Microsoft’s Azure Security Center, a new, built-in security monitoring service for Microsoft’s Azure cloud platform, has exited preview and is now released for general availability.
Azure Security Center was first released for preview back in December, and since then it has provided preview customers such as Chronodrive, Jet.com and Metro Bank with over 500,000 recommendations to “improve the security health of their resources,” according to a release. Microsoft also claims that Azure Security Center detected more than 140,000 threats per month using advanced analytics, including machine learning, and Microsoft’s vast global threat intelligence.”
“Maintaining visibility and control of cybersecurity is a constant challenge. And as attackers innovate, keeping up with them can be an overwhelming task,” says Sarah Fender Principal Program Manager, Azure Cybersecurity. “On average, it takes more than 200 days for an organization to detect a breach.”
“At Microsoft, we believe a new approach is required—one that leverages Microsoft’s unique perspective on threat intelligence, which we have gained by operating cloud services at massive scale.”
Log integration. A new connector for Azure streamlines the process of getting security data, including Azure Security Center alerts, into security information and event management solutions, such as HP ArcSight, IBM Qradar, Splunk, and others.Azure Security Service features include:
- Support for more Azure resource types. Security Center can now more extensively monitor the security of RedHat and many more Linux distros, including system update status, OS configurations, and disk encryption. It can also monitor security health for Cloud Services (Web and Worker Roles) and recommend outdated OS instances be updated.
- Email notifications. Respond to threats more quickly with email notification when a new high severity security alert is detected.
- New detections. Security Center now has improved ability to detect lateral movement, outgoing attacks, and malicious scripts, and researchers are constantly adding new capabilities.
- Security incidents. By using analytics to connect the dots between distinct security alerts, Security Center can now provide a single view of an attack campaign and all of the related alerts so you can quickly understand what actions the attacker took and what resources were impacted.
- REST APIs. For customers who want to integrate with their existing change management or security operations systems, we published REST API documentation.
- Integrated vulnerability assessment. In the coming weeks, customers will be able to deploy vulnerability assessment solutions from partners like Qualys in just a few clicks.
Widget not in any sidebars
- Five Questions You Need To Ask Yourself When Evaluating SIEM Solutions - November 8, 2017
- Winning the Data Breach War with User and Entity Behavioral Analytics - November 3, 2017
- 5 Alternatives to The Gartner Magic Quadrant for SIEM - October 31, 2017