead and fix this. Page 2
Security in the Cloud OMS Demonstration How Can You Fix It? What you are going to do here is look at your query and your search results where it tells you the type of alert and the severity. You want to go ahead and setup an alert for your entire security team or for your IT team or for your help desk team. This allows them to know what is happening to your organization so that they can start to remediate it. So, you have to click up at the “Alert” tap and you are going to add a Page 3
Security in the Cloud OMS Demonstration roll. Then you are going to say, ”We have a brute force attack in play” in the Name box. Insert in the severity of the attack, then the description and the time window (How often do I want this to run?). So for example you want this to run every five minutes, or every two minutes, or wherever you want that to be. You want the threshold to be greater than zero. So, even if it happens once where you are being brute forced attacked and it is starting to hit the system significantly, it lets you know. You also want to setup an email notification, and this is where you would put your distribution list of your help desk, of your security team, of your server team, etc. under ”Recipients”. Next you would put in a Webhook and a Webhook can be used for things like Slack or ServiceNow if you have a help desk. Webhook will translate and open up an incident, or open up a security incident within your ITSM solution. What that means is any time you have this as a security incident, it is recorded and if there is a change that is executed against it that goes through your change management and service request process. So, you actually have something that goes and tracks this as a postmortem closed process as well. Once you have that, then you can also execute a Runbook behind it. Now this Runbook would give you the automation to go ahead and fix the issue. Now you have the ability to execute this in Azure only or to execute this on-premise as well with your hybrid worker. In this demo we are going to execute this across environments with a hybrid worker. Now in your ”Service Desk Actions”, what this is going to do is give you a connection to your ServiceNow or your ITSM based solution that will automatically open up an incident for you. Page 4
Security in the Cloud OMS Demonstration So you choose a ”Work Item” and you will choose a security incident. And as you choose a security incident, you will say hey, how did you find out about this in the ”Contact Type”. You will select ”the impact, the risk, the severity, the priority and the category”. This is exactly what has happened, is that confidential personal data loss, or was it a policy violation, was it a rogue server or service, things like that. That is when you would go ahead and save this. Once you save it, it now will tell you any time that there is a brute force attack that is happening from that environment, you will get a notification on it. Now, the other thing that you also have is the ability to go ahead and look at ”threat intelligence”. So as you are detecting, and as you are going through your organization, you want to know where malicious traffic events are. So you are looking at malicious traffic events, and you can see that there are five botnets that are sitting within your organization, that are coming from China. Let’s See How This is Happening You can see the computer. So, your SharePoint web front end has been compromised. You can see your local IP, the malicious IP that is controlling it and then the member of the botnet. You have the ability to set up a rule on this as well, and then export that to see where things are coming from. The idea is for you to be able to take different sources of information from your Security and Audit. Page 5
Security in the Cloud OMS Demonstration Page 6
Security in the Cloud OMS Demonstration Page 7
Security in the Cloud OMS Demonstration Generally, most environments have separate disparate systems that don’t have log analytics across the board. This is what gives you that capability to centralize a lot of those things that you are having multiple people look at, multiple very smart people look at, from different sources of technology. It is actually combining that for you so that you have a single common pane of glass. So that’s the idea. Azure Security Center In Azure Security Center, you have the ability to turn on security monitoring for every single one of your virtual machines, your storage accounts, your databases, whatever you have. And that will start to tell you, hey, your disk is not encrypted, so go ahead and take this remediation action. The other thing that you have in Azure Security Center is you also have the ability to use third party technologies that are integrated for more protection or for a remediation of a solution that you have. Those are the things that you have with Operations Management Suite and Azure Security Center combined. Page 8
www.stonefly.com 2865, 2869 and 2879 Grove Way, Castro Valley, CA 94546 USA. +1 (510) 265-1616

Recommended

SELJE - VFP and IT Security.pdf
SELJE - VFP and IT Security.pdfSELJE - VFP and IT Security.pdf
SELJE - VFP and IT Security.pdfEric Selje
 
Analytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopAnalytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopSplunk
 
How to implement cloud computing security
How to implement cloud computing securityHow to implement cloud computing security
How to implement cloud computing securityRandall Spence
 
Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)Hackfest Communication
 
Elastix network security guide
Elastix network security guideElastix network security guide
Elastix network security guideCristian Calderon
 
How To Secure Online Activities
How To Secure Online ActivitiesHow To Secure Online Activities
How To Secure Online Activities- Mark - Fullbright
 
CMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxCMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxmccormicknadine86
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinSplunk
 

Recommended

SELJE - VFP and IT Security.pdf
SELJE - VFP and IT Security.pdfSELJE - VFP and IT Security.pdf
SELJE - VFP and IT Security.pdfEric Selje
 
Analytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopAnalytics Driven SIEM Workshop
Analytics Driven SIEM WorkshopSplunk
 
How to implement cloud computing security
How to implement cloud computing securityHow to implement cloud computing security
How to implement cloud computing securityRandall Spence
 
Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)Broken by design (Danny Fullerton)
Broken by design (Danny Fullerton)Hackfest Communication
 
Elastix network security guide
Elastix network security guideElastix network security guide
Elastix network security guideCristian Calderon
 
How To Secure Online Activities
How To Secure Online ActivitiesHow To Secure Online Activities
How To Secure Online Activities- Mark - Fullbright
 
CMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxCMST&210 Pillow talk Position 1 Why do you think you may.docx
CMST&210 Pillow talk Position 1 Why do you think you may.docxmccormicknadine86
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinHands on Security, Disrupting the Kill Chain, SplunkLive! Austin
Hands on Security, Disrupting the Kill Chain, SplunkLive! AustinSplunk
 
10 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 202310 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 2023SofiaCarter4
 
Security Hands-On - Splunklive! Houston
Security Hands-On - Splunklive! HoustonSecurity Hands-On - Splunklive! Houston
Security Hands-On - Splunklive! HoustonSplunk
 
Real-time fallacy: how real-time your security really is?
Real-time fallacy: how real-time your security really is?Real-time fallacy: how real-time your security really is?
Real-time fallacy: how real-time your security really is?Anton Chuvakin
 
Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?SOCVault
 
Audit logs for Security and Compliance
Audit logs for Security and ComplianceAudit logs for Security and Compliance
Audit logs for Security and ComplianceAnton Chuvakin
 
Cyb 610 Your world/newtonhelp.com
Cyb 610 Your world/newtonhelp.comCyb 610 Your world/newtonhelp.com
Cyb 610 Your world/newtonhelp.comamaranthbeg95
 
Cyb 610 Motivated Minds/newtonhelp.com
Cyb 610 Motivated Minds/newtonhelp.comCyb 610 Motivated Minds/newtonhelp.com
Cyb 610 Motivated Minds/newtonhelp.comamaranthbeg55
 
Running Head MALWARE1MALWARE2MalwareName.docx
Running Head MALWARE1MALWARE2MalwareName.docxRunning Head MALWARE1MALWARE2MalwareName.docx
Running Head MALWARE1MALWARE2MalwareName.docxcowinhelen
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices Cloudride LTD
 
The Ultimate Guide For Cloud Penetration Testing.pdf
The Ultimate Guide For Cloud Penetration Testing.pdfThe Ultimate Guide For Cloud Penetration Testing.pdf
The Ultimate Guide For Cloud Penetration Testing.pdfCraw Cyber Security
 
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITERUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITEAcodez IT Solutions
 
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESCOMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESIJNSA Journal
 
BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...Dana Gardner
 
SCGOV Report
SCGOV ReportSCGOV Report
SCGOV ReportColin Harvey
 
2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOKBoris Loukanov
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threatsKishore Kumar
 
How to recover from your next data breach
How to recover from your next data breachHow to recover from your next data breach
How to recover from your next data breachSILO Compliance Systems
 
Alienvault how to build a security operations center (on a budget) (2017, a...
Alienvault how to build a security operations center (on a budget) (2017, a...Alienvault how to build a security operations center (on a budget) (2017, a...
Alienvault how to build a security operations center (on a budget) (2017, a...Asep Syihabuddin
 
Erasure Coding: Revolutionizing Data Durability and Storage Efficiency
Erasure Coding: Revolutionizing Data Durability and Storage EfficiencyErasure Coding: Revolutionizing Data Durability and Storage Efficiency
Erasure Coding: Revolutionizing Data Durability and Storage EfficiencyMaryJWilliams2
 
