At the recent Ignite conference, Microsoft announced several updates to their Azure Security Center offerings. These updates include enhanced cloud resource threat protection, Customer Lockbox extensions, the release of a Secure Code Analysis toolkit, additional support for Azure Disk Encryption, certificate management extensions, API automation and partner integrations.
Microsoft continues to make investments in Azure Security Center, regardless of the workload that customers are running. These workloads may include Infrastructure as a Service (IaaS), Platform as a Service (PaaS), containers or partner solutions. Gilad Elyashar, a principal group pm manager at Microsoft, explains why this is important:
With Azure Security Center our goal is to protect every cloud workload and we have made progress to that goal with new support for containers, and SQL in virtual machines. We continue to focus on making sure you can maximize your valuable time addressing important security issues with new quick fix capabilities so that you can secure multiple items at once, far faster than before.
Azure Security Center provides organizations with a unified experience for managing cloud and on-premises security posture within the enterprise. While Microsoft provides many first party security services that plug into Azure Security Center, customers also leverage other tools provided by 3rd party vendors. One of the new partner offerings in Azure Security Center is integration with Qualys, which provides vulnerability assessments for virtual machines and its outputs are included in an organization’s secure score.
Qualys is not the only 3rd party to introduce integrations with Azure Security Center. Elyashar explains:
You’ll be pleased to know that we now include Qualys vulnerability assessment for no additional fee in Azure Security Center standard edition so that you have a richer set of security recommendations. We are further extending Azure Security Center to include partner recommendations from Check Point Cloud Guard, CyberArk and Tenable.
Secure score is a feature available inside of Azure Security Center that allows organizations to detect misconfigurations or assets that do not have the latest security patches applied. As part of these recent updates, Microsoft has simplified the scoring model to improve the reliability and visibility of calculated scores. In addition, support for custom assessments, created within Azure Policy, have been incorporated into the secure score.
Quickly responding to threats can limit the impact of a cyber breach. Microsoft provides APIs that enable automation and have recently created an API connector for Azure Logic Apps, their Integration Platform as a Service (iPaaS), that allows security analysts to subscribe to security events and then automate the triage of those events.
Customer Lockbox is a service that provides customers with more control on how Microsoft support engineers access their data, for support purposes. Microsoft has recently added more services that support Customer Lockbox, including Azure Storage, Azure SQL Database, Azure Data Explorer, memory dumps from Azure Virtual Machines and transferring Azure Subscriptions.
Microsoft is also providing organizations with tooling that allows them to build more secure applications by integrating analysis tools like Credential Scanner and Binskim into Azure DevOps continuous integration and delivery (CI/CD) pipelines. These analysis tools will look for viruses and malware on your build agent, detect unprotected secrets, certificates and provide recommendations for code readability and maintainability.
Azure Disk Encryption allows customers to provide their own keys that further safeguard their data. Initially, this capability was available for Azure Virtual Machine disks. Microsoft has recently provided preview support for disk encryption for services like Azure Event Hubs, Azure Managed Disks and Power Bi.
Lastly, Microsoft is simplifying how organizations manage certificates within their applications. Azure now provides TLS certificates at no cost to customers that can be added to custom domains hosted in Azure services such as Azure CDN, Azure Front Door and Azure App Service.
Reference:https://www.infoq.com/news/2019/11/Azure-Security-Center-Updates/
