Cloud Security

Microsoft Azure provides integrated security management and a high-level threat prevention function for the hybrid cloud workload through the Azure Security Center. The Azure Security Center is an integrated infrastructure security management system that provides an intelligent threat prevention function for all the hybrid workload of the cloud as well as the on-premise environment. It reinforces the network, maintains service security and provides the tool necessary for controlling security.

Reinforcing security

The Security Center makes it possible to evaluate the environment and check the resource state, that is, whether the resource is safe.

Threat protection

The Security Center makes it possible to evaluate the environment and check the resource state, that is, whether the resource is safe.

Quicker security settings

All jobs are performed at the speed of the cloud in the Security Center. As native integration is provided, it is possible to easily distribute the Security Center and use the auto provisioning and protection functions through the Azure service.

Azure Security Center support technology

1. Infrastructure as a service (IaaS)

It is possible to use the Microsoft Monitoring Agent to manage not only Windows OS, but also Linux OS, and integrate Windows Defender Advanced Threat Protection with the Azure Security Center.

2. It is possible to use the Azure Security Center to apply it to Azure resource types, such as Azure SQL, networking, data and applications (App Service), and reinforce security.
3. It is possible to respond to compliance, as it is easy to establish security policies. (Azure CIS, PCI DSS 3.2, ISO 27001, SOC TSP, etc.)
4. It is possible to use the integrated security solution at the Azure Security Center to integrate and manage 3rd-party products and security.
● Web application firewall (Barracuda, F5, Imperva, Fortinet and Azure Application Gateway)
● Next-generation firewall (Check Point, Barracuda, Fortinet, Cisco and Palo Alto Networks)
● Vulnerability evaluation (Qualys and Rapid7)
5. Providing the SIEM Export function that can send the Azure Security Center warning to widely used SIEM solutions like Splunk and IBM QRadar.
6. The Azure Security Center displays a warning based on the User and Entity Behavior Analytics (UEBA) when it is used with Microsoft Cloud App Security.

As this warning is based on searching user behavior for problems, UEBA and machine learning (ML), it is possible to immediately start intelligent threat detection in all subscription activities. As the warning is set to be used automatically, new problem search immediately searches for many behavior problems in all users and resources related to subscription and provides instant results. Also, this warning uses the additional data that is already in the Microsoft Cloud App Security search engine to help accelerate the investigation process and include threats that are found continuously.