Presentation is loading. Please wait.

Presentation is loading. Please wait.

Use Azure Security Center to prevent, detect, and respond to threats

PublishOpal Philippa Owens Modified over 6 years ago

Similar presentations

Presentation on theme: "Use Azure Security Center to prevent, detect, and respond to threats"— Presentation transcript:

1 Use Azure Security Center to prevent, detect, and respond to threats
Microsoft 2016 6/13/2018 2:26 AM BRK2122 Use Azure Security Center to prevent, detect, and respond to threats Sarah Fender Principal Program Manager © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 6/13/2018 2:26 AM “Through 2020, 95 percent of cloud security failures will be the customer's fault” – Gartner Sourc:e Gartner Reveals Top Predictions for IT Organizations and Users for 2016 and Beyond, October 2015, © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 A TRUSTED CLOUD PLATFORM THAT EMPOWERS CUSTOMERS
6/13/2018 2:26 AM A TRUSTED CLOUD PLATFORM Security Privacy and Control Transparency Compliance THAT EMPOWERS CUSTOMERS Encryption Secure Networking Identity & Access Partner Solutions Azure Security Center © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 Cloud security challenges
6/13/2018 2:26 AM Cloud security challenges $ Management is increasingly distributed Cloud environments are more dynamic A new approach is required © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 Distributed security responsibilities
Ellen CISO/CIO Jeff Cloud Workload Owner Manages a cloud workload and its related resources (often in a DevOps role) Responsible for all aspects of security for the company David IT Security Sets company security policies and ensures compliance Judy Security Ops Monitors and responds to security alerts 24/7 Sam Security Analyst Investigates attacks

6 Azure Security Center helps unlock cloud opportunities
6/13/2018 2:26 AM Azure Security Center helps unlock cloud opportunities Gain visibility and control Enable security at cloud speed Keep up with cyber threats © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Hardening Cloud Workloads to Prevent a Breach

8 Identify and remediate vulnerabilities
6/13/2018 2:26 AM Identify and remediate vulnerabilities Configurable Security Policy Built-In and Partner Security Solutions Continuous Monitoring Actionable Recommendations © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Demo: Prevent a Breach Jeff David Cloud Workload Owner IT Security
Manages a cloud workload and its related resources (often in a DevOps role) David IT Security Sets company security policies and ensures compliance

10 Detecting Threats Early and Remediating Quickly

11 Detect known and unknown threats
6/13/2018 2:26 AM Detect known and unknown threats Threat intelligence Looks for known malicious actors using Microsoft global threat intelligence Behavioral analytics Looks for known patterns and malicious behaviors Anomaly detection Uses statistical profiling to build historical baselines Alerts on deviations that conform to a potential attack vector Partners Integrates alerts from partner solutions, like firewalls and antimalware Fusion Combines events and alerts from across the kill chain to map the attack timeline © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 Detect threats throughout the kill chain
6/13/2018 2:26 AM Detect threats throughout the kill chain Target and attack Inbound brute force RDP, SSH, and SQL attacks Application and DDoS attacks Intrusion detection Install and exploit Known malware signatures In-memory malware and exploit attempts Suspicious process execution Lateral movement Internal reconnaissance Post breach Communication to a known malicious IP address Using compromised resources to mount additional attacks © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 New detection algorithm
6/13/2018 2:26 AM Ongoing research and innovation Security Research Security insights New detection algorithm Validation and tuning © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 Demo: Detect & Respond Judy Security Ops Sam Security Analyst
Investigates attacks Judy Security Ops Monitors and responds to security alerts 24/7

15 Analyze, Visualize, & Integrate

16 Integrate security health status, recommendations, and alerts using REST APIs

17 Standard Log Connector
6/13/2018 2:26 AM Azure Access security data in near real-time from your SIEM –security alerts, activity logs, VM security events Azure Storage Azure Diagnostics Azure APIs Azure Log Integration Log Analytics/SIEM Rehydrate: “Forwarded Events” Flat files (IIS Logs) CEF formatted logs Export Logs Standard Log Connector (ArcSight, Splunk, etc) © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 Gain insight into the security state of subscriptions in Power BI

