Use Azure Security Center to prevent, detect, and respond to threats

Slides:



Advertisements
Similar presentations
Learn how the cloud is accelerating network transformation
Advertisements

Laura E. Hunter Principal Program Manager October 2016
2/20/2018 7:04 PM BRK1038 Meet Azure Information Protection customers and learn about their success stories Jeffrey Kalfut Strategy & Architecture Manager,
BRK1017 Taking your hybrid management and security strategy to the cloud with Operations Management Suite Jeremy Winter and Srini Chandrasekar.
Hybrid Management and Security
Microsoft Ignite /30/2018 9:28 PM BRK3174
Deliver business insights with Microsoft Dynamics AX and Power BI
Get control over your datacenter with security monitoring using OMS
Examine information management in Cortana Intelligence
“Introduction to Azure Security Center”
Develop, debug and deploy containerized applications with Docker
Microsoft Operations Management Suite Insight and Analytics
Microsoft Ignite /2/2018 6:37 AM BRK2293
Microsoft /2/2018 3:42 PM BRK3129 Query Big Data using the Expanded T-SQL footprint with PolyBase in SQL Server 2016 Casey Karst Program Manager.
Simplifying Hybrid Cloud Protection with Azure Security Center
BRK3288-Discover data-driven apps that learn and adapt
Configure and Manage Your Hybrid Cloud Environment at Scale
Conduct a successful pilot deployment of Microsoft Intune
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
Review the Nutanix Cloud Platform System Standard solution
Microsoft Ignite /11/2018 1:18 AM BRK4017
Developing Hybrid Apps on Microsoft Azure Stack
6/19/2018 2:57 AM THR3092 Monitor and investigate actions on your user and data with alerts, insights and reports Binyan Chen Program Manager II, Office.
Microsoft /23/2018 1:11 AM BRK3180 Migrate CRM OnPremise organizations to CRM Online cloud using Dynamics Lifecycle Services (LCS) Aditya Varma Ganapathy.
Web development productivity with Visual Studio
Innovate with Microsoft BI in the enterprise
Protect Azure IaaS deployments using Azure Security Center
Microsoft Azure P wer Lunch
The power of common identity across any cloud
Microsoft Ignite /17/ :54 PM BRK2092
Protect sensitive information with Office 365 DLP
Microsoft Ignite /22/2018 3:27 PM BRK2121
Secure Remote Access to on-premises Web Apps using Azure AD
BRK2264 Move 13,000+ global Dynamics CRM users from on-premises to Online at Caterpillar Inc. Todd Byrne & John Finney 1 Business Unit Name Here.
Master Modern PaaS for the Enterprise with Azure App Service
Understanding Windows Analytics Update Compliance
Get Started with Common Data Model (CDM) and PowerApps
Microsoft Ignite /8/2018 3:50 PM BRK2112
Design Seamless Upgrades to SQL Server 2016 with Query Store
Microsoft /8/2018 4:45 PM BRK3062 BRK3062- Build smarter and scalable applications using Microsoft Azure Database Services Moshe Gutman CEO, GeoSafe.
The utility belt for managing security and compliance in Office 365
Find, try and get line-of-business apps on Microsoft AppSource
Bring new levels of visibility to your datacenter with Cisco Tetration
Using AAD B2C for WordPress & Secure Deployment Scenario
Microsoft Ignite /16/2018 2:39 PM BRK3307
Add intelligence to Dynamics AX with Cortana Intelligence suite
Use server-based personal desktops in Windows Server 2016
Accelerate Your Transition from Traditional IT to the Cloud
Explore web development with Microsoft ASP.NET Core 1.0
Microsoft Ignite /14/ :21 AM BRK2101
Migrate to CRM Online - Tips and Tricks
Determine your role in a managed service
Dive into Predictive Maintenance using Cortana Intelligence Suite
Secure your Active Directory to mitigate risk in the cloud
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Project Springfield Fuzz your code before hackers do
Microsoft Ignite /22/2018 3:58 PM BRK2254
Ed oms team OMS: Log Analytics Ed oms team.
Automating Windows 10 and software deployments from the Cloud
12/5/2018 2:50 AM How to secure your front door with real-time risk assessments of your logons Jan Ketil Skanke COO and Principal Cloud Architect CloudWay.
Microsoft Virtual Academy
Assess security posture of your datacenter in under one hour using OMS
Learn how to use and customize the Dynamics AX interactive help system
Automating security for better, continuous compliance in the cloud
12/10/ :45 AM BRK3087 Azure SQL Database: The world's first intelligent cloud database service Ron Matchoro & Veljko Vasic : SQL Product Team Frans.
2/24/2019 7:49 PM BRK2198 Four new Azure management experiences to run your business critical applications Dushyant Gill | Jan Kalis.
Understand your Azure cloud assets dependencies with BMC Discovery
4/21/2019 7:09 AM THR2098 Unlock New Opportunities with Nintex Hawkeye Process Intelligence and Workflow Analytics Sr. Product.
Microsoft Virtual Academy
Microsoft Data Insights Summit
Presentation transcript:

