Azure Essentials

What if you had a place where you could quickly learn more about Azure Security, track your learning progress and master the skills you need for your role? Well, now you have this place, is called Azure Essentials (https://www.microsoft.com/en-us/azureessentials). The reason I said Azure Security, is because you can filter the topic for security and…


New Azure Security Center Dashboard

Today we released the new Azure Security Center dashboard, and in the video below I present a quick overview of what’s new in this dashboard: For more information about the new dashboard, read the articles below: For the Overview dashboard, read What is Azure Security Center? For the Identity & Access dashboard, read Monitor identity and access…


File Integrity Monitoring in Azure Security Center

Following the previous posts about new Azure Security Center capabilities that we released at RSA Conference, this one is about File Integrity Monitoring (FIM), which is available in public preview. This capability helps to protect the integrity of your system and applications as Security Center will be continuously monitoring the behavior of your registry and configuration…


Leveraging Azure Security Center Capabilities in a PCI DSS Compliant Environment

It is important to start this conversation by saying that PCI DSS encompasses more than Azure Security Center, however Security Center plays a key role on that, as described in the architecture diagram from Azure Security and Compliance Blueprint – PCI DSS-compliant Payment Processing environments article, shown below: Image extracted from this article The first…


Incident Management Implementation Guidance for Azure and Office365

Couple of months ago I had had a great opportunity to be among the contributors/reviewers of this very cool white paper that talks about incident management using Azure and Office 365. Today I’m very please to let you know that you can download this paper right now! This document helps customers to understand how to…


Considerations Regarding Azure Security Center Adoption

One common question that I receive from customers is: how do I fit Azure Security Center in my overall Security Operations and Incident Response plan? The answer may vary according to your SOC model, the size of the organization, cloud workload, and maturity level. For this reason, is important to take in consideration some key…


Exploring Notable Events in Security Incidents

Azure Security Center is able to identify threats that may compromise your system in different phases of the kill chain. Security Center will use different detection capabilities prior to trigger an alert, and the content of this alert can also vary according to its type. If Security Center identifies that there is a correlation between…


Searching for suspicious user in Azure Security Center

Last September during my presentation with Meir at Ignite, we talked about how powerful the new search capability in Azure Security Center is, the integration with Log Analytics gives you total control, and flexibility to find what you really need.  But how to really use this? First step is to read our core documentation regarding Search…


Incident Response in Hybrid Cloud

I had a great time yesterday at Hacker Halted, my presentation was packed with great security professionals, great questions, and the networking was outstanding. My deck available here (in PDF format), and if you attended the session, make sure to connect with me via LinkedIn.


Updates in Azure Security Center – September 2017 – Part 3

Here another wave of new features that were released today, this time in public preview, but fully documented below: Investigate Incidents and Alerts in Azure Security Center (Preview) Custom Alert Rules in Azure Security Center (Preview) Security Playbook in Azure Security Center (Preview) If you are planning to go to Ignite next week, here are…