Maintaining visibility and control of cybersecurity is a constant challenge. And as attackers innovate, keeping up with them can be an overwhelming task. On average, it takes more than 200 days for an organisation to detect a breach. With the average cost of a breach reaching into the millions of dollars, the stakes have never been higher.
Microsoft’s new approach integrates security into the platform, and incorporates solutions from other security partners. Microsoft invest more than $1 billion in research and development each year to advance capabilities in all of those areas.
In Azure, that investment helps Microsoft build a solid foundation of physical, network, and operational security.
Microsoft also invests in tools that help us achieve our security objectives for the resources we deploy in Azure. Few days ago, Microsoft announced that the latest of those tools, Azure Security Center, is generally available.
During its preview period, Azure Security Center helped customers such as Chronodrive, Jet.com and Metro Bank gain visibility into the security state of their Azure resources, let them take control of cloud security policies, and monitored security configurations while helping them detect and respond to active attacks.
Azure Security Center provided customers more than 500,000 recommendations to improve the security health of their resources. It used advanced analytics, including machine learning, and Microsoft’s vast global threat intelligence, to detect more than 140,000 threats per month – providing actionable alerts and dramatically reducing detection and response times.
In scenarios where additional security controls are recommended, Azure Security Center makes it simple to find, deploy, and configure controls that are built into Azure as well as solutions from partners. Solutions from Barracuda, Check Point, F5, Fortinet, Imperva, and Trend Micro are already available. Solutions from Cisco and Qualys will be available in the coming weeks. And the ecosystem will continue to grow, because we know our customers employ a wide variety of security tools to protect their infrastructure.
Microsoft also added a number of new features:
- Log integration. A new connector for Azure streamlines the process of getting security data, including Azure Security Center alerts, into security information and event management solutions, such as HP ArcSight, IBM Qradar, Splunk, and others.
- Support for more Azure resource types. Security Center can now more extensively monitor the security of RedHat and many more Linux distros, including system update status, OS configurations, and disk encryption. It can also monitor security health for Cloud Services (Web and Worker Roles) and recommend outdated OS instances be updated.
- Email notifications. Respond to threats more quickly with email notification when a new high severity security alert is detected.
- New detections. Security Center now has improved ability to detect lateral movement, outgoing attacks, and malicious scripts, and researchers are constantly adding new capabilities.
- Security incidents. By using analytics to connect the dots between distinct security alerts, Security Center can now provide a single view of an attack campaign and all of the related alerts so you can quickly understand what actions the attacker took and what resources were impacted.
- REST APIs. For customers who want to integrate with their existing change management or security operations systems, we published REST API documentation.
- Integrated vulnerability assessment. In the coming weeks, customers will be able to deploy vulnerability assessment solutions from partners like Qualys in just a few clicks.
No other public cloud offers the continuous monitoring provided by Azure Security Center. And no other vendor can match the breadth and diversity of threat intelligence that Microsoft can gather from its wide range of enterprise and consumer products and services. If you want to put that intelligence to work for you, get started today with Azure Security Center.