Azure Sentinel News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
Azure Sentinel News
No Result
View All Result
Home SIEM

Microsoft announces a slew of security enhancements for Azure

Azure Sentinel News Editor by Azure Sentinel News Editor
December 4, 2020
in SIEM
0
The ‘All-Seeing’ Azure Sentinel Provides Omnipresent Level Security
4.3kViews
668 Shares Share on Facebook Share on Twitter

To further protect its Azure customers, Microsoft has announced a variety of security-related enhancements for the platform – and Security Center in particular – at Ignite 2019.

Azure Sentinel

First up is better threat protection for cloud resources by way of Azure Sentinel, the security information and event management (SIEM) offering from Microsoft’s cloud. This means that any threat can be investigated, hunted and correlated with other signals quicker.

Sentinel also now has built-in hunting queries for Linux and network events, the ability to launch Azure Notebooks straight from the SIEM solution, and new analytics and investigation tools to offer better insights on suspicious URLs. Between new connectors from security partners, and new Graph Security API integrations, Sentinel can now use endpoint, network, and identity data from third-party security vendors, as well as allow business customers to sync alerts from it, other Microsoft solutions, and even third-party ticketing and security management offerings. All of these enhancements are now available in preview.

Azure Security Center

At the conference, the Redmond giant has also announced that Security Center is getting a number of enhancements, including workflow automation using Azure Logic Apps, better integrations with continuous export, better alerts and recommendations, onboarding of on-premises services to Security Center via Admin Center, and Azure Security Center Community. The last one is a centralized GitHub that’s open to contributors.

First up is workflow automation via the use of playbooks that leverage Azure Logic Apps. These can then be used to create policies that automatically trigger said playbooks depending on specific Security Center findings – like alerts or recommendations. This capability is now generally available.

In terms of continuous export, enterprise customers can now consume Security Center alerts and recommendations outside of the Azure Portal or API. Said recommendations and alerts can be exported to Event Hub, a Log Analytics workspace – which allows folks to create custom dashboards with Power BI -, and more. This continuous export capability is now in public preview.

A preview of better reporting for Security Center alerts and recommendations is now available too, allowing customers to download an Excel/CSV report that shows detailed data about alerts and includes direct links to view an alert or recommendation in the Azure Portal.

Announced in preview is also a set of extensive data security features for SQL Server databases running on Azure VMs. Azure Security Center now has support for vulnerability assessment and threat protection of these databases, allowing for continuous monitoring of suspicious activity and recommendation of any actions meant to mitigate or investigate the detected threat.

The aforementioned vulnerability assessment features are powered by Qualys, and they are also coming (for now in public preview) to the Security Center Standard tier at no additional charge. These features will ensure the continuous scan of installed applications in virtual machines in order to detect vulnerabilities and present them via the Security Center portal.

Vulnerability assessment in Security Center is now supported for Azure Container Registry as well, which means business customers will now be provided with recommendations to address specific vulnerabilities based on the scan of container registries within the active subscription.

Threat protection for Azure Kubernetes Service (AKS) is also available – in public preview – including continuous discovery of managed AKS instances within Security Center registered subscriptions, actionable items for better security best practices compliance, as well as host and cluster-based analytics.

If you’re running an on-premises Windows Server – and thus managing it via Admin Center -, you are now able to onboard it and view security alerts and recommendations – courtesy of Security Center -, directly from the Admin Center experience.

Reference:https://www.neowin.net/news/microsoft-announces-a-slew-of-security-enhancements-for-azure/

Tags: AzureAZURE FIREWALL MANAGERAzure Security CenterAzure SentinelMicrosoftMICROSOFT AZURE
Azure Sentinel News Editor

Azure Sentinel News Editor

Related Posts

With new release, CrowdStrike targets Google Cloud, Azure and container adopters
SIEM

Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

March 5, 2021
With new release, CrowdStrike targets Google Cloud, Azure and container adopters
SIEM

Improved Azure Portal View Makes Switching Between Azure Sentinel LAWs Easier

March 3, 2021
What’s new: Microsoft Teams connector in Public Preview
SIEM

Changes in How Running Hunting Queries Works in Azure Sentinel

February 11, 2021
Next Post
Microsoft bolsters threat prevention capabilities for enterprises

Ingesting log files from AWS S3 using AWS Lambda

Vectra AI and Microsoft partner on security integration

Monitoring Windows Virtual Desktop environments (Fall 2019 release) with Azure Sentine

Open Systems Augments its Cybersecurity Capabilities With Acquisition of Leading Microsoft Azure Sentinel Expert

Hunting Threats on Linux with Azure Sentinel

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 21.8M Fans
  • 81 Followers

Recommended

Microsoft Azure AD Gains Machine Learning Hooks To Detect Sneaky Password Spray Attacks

Microsoft Azure AD Gains Machine Learning Hooks To Detect Sneaky Password Spray Attacks

4 months ago
BT unveils a new range of managed security and advisory services for Microsoft Azure Sentinel

BT unveils a new range of managed security and advisory services for Microsoft Azure Sentinel

4 months ago
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

Upstream Security Joins the Microsoft Intelligent Security Association to Defend Against Automotive Cybersecurity Threats

3 months ago
Vectra AI and Microsoft partner on security integration

Replay Now Available – Microsoft Security Insights 036: Azure Sentinel with Rod Trent

4 weeks ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

Topics

anomaly automation Azure Azure DevOps Azure Security Center Azure Sentinel Azure Sentinel API Azure Sentinel Connector BlueVoyant Call cybersecurity Detection file GitHub Hunting Huntingy IAC incident response Incident Triage infrastructure as code Investigation jupyter LAQueryLogs MDR Microsoft microsoft 365 mssp Multitenancy Notebooks Pester Playbooks PowerShell python Records Security Sentinel Sharing SIEM signin Supply Chain teams Threat hunting Watchlists Workbooks XDR
No Result
View All Result

Highlights

Improved Azure Portal View Makes Switching Between Azure Sentinel LAWs Easier

How to Use Azure Sentinel to Protect Against the Exchange Zero-day

How to Deploy an Analytics Rule to Azure Sentinel from the GitHub Repository

Azure Sentinel Weekly Newsletter

How to Generate Azure Sentinel Incidents for Testing

Azure Sentinel Notebooks Loses It’s Preview Tag

Trending

With new release, CrowdStrike targets Google Cloud, Azure and container adopters
SIEM

Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA

by Azure Sentinel News Editor
March 5, 2021
0

Deploying collateral from our GitHub repository to your Azure Sentinel instance is very similar in that it...

Vectra AI and Microsoft partner on security integration

How to Take Advantage of the New Virus Total Logic App Connector for Your Azure Sentinel Playbooks

March 4, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository

March 3, 2021
With new release, CrowdStrike targets Google Cloud, Azure and container adopters

Improved Azure Portal View Makes Switching Between Azure Sentinel LAWs Easier

March 3, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

How to Use Azure Sentinel to Protect Against the Exchange Zero-day

March 3, 2021

We bring you the best, latest and perfect Azure Sentinel News, Magazine, Personal Blogs, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • Microsoft Releases Azure AD My App and New Risk Detections for Identity Protection into GA March 5, 2021
  • How to Take Advantage of the New Virus Total Logic App Connector for Your Azure Sentinel Playbooks March 4, 2021
  • How to Deploy a Hunting Query to Azure Sentinel from the GitHub Repository March 3, 2021

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

[mc4wp_form]

Copyright © 2020 - Azure Sentinel News

No Result
View All Result
  • Home
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence

Copyright © 2020 Azure Sentinel News