Efficient Backup and Archiving with StoneFly Smart Cloud Gateway in a Hybrid ...
Efficient Backup and Archiving with StoneFly Smart Cloud Gateway in a Hybrid ...Efficient Backup and Archiving with StoneFly Smart Cloud Gateway in a Hybrid ...
Efficient Backup and Archiving with StoneFly Smart Cloud Gateway in a Hybrid ...MaryJWilliams2
 
Maximizing Cloud Security and Efficiency: A Guide to Integrating OMS and Azur...
Maximizing Cloud Security and Efficiency: A Guide to Integrating OMS and Azur...Maximizing Cloud Security and Efficiency: A Guide to Integrating OMS and Azur...
Maximizing Cloud Security and Efficiency: A Guide to Integrating OMS and Azur...MaryJWilliams2
 
Unlocking Efficiency: Exploring Change Block Tracking in Data Management
Unlocking Efficiency: Exploring Change Block Tracking in Data ManagementUnlocking Efficiency: Exploring Change Block Tracking in Data Management
Unlocking Efficiency: Exploring Change Block Tracking in Data ManagementMaryJWilliams2
 

More Related Content

Similar to Integrating OMS and Azure Security Center for Enhanced Cloud Security

10 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 202310 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 2023SofiaCarter4
 
Security Hands-On - Splunklive! Houston
Security Hands-On - Splunklive! HoustonSecurity Hands-On - Splunklive! Houston
Security Hands-On - Splunklive! HoustonSplunk
 
Real-time fallacy: how real-time your security really is?
Real-time fallacy: how real-time your security really is?Real-time fallacy: how real-time your security really is?
Real-time fallacy: how real-time your security really is?Anton Chuvakin
 
Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?SOCVault
 
Audit logs for Security and Compliance
Audit logs for Security and ComplianceAudit logs for Security and Compliance
Audit logs for Security and ComplianceAnton Chuvakin
 
Cyb 610 Your world/newtonhelp.com
Cyb 610 Your world/newtonhelp.comCyb 610 Your world/newtonhelp.com
Cyb 610 Your world/newtonhelp.comamaranthbeg95
 
Cyb 610 Motivated Minds/newtonhelp.com
Cyb 610 Motivated Minds/newtonhelp.comCyb 610 Motivated Minds/newtonhelp.com
Cyb 610 Motivated Minds/newtonhelp.comamaranthbeg55
 
Running Head MALWARE1MALWARE2MalwareName.docx
Running Head MALWARE1MALWARE2MalwareName.docxRunning Head MALWARE1MALWARE2MalwareName.docx
Running Head MALWARE1MALWARE2MalwareName.docxcowinhelen
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices Cloudride LTD
 
The Ultimate Guide For Cloud Penetration Testing.pdf
The Ultimate Guide For Cloud Penetration Testing.pdfThe Ultimate Guide For Cloud Penetration Testing.pdf
The Ultimate Guide For Cloud Penetration Testing.pdfCraw Cyber Security
 
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITERUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITEAcodez IT Solutions
 
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESCOMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESIJNSA Journal
 
BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...Dana Gardner
 
2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOKBoris Loukanov
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threatsKishore Kumar
 
How to recover from your next data breach
How to recover from your next data breachHow to recover from your next data breach
How to recover from your next data breachSILO Compliance Systems
 
Alienvault how to build a security operations center (on a budget) (2017, a...
Alienvault how to build a security operations center (on a budget) (2017, a...Alienvault how to build a security operations center (on a budget) (2017, a...
Alienvault how to build a security operations center (on a budget) (2017, a...Asep Syihabuddin
 

Similar to Integrating OMS and Azure Security Center for Enhanced Cloud Security (18)

10 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 202310 Best DevSecOps Tools for 2023
10 Best DevSecOps Tools for 2023
 
Security Hands-On - Splunklive! Houston
Security Hands-On - Splunklive! HoustonSecurity Hands-On - Splunklive! Houston
Security Hands-On - Splunklive! Houston
 
Real-time fallacy: how real-time your security really is?
Real-time fallacy: how real-time your security really is?Real-time fallacy: how real-time your security really is?
Real-time fallacy: how real-time your security really is?
 
Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?
 
Audit logs for Security and Compliance
Audit logs for Security and ComplianceAudit logs for Security and Compliance
Audit logs for Security and Compliance
 
Cyb 610 Your world/newtonhelp.com
Cyb 610 Your world/newtonhelp.comCyb 610 Your world/newtonhelp.com
Cyb 610 Your world/newtonhelp.com
 
Cyb 610 Motivated Minds/newtonhelp.com
Cyb 610 Motivated Minds/newtonhelp.comCyb 610 Motivated Minds/newtonhelp.com
Cyb 610 Motivated Minds/newtonhelp.com
 
Running Head MALWARE1MALWARE2MalwareName.docx
Running Head MALWARE1MALWARE2MalwareName.docxRunning Head MALWARE1MALWARE2MalwareName.docx
Running Head MALWARE1MALWARE2MalwareName.docx
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices
 
The Ultimate Guide For Cloud Penetration Testing.pdf
The Ultimate Guide For Cloud Penetration Testing.pdfThe Ultimate Guide For Cloud Penetration Testing.pdf
The Ultimate Guide For Cloud Penetration Testing.pdf
 
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITERUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
RUNNING A SECURITY CHECK FOR YOUR WORDPRESS SITE
 
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCESCOMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
COMPLETE NETWORK SECURITY PROTECTION FOR SME’SWITHIN LIMITED RESOURCES
 
BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...BriefingsDirect Transcript--How security leverages virtualization to counter ...
BriefingsDirect Transcript--How security leverages virtualization to counter ...
 
SCGOV Report
SCGOV ReportSCGOV Report
SCGOV Report
 
2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threats
 
How to recover from your next data breach
How to recover from your next data breachHow to recover from your next data breach
How to recover from your next data breach
 
Alienvault how to build a security operations center (on a budget) (2017, a...
Alienvault how to build a security operations center (on a budget) (2017, a...Alienvault how to build a security operations center (on a budget) (2017, a...
Alienvault how to build a security operations center (on a budget) (2017, a...
 

More from MaryJWilliams2

Erasure Coding: Revolutionizing Data Durability and Storage Efficiency
Erasure Coding: Revolutionizing Data Durability and Storage EfficiencyErasure Coding: Revolutionizing Data Durability and Storage Efficiency
Erasure Coding: Revolutionizing Data Durability and Storage EfficiencyMaryJWilliams2
 
Efficient Backup and Archiving with StoneFly Smart Cloud Gateway in a Hybrid ...
Efficient Backup and Archiving with StoneFly Smart Cloud Gateway in a Hybrid ...Efficient Backup and Archiving with StoneFly Smart Cloud Gateway in a Hybrid ...
Efficient Backup and Archiving with StoneFly Smart Cloud Gateway in a Hybrid ...MaryJWilliams2
 
Maximizing Cloud Security and Efficiency: A Guide to Integrating OMS and Azur...
Maximizing Cloud Security and Efficiency: A Guide to Integrating OMS and Azur...Maximizing Cloud Security and Efficiency: A Guide to Integrating OMS and Azur...
Maximizing Cloud Security and Efficiency: A Guide to Integrating OMS and Azur...MaryJWilliams2
 
Unlocking Efficiency: Exploring Change Block Tracking in Data Management
Unlocking Efficiency: Exploring Change Block Tracking in Data ManagementUnlocking Efficiency: Exploring Change Block Tracking in Data Management
Unlocking Efficiency: Exploring Change Block Tracking in Data ManagementMaryJWilliams2
 
Mastering Backup and Disaster Recovery: Ensuring Data Continuity and Resilience
Mastering Backup and Disaster Recovery: Ensuring Data Continuity and ResilienceMastering Backup and Disaster Recovery: Ensuring Data Continuity and Resilience
Mastering Backup and Disaster Recovery: Ensuring Data Continuity and ResilienceMaryJWilliams2
 
Streamlining Backup: Enhancing Data Protection with Backup Appliances
Streamlining Backup: Enhancing Data Protection with Backup AppliancesStreamlining Backup: Enhancing Data Protection with Backup Appliances
Streamlining Backup: Enhancing Data Protection with Backup AppliancesMaryJWilliams2
 
