This document summarizes Azure Security Center, a service that provides unified visibility and control of security across hybrid cloud workloads. It dynamically discovers resources, enables adaptive threat prevention through assessments and recommendations, and provides intelligent detection and response using advanced analytics and Microsoft's Intelligent Security Graph. Customers gain insights through centralized security management and save time on security tasks. Azure Security Center is available in free and standard tiers that differ in features and pricing.

1. Secure your IT resources with
Azure Security Center
Nicholas DiCola
Principal Program Manager
http://aka.ms/MSFTSecDay2017
WS2.3

3. StorageComputeIdentity Networking
90%
1: Rightscale: 2017 State of Cloud Survey http://www.rightscale.com/blog/cloud-industry-insights/cloud-computing-trends-2017-state-cloud-survey#hybrid-cloud
of Fortune 500 use
Microsoft Cloud
Cloud

4. StorageComputeIdentity Networking
cloud
>67%
1: Rightscale: 2017 State of Cloud Survey http://www.rightscale.com/blog/cloud-industry-insights/cloud-computing-trends-2017-state-cloud-survey#hybrid-cloud
Enterprises adopting
hybrid cloud in 20171
On-premises and

5. Hybrid cloud
requires a new
approach for
security
Distributed
infrastructure
Need better visibility and control
Rapidly changing
cloud resources
Require solutions that keep pace
with speed and agility of cloud
Increasingly
sophisticated threats
Leverage analytics and threat
intelligence to detect threats quickly

7. Dynamically discover and manage the
security of your hybrid cloud workloads in
a single cloud-based console

8. Built-in Azure, no setup required
Automatically discover
and monitor security of
Azure resources
Gain insights for hybrid resources
Easily onboard resources running
in other clouds
and on-premises

9. Central policy management
Define a security policy for each
subscription in Security Center
Apply across multiple subscriptions
using Azure Management Groups

10. Quickly identify list of notable
events that require your attention
Out of the box notable events in
dashboard or create custom queries
Search and analyze security data
using a flexible query language
Use built-in or custom queries with
Log Analytics search

11. Integrated partners
Connected security solutions
running in Azure, e.g. firewalls
and antimalware solutions
Microsoft security
Azure Active Directory
Information Protection
Advanced Threat Analytics
Many others
Any security solution that supports
Common Event Format (CEF)

13. Enable actionable, adaptive protections
that identify and mitigate risk to reduce
exposure to attacks

14. Continuous assessment of
machines, networks, and
Azure services
Hundreds of built-in security
assessments, or create your own
Fix vulnerabilities quickly
Prioritized, actionable security
recommendations

15. Lock down ports on virtual machines
Enable just-in-time access
to virtual machines
Access automatically granted
for limited time

16. Allow safe applications only
Adaptive whitelisting learns
application patterns
Simplified management with
recommended whitelists

18. Use advanced analytics and Microsoft Intelligent
Security Graph to rapidly detect and respond to
evolving cyber threats

19. Built-in intelligence and
advanced analytics
Powered by Microsoft
Intelligent Security Graph

20. Detect threats across the kill chain

21. Get prioritized security alerts
Details about detected threats
and recommendations
Detect threats across the kill chain
Alerts that conform to kill
chain patterns are fused into
a single incident

22. Visualize source of attacks with
interactive map
Analyzes data from your
computers and firewalls logs
Gain insights through threat
reports
Attacker’s known objectives,
tactics, and techniques

23. Quickly assess the scope and
impact of an attack
Interactive experience to
explore links across alerts,
computers and users
Use predefined or ad hoc
queries for deeper
examination

24. Automate and orchestrate
common security workflows
Create playbooks with integration
of Azure Logic Apps
Trigger workflows from any alert
to enable conditional actions

26. MONISH DARDA
Co-founder and Chief Technology Officer
ICERTIS
“The prospect of having a single
dashboard where we can prevent,
detect, and respond to threats with
increased visibility and control
over our resources was very exciting…
Today, our operations team saves at
least 30 percent of its time by using
Azure Security Center.”

27. “We get consistent levels of infrastructure
security with Azure because we can
leverage a wealth of security technologies
that Microsoft is constantly improving.
We also have fewer endpoints to
manage. We use Azure Security Center to
monitor our environment, and with it we
can be much more responsive when
threats are identified.”
HAROLD GROOTHEDDE
Technology Solutions Director
COATS

28. To learn more, visit
azure.microsoft.com/en-us/services/security-center/
Use Security Center to
manage security for
Azure resources
Get advanced threat
protection with Security
Center standard
Onboard on-premises
and other cloud
workloads

29. Azure Security
Center
Dynamically discover and manage the
security of your hybrid cloud workloads in
a single cloud-based console
Unified visibility
and control
Enable actionable, adaptive protections
that identify and mitigate risk to reduce
exposure to attacks
Adaptive threat
prevention
Use advanced analytics and Microsoft
Intelligent Security Graph to rapidly detect
and respond to evolving cyber threats
Intelligent detection
and response

30. Thank you

32. FEATURES FREE
(AZURE RESOURCES ONLY)
STANDARD
(HYBRID INCL. AZURE)
Security policy, assessment, and recommendations
Connected partner solutions
Security event collection and search --
Just-in-time VM Access --
Adaptive application controls --
Advanced threat detection for networks, VMs/servers, and Azure services --
Built-in and custom alerts --
Threat intelligence --
Included data Not applicable 500 MB per day1
Price Free $15 / node / month
1:The daily included data allocation is pooled across nodes. For example, if there are 10 nodes connected to the service, then the total ‘included data’ allocation is 5,000 MB per day.

33. Security Dashboards
Deliver Rapid Insights into
Security State Across All
Workloads
API