I would like to share with you some updates that we had during this month in the Azure Security Center documentation, which directly reflect some changes in this service. The main changes are:
- Platform Migration: Beginning in early June 2017, Azure Security Center rolls out important changes to the way security data is collected and stored. These changes unlock new capabilities like the ability to easily search security data and better aligns with other Azure management and monitoring services. Read more about this in this article.
- Security Center Roles: Security Center uses Role-Based Access Control (RBAC), which provides built-in roles that can be assigned to users, groups, and services in Azure. We updated the Planning and Operations guide to include two Security Center specific roles (Security Reader and Security Admin). Read more about it in this article.
- Qualys Vulnerability Assessment is GA: Vulnerability assessment from Qualys is available today, read more about it in this article.
- Contextual Information: During an investigation, analysts need extra context to reach a verdict about the nature of the threat and how to mitigate it. For example, a network anomaly was detected, but without understanding what else is happening on the network or with regard to the targeted resource it is every hard to understand what actions to take next. To help in this investigation, Security Center added a contextual information as part of the security incident. Read more about it in this article.
Aside from that, it is worth to mention a great video that Barclay Neira (from our team) recorded last month talking about Azure Log Integration, you can watch it below:
Stay tune for more news....soon 🙂