Azure Security Center
When you start developing an Azure-based solution, and you wish to examine the security of your solution, one of the places to start with is the Azure Security Center. As an administrator, you must know that the security center is a monitoring service that provides threat protection of your services, both in Azure and On-premises.
Azure Security Center –
•Provides you security recommendations, which is based on how you have configured your resources, and networks.
•Monitor security settings across the on-premises and cloud workloads, and it also applies required security to new services as they become available online, automatically.
•They continuously monitor all your services, and they also perform automatic security assessments in order to identify potential security vulnerabilities.
•They use machine learning in order to detect and block malware from being installed on your virtual machines and services. What we can do is define a list of allowed applications in order to ensure that only the apps that we validate are allowed to execute.
•It analyzes and identify potential inbound attacks, helps to investigate threats and any post-breach activity that might have occurred.
•It provide just-in-time access control for ports, thereby, reducing the attack surface by ensuring the network only allows traffic that you need.
The Azure Security Center is available in two tiers –
1.Free Tier – This is available by default with your subscription. Of course, anything given free will not have all the goodies packed together. This is true for the free tier as well. It is limited to assessing and providing recommendations for Azure resources only.
2.Standard Tier – Which provides the complete functionality and security related services, which we had just discussed and you can see it on your screens. ●
Azure Security Center Usage
1. There are different stages, where the Azure Security Center can be used to act and provide response. These stages are detect, assess, and diagnose and then stabilize, and close.
2. Enhance the security for which we need to define the policies and based on the configurations and policies, all the security related events can be significantly reduced. It analyzes the security state of your resources
In case of a vulnerability detection, it creates recommendations in order to help us by providing guidance on how to proceed further. There are certain caveats though, which I would recommend you to please go to Microsoft docs to see and learn the best practices of the security center usage.