Use Azure Security Center to prevent, detect, and respond to threats Microsoft 2016 6/13/2018 2:26 AM BRK2122 Use Azure Security Center to prevent, detect, and respond to threats Sarah Fender Principal Program Manager © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6/13/2018 2:26 AM “Through 2020, 95 percent of cloud security failures will be the customer's fault” – Gartner Sourc:e Gartner Reveals Top Predictions for IT Organizations and Users for 2016 and Beyond, October 2015, http://www.gartner.com/newsroom/id/3143718 © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

A TRUSTED CLOUD PLATFORM THAT EMPOWERS CUSTOMERS 6/13/2018 2:26 AM A TRUSTED CLOUD PLATFORM Security Privacy and Control Transparency Compliance THAT EMPOWERS CUSTOMERS Encryption Secure Networking Identity & Access Partner Solutions Azure Security Center © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Cloud security challenges 6/13/2018 2:26 AM Cloud security challenges $ Management is increasingly distributed Cloud environments are more dynamic A new approach is required © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Distributed security responsibilities Ellen CISO/CIO Jeff Cloud Workload Owner Manages a cloud workload and its related resources (often in a DevOps role) Responsible for all aspects of security for the company David IT Security Sets company security policies and ensures compliance Judy Security Ops Monitors and responds to security alerts 24/7 Sam Security Analyst Investigates attacks

Azure Security Center helps unlock cloud opportunities 6/13/2018 2:26 AM Azure Security Center helps unlock cloud opportunities Gain visibility and control Enable security at cloud speed Keep up with cyber threats © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Hardening Cloud Workloads to Prevent a Breach

Identify and remediate vulnerabilities 6/13/2018 2:26 AM Identify and remediate vulnerabilities Configurable Security Policy Built-In and Partner Security Solutions Continuous Monitoring Actionable Recommendations © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo: Prevent a Breach Jeff David Cloud Workload Owner IT Security Manages a cloud workload and its related resources (often in a DevOps role) David IT Security Sets company security policies and ensures compliance

Detecting Threats Early and Remediating Quickly

Detect known and unknown threats 6/13/2018 2:26 AM Detect known and unknown threats Threat intelligence Looks for known malicious actors using Microsoft global threat intelligence Behavioral analytics Looks for known patterns and malicious behaviors Anomaly detection Uses statistical profiling to build historical baselines Alerts on deviations that conform to a potential attack vector Partners Integrates alerts from partner solutions, like firewalls and antimalware Fusion Combines events and alerts from across the kill chain to map the attack timeline © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Detect threats throughout the kill chain 6/13/2018 2:26 AM Detect threats throughout the kill chain Target and attack Inbound brute force RDP, SSH, and SQL attacks Application and DDoS attacks Intrusion detection Install and exploit Known malware signatures In-memory malware and exploit attempts Suspicious process execution Lateral movement Internal reconnaissance Post breach Communication to a known malicious IP address Using compromised resources to mount additional attacks © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