Navigating the Cloud: Empowering Enterprises with Cloud Solutions
Navigating the Cloud: Empowering Enterprises with Cloud SolutionsNavigating the Cloud: Empowering Enterprises with Cloud Solutions
Navigating the Cloud: Empowering Enterprises with Cloud SolutionsMaryJWilliams2
 
Safeguarding Business Continuity: Insights into Backup and Disaster Recovery ...
Safeguarding Business Continuity: Insights into Backup and Disaster Recovery ...Safeguarding Business Continuity: Insights into Backup and Disaster Recovery ...
Safeguarding Business Continuity: Insights into Backup and Disaster Recovery ...MaryJWilliams2
 
Breaking Boundaries: Overcoming Traditional Backup Limitations with Innovativ...
Breaking Boundaries: Overcoming Traditional Backup Limitations with Innovativ...Breaking Boundaries: Overcoming Traditional Backup Limitations with Innovativ...
Breaking Boundaries: Overcoming Traditional Backup Limitations with Innovativ...MaryJWilliams2
 
Exploring Software-Defined Storage in Digital Transformation
Exploring Software-Defined Storage in Digital TransformationExploring Software-Defined Storage in Digital Transformation
Exploring Software-Defined Storage in Digital TransformationMaryJWilliams2
 
Shielding Data Assets: Exploring Data Protection and Disaster Recovery Strate...
Shielding Data Assets: Exploring Data Protection and Disaster Recovery Strate...Shielding Data Assets: Exploring Data Protection and Disaster Recovery Strate...
Shielding Data Assets: Exploring Data Protection and Disaster Recovery Strate...MaryJWilliams2
 
Unveiling the Evolution: Proprietary Hardware to Agile Software-Defined Solut...
Unveiling the Evolution: Proprietary Hardware to Agile Software-Defined Solut...Unveiling the Evolution: Proprietary Hardware to Agile Software-Defined Solut...
Unveiling the Evolution: Proprietary Hardware to Agile Software-Defined Solut...MaryJWilliams2
 
Ensuring Resilience: Robust Backup Strategies for the Oil and Gas Secto
Ensuring Resilience: Robust Backup Strategies for the Oil and Gas SectoEnsuring Resilience: Robust Backup Strategies for the Oil and Gas Secto
Ensuring Resilience: Robust Backup Strategies for the Oil and Gas SectoMaryJWilliams2
 
Ransomware Unveiled: Understanding, Preventing, and Recovering
Ransomware Unveiled: Understanding, Preventing, and RecoveringRansomware Unveiled: Understanding, Preventing, and Recovering
Ransomware Unveiled: Understanding, Preventing, and RecoveringMaryJWilliams2
 
SAN vs NAS vs DAS: Decoding Data Storage Solutions
SAN vs NAS vs DAS: Decoding Data Storage SolutionsSAN vs NAS vs DAS: Decoding Data Storage Solutions
SAN vs NAS vs DAS: Decoding Data Storage SolutionsMaryJWilliams2
 
FC SAN vs iSCSI SAN: Which One is Right for Your Business? .pdf
FC SAN vs iSCSI SAN: Which One is Right for Your Business? .pdfFC SAN vs iSCSI SAN: Which One is Right for Your Business? .pdf
FC SAN vs iSCSI SAN: Which One is Right for Your Business? .pdfMaryJWilliams2
 
DRaaS vs. On-Prem DR Appliance: Which is Right for You?
DRaaS vs. On-Prem DR Appliance: Which is Right for You?DRaaS vs. On-Prem DR Appliance: Which is Right for You?
DRaaS vs. On-Prem DR Appliance: Which is Right for You?MaryJWilliams2
 
Remote Access Trojans (RATs): The Silent Invaders of Cybersecurity
Remote Access Trojans (RATs): The Silent Invaders of CybersecurityRemote Access Trojans (RATs): The Silent Invaders of Cybersecurity
Remote Access Trojans (RATs): The Silent Invaders of CybersecurityMaryJWilliams2
 
Safeguarding Your Data: Best Practices for Secure Cloud Storage
Safeguarding Your Data: Best Practices for Secure Cloud StorageSafeguarding Your Data: Best Practices for Secure Cloud Storage
Safeguarding Your Data: Best Practices for Secure Cloud StorageMaryJWilliams2
 
