Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Microsoft Officially Launches Azure Security Center

Microsoft is strengthening its grip on the cloud with two major new announcements this week. The first is that the Azure Security Center is now generally available; and the second is that Azure Active Directory Identity Protection and Azure Active Directory Privileged Identity Management options will both be available within the next few months.

Microsoft is strengthening its grip on the cloud with two major new announcements this week. The first is that the Azure Security Center is now generally available; and the second is that Azure Active Directory Identity Protection and Azure Active Directory Privileged Identity Management options will both be available within the next few months.

The Security Center was preview launched in December 2015 and has been used since then by companies such as Chronodrive, Jet.com and Metro Bank. Its overarching purpose is to provide the visibility and control that users need and sometimes lose when they move to the cloud.

Microsoft Logo

“Azure Security Center provided customers more than 500,000 recommendations to improve the security health of their resources,” announced Sarah Fender, Azure Cybersecurity’s principal program manager in a blog post Thursday. “It used advanced analytics, including machine learning, and Microsoft’s vast global threat intelligence, to detect more than 140,000 threats per month – providing actionable alerts and dramatically reducing detection and response times.”

New features in Security Center include a connector to help customers export log data into SIEMs such as ArcSight, Qradar and Splunk; emailed security alerts; the ability to detect lateral movements and malicious scripts; the use of analytics to provide a single view on an attack campaign; REST API documentation to help the integration of users’ own security systems; and (shortly) vulnerability assessments from partners such as Qualys.

These new capabilities allow Microsoft to boast, “when your organization leverages the Microsoft Cloud, it can improve your security posture, versus what you are doing to protect your on-premises IT environment alone.” It claims that Azure is an holistic platform that can combine the customer’s own controls with both Microsoft’s own and those of its partners. And it adds, “Microsoft’s unique insights into the threat landscape, informed by trillions of signals from billions of sources, create an intelligent security graph that we use to inform how we protect all endpoints, better detect attacks and accelerate our response.”

This huge resource of threat information will be used in the upcoming release of Azure Active Directory (AD) Identity Protection. The system will detect suspicious activities like brute force attacks, leaked credentials and logins from unfamiliar locations and infected devices, and will aid the creation of risk-based policies to help protect identities from future threats.

A second new development, due to be available next month, will be the Azure Active Directory Privileged Identity Management option. Privileged accounts are a major weakness: they are literally the keys to the kingdom. If an attacker gets hold of an administrator’s account, there is little that he cannot do.

“More and more organizations are realizing that they have to strictly manage privileged accounts and monitor their activities because of the risk associated with their misuse. With Azure AD Privileged Identity Management you can manage, control, and monitor access to resources in Azure AD as well as other Microsoft online services like Office 365 or Microsoft Intune,” says Microsoft.

Advertisement. Scroll to continue reading.

Both the AD Identity Protection and the AD PIM will be available by including them in the new Microsoft Enterprise Mobility + Security (EMS) E5 suite. Security Center is available now.

Related Reading: Enterprises Failing to Protect Privileged Credentials

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Compliance

Government agencies in the United States have made progress in the implementation of the DMARC standard in response to a Department of Homeland Security...

Email Security

Many Fortune 500, FTSE 100 and ASX 100 companies have failed to properly implement the DMARC standard, exposing their customers and partners to phishing...

Funding/M&A

The private equity firm merges the newly acquired ForgeRock with Ping Identity, combining two of the biggest names in enterprise IAM market.