The threat landscape shifts rapidly under normal conditions. Cloud services, DevOps, and microservices just amplify potential threats–creating an environment that is very volatile and scales dramatically in the blink of an eye. Businesses need automated security solutions that are designed for the cloud–and Microsoft has delivered that with Azure Security Center.
In December of 2015 Microsoft released a preview of Azure Security Center—a platform designed to merge Microsoft security research with insights into global threats to give customers the tools to defend against emerging threats. Today, Microsoft announced the general availability of Azure Security Center for enterprise customers.
Azure Security Center (ASC) itself may be a relatively new venture from Microsoft, but it is built on a decade of security concepts and real-world experience. Microsoft has always been a primary target of hackers and malware exploits, so Microsoft has been forced to adapt to a shifting threat landscape faster and better than most.
Overview of Azure Security Center
A blog post from Microsoft describes the success of the ASC preview: “Azure Security Center provided customers more than 500,000 recommendations to improve the security health of their resources. It used advanced analytics, including machine learning, and Microsoft’s vast global threat intelligence, to detect more than 140,000 threats per month – providing actionable alerts and dramatically reducing detection and response times.”
Microsoft has a number of partners for Azure Security Center like Barracuda, Fortinet, Trend Micro, Imperva and others—with more vendors coming soon.
The Microsoft post outlines a number of new features added to Azure Security Center for the official launch:
- Log integration. A new connector for Azure streamlines the process of getting security data, including Azure Security Center alerts, into security information and event management solutions, such as HP ArcSight, IBM Qradar, Splunk, and others.
- Support for more Azure resource types. Security Center can now more extensively monitor the security of RedHat and many more Linux <href=”#virtual-machines”>distros, including system update status, OS configurations, and disk encryption. It can also monitor security health for Cloud Services (Web and Worker Roles) and recommend outdated OS instances be updated.
- Email notifications. Respond to threats more quickly with email notification when a new high severity security alert is detected.
- New detections. Security Center now has improved ability to detect lateral movement, outgoing attacks, and malicious scripts, and researchers are constantly adding new capabilities.
- Security incidents. By using analytics to connect the dots between distinct security alerts, Security Center can now provide a single view of an attack campaign and all of the related alerts so you can quickly understand what actions the attacker took and what resources were impacted.
- REST APIs. For customers who want to integrate with their existing change management or security operations systems, we published REST API documentation.
- Integrated vulnerability assessment. In the coming weeks, customers will be able to deploy vulnerability assessment solutions from partners like Qualys in just a few clicks.
Origin of Azure Security Center
It was January 15, 2002 that Bill Gates issued the now-famous memo that launched Trustworthy Computing. That memo was the result of a new generation of threats—Code Red and Nimda—that fundamentally changed the malware game.
See the full story on Forbes: Azure Security Center Raises The Bar For Security.