New detection algorithm 6/13/2018 2:26 AM Ongoing research and innovation Security Research Security insights New detection algorithm Validation and tuning © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Demo: Detect & Respond Judy Security Ops Sam Security Analyst Investigates attacks Judy Security Ops Monitors and responds to security alerts 24/7

Analyze, Visualize, & Integrate

Integrate security health status, recommendations, and alerts using REST APIs

Standard Log Connector 6/13/2018 2:26 AM Azure Access security data in near real-time from your SIEM –security alerts, activity logs, VM security events Azure Storage Azure Diagnostics Azure APIs Azure Log Integration Log Analytics/SIEM Rehydrate: “Forwarded Events” Flat files (IIS Logs) CEF formatted logs Export Logs Standard Log Connector (ArcSight, Splunk, etc) © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Gain insight into the security state of subscriptions in Power BI

Why Azure Security Center 6/13/2018 2:26 AM Why Azure Security Center Intelligence and expertise Speed, scale, and savings Integrated approach © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Hybrid cloud workload protection 6/13/2018 2:26 AM Hybrid cloud workload protection Microsoft Operations Management Suite OMS Security Azure Security Center Security built-in to OMS Collection of security data from virtually any source (Azure or AWS, Windows Server or Linux, VMware or OpenStack) Insight into security status (antimalware, system updates) Correlations to detect malicious activities and search for rapid investigation Integrates operational and security management Threat detection using advanced analytics Security built-in to Azure Asset discovery and ongoing security assessment (antimalware, system updates, encryption, virtual network configurations) Actionable security recommendations Security policy for IT governance Integrated management and monitoring of partner security solutions & © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Free IT Pro resources To advance your career in cloud technology Microsoft Ignite 2016 6/13/2018 2:26 AM Free IT Pro resources To advance your career in cloud technology Plan your career path Microsoft IT Pro Career Center www.microsoft.com/itprocareercenter Cloud role mapping Expert advice on skills needed Self-paced curriculum by cloud role $300 Azure credits and extended trials Pluralsight 3 month subscription (10 courses) Phone support incident Weekly short videos and insights from Microsoft’s leaders and engineers Connect with community of peers and Microsoft experts Get started with Azure Microsoft IT Pro Cloud Essentials www.microsoft.com/itprocloudessentials Demos and how-to videos Microsoft Mechanics www.microsoft.com/mechanics Connect with peers and experts Microsoft Tech Community https://techcommunity.microsoft.com © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Free IT Pro resources To advance your career in cloud technology Microsoft Ignite 2016 6/13/2018 2:26 AM Free IT Pro resources To advance your career in cloud technology Plan your career path IT Pro Career Center http://www.microsoft.com/itprocareercenter Get started with Azure IT Pro Cloud Essentials https://www.microsoft.com/itprocloudessentials Demos and how-to videos Microsoft Mechanics https://www.microsoft.com/mechanics Connect with peers and experts Ask questions, get answers, exchange ideas https://techcommunity.microsoft.com Azure Solutions Get started with Azure Solutions today http://azure.com/solutions Azure monthly webinar series Join live or watch on-demand http://aka.ms/AzureMonthlyWebinar © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Please evaluate this session 6/13/2018 2:26 AM Please evaluate this session Your feedback is important to us! From your PC or Tablet visit MyIgnite at http://myignite.microsoft.com From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting https://aka.ms/ignite.mobileapp © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Don’t miss these sessions: Microsoft 2016 6/13/2018 2:26 AM Don’t miss these sessions: THR2039: Gain visibility and control over the security of your cloud infrastructure Monday 5:40pm - 6:00pm, Tuesday 4:05 - 4:25, Thursday 9:05 - 9:25, Microsoft Theatre 1 Get control over your datacenter with security monitoring using Operations Management Suite Tuesday 12:30pm - 1:45pm, B405 - B407 Assess security posture of your datacenter in under one hour using Operations Management Suite Wednesday 10:45am - 12:00pm, C112 Mitigate datacenter security threats with guided investigation using Operations Management Suite and Azure Security Center Thursday 11:30am - 12:15pm, C114 © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.