From Backup to Video Editing: 5 Use-Cases for NAS Storage
From Backup to Video Editing: 5 Use-Cases for NAS StorageFrom Backup to Video Editing: 5 Use-Cases for NAS Storage
From Backup to Video Editing: 5 Use-Cases for NAS StorageMaryJWilliams2
 

More from MaryJWilliams2 (20)

Erasure Coding: Revolutionizing Data Durability and Storage Efficiency
Erasure Coding: Revolutionizing Data Durability and Storage EfficiencyErasure Coding: Revolutionizing Data Durability and Storage Efficiency
Erasure Coding: Revolutionizing Data Durability and Storage Efficiency
 
Efficient Backup and Archiving with StoneFly Smart Cloud Gateway in a Hybrid ...
Efficient Backup and Archiving with StoneFly Smart Cloud Gateway in a Hybrid ...Efficient Backup and Archiving with StoneFly Smart Cloud Gateway in a Hybrid ...
Efficient Backup and Archiving with StoneFly Smart Cloud Gateway in a Hybrid ...
 
Maximizing Cloud Security and Efficiency: A Guide to Integrating OMS and Azur...
Maximizing Cloud Security and Efficiency: A Guide to Integrating OMS and Azur...Maximizing Cloud Security and Efficiency: A Guide to Integrating OMS and Azur...
Maximizing Cloud Security and Efficiency: A Guide to Integrating OMS and Azur...
 
Unlocking Efficiency: Exploring Change Block Tracking in Data Management
Unlocking Efficiency: Exploring Change Block Tracking in Data ManagementUnlocking Efficiency: Exploring Change Block Tracking in Data Management
Unlocking Efficiency: Exploring Change Block Tracking in Data Management
 
Mastering Backup and Disaster Recovery: Ensuring Data Continuity and Resilience
Mastering Backup and Disaster Recovery: Ensuring Data Continuity and ResilienceMastering Backup and Disaster Recovery: Ensuring Data Continuity and Resilience
Mastering Backup and Disaster Recovery: Ensuring Data Continuity and Resilience
 
Streamlining Backup: Enhancing Data Protection with Backup Appliances
Streamlining Backup: Enhancing Data Protection with Backup AppliancesStreamlining Backup: Enhancing Data Protection with Backup Appliances
Streamlining Backup: Enhancing Data Protection with Backup Appliances
 
Navigating the Cloud: Empowering Enterprises with Cloud Solutions
Navigating the Cloud: Empowering Enterprises with Cloud SolutionsNavigating the Cloud: Empowering Enterprises with Cloud Solutions
Navigating the Cloud: Empowering Enterprises with Cloud Solutions
 
Safeguarding Business Continuity: Insights into Backup and Disaster Recovery ...
Safeguarding Business Continuity: Insights into Backup and Disaster Recovery ...Safeguarding Business Continuity: Insights into Backup and Disaster Recovery ...
Safeguarding Business Continuity: Insights into Backup and Disaster Recovery ...
 
Breaking Boundaries: Overcoming Traditional Backup Limitations with Innovativ...
Breaking Boundaries: Overcoming Traditional Backup Limitations with Innovativ...Breaking Boundaries: Overcoming Traditional Backup Limitations with Innovativ...
Breaking Boundaries: Overcoming Traditional Backup Limitations with Innovativ...
 
Exploring Software-Defined Storage in Digital Transformation
Exploring Software-Defined Storage in Digital TransformationExploring Software-Defined Storage in Digital Transformation
Exploring Software-Defined Storage in Digital Transformation
 
Shielding Data Assets: Exploring Data Protection and Disaster Recovery Strate...
Shielding Data Assets: Exploring Data Protection and Disaster Recovery Strate...Shielding Data Assets: Exploring Data Protection and Disaster Recovery Strate...
Shielding Data Assets: Exploring Data Protection and Disaster Recovery Strate...
 
Unveiling the Evolution: Proprietary Hardware to Agile Software-Defined Solut...
Unveiling the Evolution: Proprietary Hardware to Agile Software-Defined Solut...Unveiling the Evolution: Proprietary Hardware to Agile Software-Defined Solut...
Unveiling the Evolution: Proprietary Hardware to Agile Software-Defined Solut...
 
