Microsoft launches Azure Security Center

Laurent Giret

Microsoft’s Azure Security Team announced today that the Azure Security Center is now generally available to Azure customers. Azure Security Center gives Azure customers a central view of the security state of all of their Azure resources. The dashboard was introduced in preview last December, and Principal Program Manager for Azure Cybersecurity Sarah Fender highlighted today how Azure Customers leveraged it to manage their Azure resources:

During its preview period, Azure Security Center helped customers such as Chronodrive, Jet.com and Metro Bank gain visibility into the security state of their Azure resources, let them take control of cloud security policies, and monitored security configurations while helping them detect and respond to active attacks.

Azure Security Center provided customers more than 500,000 recommendations to improve the security health of their resources. It used advanced analytics, including machine learning, and Microsoft’s vast global threat intelligence, to detect more than 140,000 threats per month – providing actionable alerts and dramatically reducing detection and response times.

Now that Azure Security Center is out of preview, Microsoft is also adding the following new features :

  • Log integration. A new connector for Azure streamlines the process of getting security data, including Azure Security Center alerts, into security information and event management solutions, such as HP ArcSight, IBM Qradar, Splunk, and others.
  • Support for more Azure resource types. Security Center can now more extensively monitor the security of RedHat and many more Linux distros, including system update status, OS configurations, and disk encryption. It can also monitor security health for Cloud Services (Web and Worker Roles) and recommend outdated OS instances be updated.
  • Email notifications. Respond to threats more quickly with email notification when a new high severity security alert is detected.
  • New detections. Security Center now has improved ability to detect lateral movement, outgoing attacks, and malicious scripts, and researchers are constantly adding new capabilities.
  • Security incidents. By using analytics to connect the dots between distinct security alerts, Security Center can now provide a single view of an attack campaign and all of the related alerts so you can quickly understand what actions the attacker took and what resources were impacted.
  • REST APIs. For customers who want to integrate with their existing change management or security operations systems, we published REST API documentation.
  • Integrated vulnerability assessment. In the coming weeks, customers will be able to deploy vulnerability assessment solutions from partners like Qualys in just a few clicks.

To get started with Azure Security Center, we invite you to go on the dedicated website to learn how the tool can help you to understand your cloud security state. The service is offered in two tiers, Free and Standard, with a 90 day trial for the Standard tier. If you already tested the service during the preview period, let us know in the comments what do you think of the new features introduced today.