Microsoft today announced that Advanced Threat Protection (ATP) for Azure Storage now also allows customers to protect data stored in Azure Files file shares and Azure Data Lake Storage Gen2 API data stores.
ATP for Azure Storage is designed as an additional security intelligence layer to help detect malware uploaded to cloud storage accounts, access from suspicious sources (including but not limited to TOR exit nodes), and potentially harmful data exfiltration activities.
Today we’re excited to announce the preview of extending advanced threat protection for Azure Storage to support Azure Files and Azure Data Lake Storage Gen2 API, helping our customers to protect their data stored in file shares and data stores designed for enterprise big data analytics,” Azure Security Center Product Manager Hasan Abo-Shally said.
Tenant-wide Azure Security Center integration
The security alerts issued by ATP for Azure Storage when it detects activity anomalies on a customer’s storage account are emailed to admins and are integrated with the Azure Security Center for the entire Azure tenant.
These alerts include suspicious activity details as well as investigation and remediation recommendations to allow customers with no security expertise to properly address detected threats, using
The alerts detail potential signs of data exfiltration, attempts to gain persistence, data collection, exploitation, probing, or attempts of lateral movement to other Azure cloud services.
Available in public and govt clouds
Advanced threat protection for Azure Storage needs to be toggled on for all storage accounts containing file shares and blob containers that need to be protected.
ATP for Azure Storage was released in public preview in October 2018, reaching general availability in March 2019, and it is available for Blob storage, Azure Files, and Azure Data Lake Storage Gen2 with support for general-purpose v2, block blob, and Blob storage accounts.