CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Microsoft Officially Launches Azure Security Center

Microsoft is strengthening its grip on the cloud with two major new announcements this week. The first is that the Azure Security Center is now generally available; and the second is that Azure Active Directory Identity Protection and Azure Active Directory Privileged Identity Management options will both be available within the next few months.

Microsoft is strengthening its grip on the cloud with two major new announcements this week. The first is that the Azure Security Center is now generally available; and the second is that Azure Active Directory Identity Protection and Azure Active Directory Privileged Identity Management options will both be available within the next few months.

The Security Center was preview launched in December 2015 and has been used since then by companies such as Chronodrive, Jet.com and Metro Bank. Its overarching purpose is to provide the visibility and control that users need and sometimes lose when they move to the cloud.

Microsoft Logo

“Azure Security Center provided customers more than 500,000 recommendations to improve the security health of their resources,” announced Sarah Fender, Azure Cybersecurity’s principal program manager in a blog post Thursday. “It used advanced analytics, including machine learning, and Microsoft’s vast global threat intelligence, to detect more than 140,000 threats per month – providing actionable alerts and dramatically reducing detection and response times.”

New features in Security Center include a connector to help customers export log data into SIEMs such as ArcSight, Qradar and Splunk; emailed security alerts; the ability to detect lateral movements and malicious scripts; the use of analytics to provide a single view on an attack campaign; REST API documentation to help the integration of users’ own security systems; and (shortly) vulnerability assessments from partners such as Qualys.

These new capabilities allow Microsoft to boast, “when your organization leverages the Microsoft Cloud, it can improve your security posture, versus what you are doing to protect your on-premises IT environment alone.” It claims that Azure is an holistic platform that can combine the customer’s own controls with both Microsoft’s own and those of its partners. And it adds, “Microsoft’s unique insights into the threat landscape, informed by trillions of signals from billions of sources, create an intelligent security graph that we use to inform how we protect all endpoints, better detect attacks and accelerate our response.”

This huge resource of threat information will be used in the upcoming release of Azure Active Directory (AD) Identity Protection. The system will detect suspicious activities like brute force attacks, leaked credentials and logins from unfamiliar locations and infected devices, and will aid the creation of risk-based policies to help protect identities from future threats.

A second new development, due to be available next month, will be the Azure Active Directory Privileged Identity Management option. Privileged accounts are a major weakness: they are literally the keys to the kingdom. If an attacker gets hold of an administrator’s account, there is little that he cannot do.

“More and more organizations are realizing that they have to strictly manage privileged accounts and monitor their activities because of the risk associated with their misuse. With Azure AD Privileged Identity Management you can manage, control, and monitor access to resources in Azure AD as well as other Microsoft online services like Office 365 or Microsoft Intune,” says Microsoft.

Advertisement. Scroll to continue reading.

Both the AD Identity Protection and the AD PIM will be available by including them in the new Microsoft Enterprise Mobility + Security (EMS) E5 suite. Security Center is available now.

Related Reading: Enterprises Failing to Protect Privileged Credentials

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.