19 Why Azure Security Center
6/13/2018 2:26 AM Why Azure Security Center Intelligence and expertise Speed, scale, and savings Integrated approach © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 Hybrid cloud workload protection
6/13/2018 2:26 AM Hybrid cloud workload protection Microsoft Operations Management Suite OMS Security Azure Security Center Security built-in to OMS Collection of security data from virtually any source (Azure or AWS, Windows Server or Linux, VMware or OpenStack) Insight into security status (antimalware, system updates) Correlations to detect malicious activities and search for rapid investigation Integrates operational and security management Threat detection using advanced analytics Security built-in to Azure Asset discovery and ongoing security assessment (antimalware, system updates, encryption, virtual network configurations) Actionable security recommendations Security policy for IT governance Integrated management and monitoring of partner security solutions & © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 Free IT Pro resources To advance your career in cloud technology
Microsoft Ignite 2016 6/13/2018 2:26 AM Free IT Pro resources To advance your career in cloud technology Plan your career path Microsoft IT Pro Career Center Cloud role mapping Expert advice on skills needed Self-paced curriculum by cloud role $300 Azure credits and extended trials Pluralsight 3 month subscription (10 courses) Phone support incident Weekly short videos and insights from Microsoft’s leaders and engineers Connect with community of peers and Microsoft experts Get started with Azure Microsoft IT Pro Cloud Essentials Demos and how-to videos Microsoft Mechanics Connect with peers and experts Microsoft Tech Community © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 Free IT Pro resources To advance your career in cloud technology
Microsoft Ignite 2016 6/13/2018 2:26 AM Free IT Pro resources To advance your career in cloud technology Plan your career path IT Pro Career Center Get started with Azure IT Pro Cloud Essentials Demos and how-to videos Microsoft Mechanics Connect with peers and experts Ask questions, get answers, exchange ideas Azure Solutions Get started with Azure Solutions today Azure monthly webinar series Join live or watch on-demand © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

23 Please evaluate this session
6/13/2018 2:26 AM Please evaluate this session Your feedback is important to us! From your PC or Tablet visit MyIgnite at From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Don’t miss these sessions:
Microsoft 2016 6/13/2018 2:26 AM Don’t miss these sessions: THR2039: Gain visibility and control over the security of your cloud infrastructure Monday 5:40pm - 6:00pm, Tuesday 4:05 - 4:25, Thursday 9:05 - 9:25, Microsoft Theatre 1 Get control over your datacenter with security monitoring using Operations Management Suite Tuesday 12:30pm - 1:45pm, B405 - B407 Assess security posture of your datacenter in under one hour using Operations Management Suite Wednesday 10:45am - 12:00pm, C112 Mitigate datacenter security threats with guided investigation using Operations Management Suite and Azure Security Center Thursday 11:30am - 12:15pm, C114 © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "Use Azure Security Center to prevent, detect, and respond to threats"

Similar presentations

Learn how the cloud is accelerating network transformation

Learn how the cloud is accelerating network transformation
Laura E. Hunter Principal Program Manager October 2016

Laura E. Hunter Principal Program Manager October 2016
2/20/2018 7:04 PM BRK1038 Meet Azure Information Protection customers and learn about their success stories Jeffrey Kalfut Strategy & Architecture Manager,

2/20/2018 7:04 PM BRK1038 Meet Azure Information Protection customers and learn about their success stories Jeffrey Kalfut Strategy & Architecture Manager,
BRK1017 Taking your hybrid management and security strategy to the cloud with Operations Management Suite Jeremy Winter and Srini Chandrasekar.

BRK1017 Taking your hybrid management and security strategy to the cloud with Operations Management Suite Jeremy Winter and Srini Chandrasekar.
Hybrid Management and Security

Hybrid Management and Security
Microsoft Ignite 2016 4/30/2018 9:28 PM BRK3174

Microsoft Ignite /30/2018 9:28 PM BRK3174
Deliver business insights with Microsoft Dynamics AX and Power BI

Deliver business insights with Microsoft Dynamics AX and Power BI
Get control over your datacenter with security monitoring using OMS

Get control over your datacenter with security monitoring using OMS
Examine information management in Cortana Intelligence

Examine information management in Cortana Intelligence
“Introduction to Azure Security Center”

“Introduction to Azure Security Center”
Develop, debug and deploy containerized applications with Docker

Develop, debug and deploy containerized applications with Docker
Microsoft Operations Management Suite Insight and Analytics

Microsoft Operations Management Suite Insight and Analytics
Microsoft Ignite 2016 6/2/2018 6:37 AM BRK2293

Microsoft Ignite /2/2018 6:37 AM BRK2293
Microsoft 2016 6/2/2018 3:42 PM BRK3129 Query Big Data using the Expanded T-SQL footprint with PolyBase in SQL Server 2016 Casey Karst Program Manager.

Microsoft /2/2018 3:42 PM BRK3129 Query Big Data using the Expanded T-SQL footprint with PolyBase in SQL Server 2016 Casey Karst Program Manager.
Simplifying Hybrid Cloud Protection with Azure Security Center

Simplifying Hybrid Cloud Protection with Azure Security Center
BRK3288-Discover data-driven apps that learn and adapt

BRK3288-Discover data-driven apps that learn and adapt
Configure and Manage Your Hybrid Cloud Environment at Scale

Configure and Manage Your Hybrid Cloud Environment at Scale
Conduct a successful pilot deployment of Microsoft Intune

Conduct a successful pilot deployment of Microsoft Intune
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Rottem @AmitaiTechie Senior Program Manager,

6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
Review the Nutanix Cloud Platform System Standard solution

Review the Nutanix Cloud Platform System Standard solution

Similar presentations

Ads by Google