SecASC - M01 - Azure Security Center Overview
SecASC - M01 - Azure Security Center Overview
Microsoft Confidential
http://www.microsoft.com/en-us/legal/intellectualproperty/Permissions/default.aspx
Expanding digital estate
Security Operations Team
IT deployment &
Regulatory maintenance
compliance
requirements
Sophistication
of threats Rising infrastructure
costs and upfront
investment
Security skills
Lack of in short supply
automation
Visibility into security Without security controls in
and compliance place, 68% of breaches take
months or longer to discover.
Cloud security
challenges
Increase in number and
sophistication of attacks
1Source: Time to respond
Ponemon Institute, Cost of a Breach Report
2Source: Microsoft
Identity & access Network Data Security Threat protection Intelligent Security
management Edge management
Azure Security Center
Secure Policies and Improved For For cloud native For databases
Score compliance automation servers workloads and storage
Leveraging
Azure Arc
Azure Arc for servers Azure Arc for Kubernetes Azure data services on Azure Arc
Organize and govern servers across Manage Kubernetes applications Run data services anywhere
environments at-scale Deploy Azure data services in moments
Azure Arc extends Azure's management Deploy and configure Kubernetes anywhere you need them. Get simpler
to physical and virtual servers anywhere. applications consistently across all your compliance, faster response times, and
Govern and manage servers from a environments with modern DevOps better security for your data.
single, scalable management pane. techniques.
Deploy Azure Defender anywhere
with Azure Arc Multi-cloud
On-prem
Azure Arc
Security posture
& compliance Secure score Asset management Policy
Server protection
(Azure Defender for VMs) Threat detection VA (powered by Qualys) Application control
Automation &
management at scale Automation SIEM integration Export
Cloud security management at scale
ASC CSPM platform is extensible with standard
operational tools and interfaces
Build reports for overtime tracking using API samples and OOTB
logic apps.
With prioritized alerts, focus on what matters the most Network traffic IoT Apps
Comprehensive threat protection
Threat protection for Azure and hybrid workloads
General availability
Any Azure Azure Azure App Azure Azure Azure Azure Managed Azure Network Key SQL
Server VMSS K8s Services SQL Storage files Synapse Instance Layer V1 Vault Server
Public preview
Lateral
Movement
Protection Detection
On-prem
New! New!
Detection & response Threat detection (powered by MDATP) SIEM integration Export & Automation
Multi Cloud Visibility
Threat detectiondetect unusual and harmful attempts to breach SQL servers in Azure,
on-premises and other clouds
Protect SQL servers anywhere Support for Azure Arc enabled SQL servers
Azure Defender for the Azure Service Layer
Network
Identities Apps traffic IoT Apps
XDR
Microsoft Defender
Threat protection for cloud at scale
Microsoft
365
App Network
IoT
Partner
solutions