Defense Against Dark Arts — Azure Security Center
Secure Cloud Resources with Azure Security Center
With the inception of cloud computing, organizations and individuals move their business applications from traditional on-premises data centers to cloud providers. This allows organizations and businesses to rapidly introduce new features of their applications with less time and effort.
With such flexibility comes with few trade-offs. When organizations are moving applications and databases to cloud providers, an organization doesn’t have full visibility of how data is stored in those cloud providers.
With cloud computing, security engineers of the organizations have to take extra steps and measurements to protect customer data stored in their applications. Different cloud providers have their own way of implementing security in the cloud, but the concept of cloud security is common to any cloud provider.
Since I have been working with Microsoft Azure for a long time, I decided to share a few features available in Azure Security Center (ASC) to secure our cloud assets and applications.
1. Security Recommendations and Alerts ❗️
Azure Security Center is a tool for protecting applications and cloud assets from malicious activities.
ASC can protect non-Azure Windows and Linux servers that run services in the cloud and on-premises. Azure Security Center uses Log Analytics agent on all virtual and physical machines. This agent ensures to collect metrics and events, then processes them through Azure Security Center. Based on the collected data and events, ASC generates security alerts for the IT security team to assess and ensure the security of the workloads.
2. Resource Discovery 📊
Azure Security Center can identify new resources deployed to the subscription as an organization application may provision dynamic resources based on the application needs. In such a situation, those resources should secure by ASC. We can enable auto-provisioning of Log Analytics agent for any virtual machines provisioned.
3. Secure Score 🪧
Azure Security Center's secure score provides the overall security hygiene of the cloud resources. This helps security engineers to take an overview of which areas to be improved. The secure score suggests to us the recommendations be taken to increase the score, and each recommendation has a specific based on the severity.
4. Regulatory Compliance 🔐
Some organizations have to comply with regulators when they are interacting with customer data. These regulators are used to secure sensitive data such as personal information, password, health record, etc. With the Regulatory compliance feature in Azure Security Center, we can apply different regularities such as ISO 27001, PCI DSS, etc.
Azure Security Center featured with most common regulations, and we can use those to create a benchmark for validating our applications and cloud resources are according to required regulatory requirements.
5. Azure Defender ❌
Azure Defender provides security alerts and advanced protection from threats for virtual machines, containers, networks, web applications, key vaults, etc.
Azure Security Center has pre-defined benchmark rules to analyze the settings and provide recommendations. It also enables features such as Just-In-Time access to virtual machines and enhanced network maps, container registry image scanning, etc.
The following tutorial will guide you through the features explained above.
Summary
Following are the core features Azure Security Center offers.
- Unified security management for on-premises and cross various Azure non-Azure clouds.
- Threat detection for Azure services
- Adaptive application control and automation
- Central location for security policy management and internal security compliance and regulatory requirements
- Provide security recommendation and alerts and prioritized them based on the severity
- Continues security assessment for virtual machines, network, databases, and storage