Ensuring Resilience: Robust Backup Strategies for the Oil and Gas Secto
Ensuring Resilience: Robust Backup Strategies for the Oil and Gas SectoEnsuring Resilience: Robust Backup Strategies for the Oil and Gas Secto
Ensuring Resilience: Robust Backup Strategies for the Oil and Gas Secto
 
Ransomware Unveiled: Understanding, Preventing, and Recovering
Ransomware Unveiled: Understanding, Preventing, and RecoveringRansomware Unveiled: Understanding, Preventing, and Recovering
Ransomware Unveiled: Understanding, Preventing, and Recovering
 
SAN vs NAS vs DAS: Decoding Data Storage Solutions
SAN vs NAS vs DAS: Decoding Data Storage SolutionsSAN vs NAS vs DAS: Decoding Data Storage Solutions
SAN vs NAS vs DAS: Decoding Data Storage Solutions
 
FC SAN vs iSCSI SAN: Which One is Right for Your Business? .pdf
FC SAN vs iSCSI SAN: Which One is Right for Your Business? .pdfFC SAN vs iSCSI SAN: Which One is Right for Your Business? .pdf
FC SAN vs iSCSI SAN: Which One is Right for Your Business? .pdf
 
DRaaS vs. On-Prem DR Appliance: Which is Right for You?
DRaaS vs. On-Prem DR Appliance: Which is Right for You?DRaaS vs. On-Prem DR Appliance: Which is Right for You?
DRaaS vs. On-Prem DR Appliance: Which is Right for You?
 
Remote Access Trojans (RATs): The Silent Invaders of Cybersecurity
Remote Access Trojans (RATs): The Silent Invaders of CybersecurityRemote Access Trojans (RATs): The Silent Invaders of Cybersecurity
Remote Access Trojans (RATs): The Silent Invaders of Cybersecurity
 
Safeguarding Your Data: Best Practices for Secure Cloud Storage
Safeguarding Your Data: Best Practices for Secure Cloud StorageSafeguarding Your Data: Best Practices for Secure Cloud Storage
Safeguarding Your Data: Best Practices for Secure Cloud Storage
 
From Backup to Video Editing: 5 Use-Cases for NAS Storage
From Backup to Video Editing: 5 Use-Cases for NAS StorageFrom Backup to Video Editing: 5 Use-Cases for NAS Storage
From Backup to Video Editing: 5 Use-Cases for NAS Storage
 

Recently uploaded

FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 

Recently uploaded (20)

FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 

Integrating OMS and Azure Security Center for Enhanced Cloud Security

  • 1. A DEMONSTRATION OF OMS AND AZURE SECURITY CENTER © 2023 StoneFly, Inc. | All rights reserved.
  • 2. Security in the Cloud OMS Demonstration How many of you have a centralized pane of glass that tell you, you have malicious traffic attacks, you have identity and access information that is there? You have computers with security updates that are missing?. Do you have all of this in a centralized pane of glass? Or do you have different tools that you use to find out what’s what? Those are the benefits that you have with Microsoft’s Operations Management Suite (OMS). We are going to jump right into a demo, and we are going to go right into Microsoft’s OMS (Operations Management Suit). Operations Management Suite (OMS) Inside of here you have different assessments and analysis that are running for your organization. Now, because you are using this primarily for cloud services, you can see that you have preventions and things like that, that are here to assess your environment. But you also see that you have had a brute force attack. Page 1
  • 3. Security in the Cloud OMS Demonstration So, you can see that we have a brute force attack, and we also have double extension files being executed and things like that. So, you have your systems being attacked at your organization. Now, if we look at the process of how to diagnose, assess, and things like that, this system, or this platform, is already starting to diagnose intelligently in the background across all these different assessments that you see here. So, you have your malware assessment that is running, you have an update assessment that is running, you have network security and distinct IP address assessment that is running. You also have a threat intelligence assessment that is running. This is where it is going to start to say, here are the malicious IPs in your organization, here is where they are coming from, here is where you are, and here is where somebody else is actually controlling your server and that is where we see the malicious IP coming from. We will walk through this a little bit more in depth. What To Do Once You Are Breached? Now that you have been breached, you see that there is a brute force at- tack or you see that there is a double extension on file. You have to click into the attack link to find out what is going on, and what server has been compromised and where things are happening. So, you can clearly see that you have a domain controller that has been compromised. What happens when a domain controller is compromised? Or is starting to have brute force attacks on it? They take control of your entire environment. Right now it is a warning, but before it becomes compromised, let us go ahead and fix this. Page 2
  • 4. Security in the Cloud OMS Demonstration How Can You Fix It? What you are going to do here is look at your query and your search results where it tells you the type of alert and the severity. You want to go ahead and setup an alert for your entire security team or for your IT team or for your help desk team. This allows them to know what is happening to your organization so that they can start to remediate it. So, you have to click up at the “Alert” tap and you are going to add a Page 3
  • 5. Security in the Cloud OMS Demonstration roll. Then you are going to say, ”We have a brute force attack in play” in the Name box. Insert in the severity of the attack, then the description and the time window (How often do I want this to run?). So for example you want this to run every five minutes, or every two minutes, or wherever you want that to be. You want the threshold to be greater than zero. So, even if it happens once where you are being brute forced attacked and it is starting to hit the system significantly, it lets you know. You also want to setup an email notification, and this is where you would put your distribution list of your help desk, of your security team, of your server team, etc. under ”Recipients”. Next you would put in a Webhook and a Webhook can be used for things like Slack or ServiceNow if you have a help desk. Webhook will translate and open up an incident, or open up a security incident within your ITSM solution. What that means is any time you have this as a security incident, it is recorded and if there is a change that is executed against it that goes through your change management and service request process. So, you actually have something that goes and tracks this as a postmortem closed process as well. Once you have that, then you can also execute a Runbook behind it. Now this Runbook would give you the automation to go ahead and fix the issue. Now you have the ability to execute this in Azure only or to execute this on-premise as well with your hybrid worker. In this demo we are going to execute this across environments with a hybrid worker. Now in your ”Service Desk Actions”, what this is going to do is give you a connection to your ServiceNow or your ITSM based solution that will automatically open up an incident for you. Page 4
  • 6. Security in the Cloud OMS Demonstration So you choose a ”Work Item” and you will choose a security incident. And as you choose a security incident, you will say hey, how did you find out about this in the ”Contact Type”. You will select ”the impact, the risk, the severity, the priority and the category”. This is exactly what has happened, is that confidential personal data loss, or was it a policy violation, was it a rogue server or service, things like that. That is when you would go ahead and save this. Once you save it, it now will tell you any time that there is a brute force attack that is happening from that environment, you will get a notification on it. Now, the other thing that you also have is the ability to go ahead and look at ”threat intelligence”. So as you are detecting, and as you are going through your organization, you want to know where malicious traffic events are. So you are looking at malicious traffic events, and you can see that there are five botnets that are sitting within your organization, that are coming from China. Let’s See How This is Happening You can see the computer. So, your SharePoint web front end has been compromised. You can see your local IP, the malicious IP that is controlling it and then the member of the botnet. You have the ability to set up a rule on this as well, and then export that to see where things are coming from. The idea is for you to be able to take different sources of information from your Security and Audit. Page 5
  • 7. Security in the Cloud OMS Demonstration Page 6
  • 8. Security in the Cloud OMS Demonstration Page 7
  • 9. Security in the Cloud OMS Demonstration Generally, most environments have separate disparate systems that don’t have log analytics across the board. This is what gives you that capability to centralize a lot of those things that you are having multiple people look at, multiple very smart people look at, from different sources of technology. It is actually combining that for you so that you have a single common pane of glass. So that’s the idea. Azure Security Center In Azure Security Center, you have the ability to turn on security monitoring for every single one of your virtual machines, your storage accounts, your databases, whatever you have. And that will start to tell you, hey, your disk is not encrypted, so go ahead and take this remediation action. The other thing that you have in Azure Security Center is you also have the ability to use third party technologies that are integrated for more protection or for a remediation of a solution that you have. Those are the things that you have with Operations Management Suite and Azure Security Center combined. Page 8
  • 10. www.stonefly.com 2865, 2869 and 2879 Grove Way, Castro Valley, CA 94546 USA. +1 (510) 265-1616