Azure Security Center Wrap - Issue #1

Hi, all! Welcome to the very first, new-car-smell issue of the "Azure Security Center Wrap" newsletter.

This newsletter is intended to deliver every 2 weeks on a Friday. As with our sister publication, the Azure Sentinel this Week newsletter, this newsletter is a wrap-up of created and curated community content but hyper-focused on Azure Security Center and Azure Security Center with Defender.

So, why biweekly instead of weekly? We intend to start slow with this one for a couple reasons. First, we are still working to identify the best avenues to capture Azure Security Center community activity. We want each issue to be stocked full of great information - so, for now, about every 2 weeks seems about right. Secondly, I spend a lot of time on the Azure Sentinel newsletter so I'll need help with this one. I have a day job, you know. :)

So, because the newsletter content is a bi-product of community engagement and participation, the newsletter itself will be a team effort. Currently myself and Nathan Swift are combing the highways and bi-ways for content, but we're in active search mode for others to help. Heck - some of those others could actually be some of you. That's something we're thinking about, so stay tuned to that.

I want to thank you all for the mighty effort to get this newsletter kicked-off. I posed the question about a potential Azure Security Center newsletter a few weeks ago and the response was huge and hugely positive. It was a resounding "YES!" that this newsletter is necessary. Then, we set a goal. We needed a certain number of subscribers to make this effort worthwhile. And, wow. We set the bar low, but you all busted through that ceiling pretty quickly.

So, welcome everyone! Welcome to your newsletter.

The subscriber count continues to grow even this morning as I put the final touches on this issue. But, we need your help. This is a community effort. Any community effort worthwhile is driven by the community itself. There's a few ways to help:

1. Find something in the newsletter you like? Share it with a colleague and tell them where you found it.

2. Share the entire newsletter with someone. If you're an Inbox subscriber, forward the newsletter on to your best pal.

3. Tell others about the newsletter. The link to find the archives and for others to subscribe will always be here: https://www.getrevue.co/profile/ASCDefender

4. Send in your comments and suggestions. At the bottom of every newsletter is a way to "thumbs-up" or "thumbs-down" the newsletter. You can also send us your comments.

That's it from me for this issue. I have to switch over and finish up the Azure Sentinel version.

I'm excited about this and I hope you are, too.

Talk soon.

-Rod

---

Things to Read

Security Center Compliance Over Time Report Now in Public Preview – Azure Cloud & AI Domain Blog — cda.ms The Microsoft Security Center team has now released an integrated report that gives customers the ability to track compliance status over time. This is a valuable report to enable managers and workers to view continuing progress toward a compliant environment. The Compliance Over Time workbook requires continuous export to export data to a Log Analytics…

Azure Defender PoC Series - Azure Defender for Container Registries - Microsoft Tech Community — cda.ms Introduction This article is part of our Azure Defender PoC Series which provides you with guidelines on how to perform a successful proof of concept for

How to Control Deployment of Defender for Endpoint to your Linux machines – Azure Cloud & AI Domain Blog — cda.ms Azure Security Center now supports (in preview) the automatic deployment of Defender for Endpoint to your Linux machines. To enable this... [1] In Azure Security Center go to Pricing & Settings for the Security Center enabled subscription and then Integrations. [2] Click the Enable for Linux Machines (Preview) button and click Save. [3] Finally, verify…

Securing Low Code Execution boundaries - Logic App - by SwiftSolves - SwiftSolves Security on Azure — cda.ms Good morning while working through the excellent documentation of Azure Security Benchmarks for Logic Apps I came across 1.4 Deny communications with known-malicious IP addresses

How to Get the Network Security Dashboard for Security Center – Azure Cloud & AI Domain Blog — cda.ms There's a new dashboard in town for Azure Security Center. This particular dashboard (workbook) contains the following: Overview - a summary of all monitored network-related security components.Public IPs & Exposed Ports - Public IP and Asset Types and Ports Exposed to the InternetNetwork Security Services- DDoS Protection Plans, Azure Firewalls and Firewall Policies, Azure WAF…

Simulate alerts to be caught by ASC -Microsoft Azure Security Randomness — cda.ms This article provides you some safe approaches to create Azure Security Center alerts to validate its detection capabilities.

Validating Azure Defender for App Service Alerts - Microsoft Tech Community — cda.ms Azure Defender for App Service helps organizations be more secure by providing dedicated security analytics for your App Service resources. The purpose of this article is to provide specific guidance on how to validate Azure Defender for App Service alerts, by simulating a suspicious activity on applications running over App Service.

How to Obtain a Completion Certificate for Azure Security Center Ninja Training – Azure Cloud & AI Domain Blog — cda.ms Many of the Microsoft Ninja trainings have completion certificates available after a brief knowledge measure and a passing score. As of August 11th, this also goes for the Ninja training for Azure Security Center/Azure Defender. The knowledge measure for ASC consists of 30 questions. I've taken it myself and am pretty happy to say I…

Things to Watch/Listen To

Notes from the Field | Azure Security Center in the Field #30 — cda.ms In this episode of Azure Security Center in the Field, Tom Quinn joins Yuri Diogenes to share his field experience working with customer that are adopting Az...

Azure Security Center: Manage Access and Permissions — cda.ms Azure Security Center: Manage Access and Permissions

Things to Have

Azure-Security-Center/Workbooks/Network Security Dashboard at main · Azure/Azure-Security-Center · GitHub — cda.ms The new network security dashboard for Security Center provides you a unified view and full visibility to your network security and networking resources in Azure. If you have been actively using Security Center and Network Security features in Azure, this workbook is for you!

New Things

Public preview: Apply settings inside machines using Azure Policy's guest configuration | Azure updates | Microsoft Azure — cda.ms In a major milestone for Azure Governance and the PowerShell Desired State Configuration (DSC) community, we are announcing that starting today, Azure Policy's guest configuration feature is in public preview for applying configurations to Azure virtual machines and Arc-enabled machines. Guest configuration is integrated with Azure Security Center, Azure Automanage, and will continue to expand.

Important changes coming to Azure Security Center | Microsoft Docs — cda.ms Upcoming changes to Azure Security Center that you might need to be aware of and for which you might need to plan

News

How Azure Security can help Federal Agencies meet Cybersecurity Executive Order Requirements - Microsoft Tech Community — cda.ms In May 2021, the Biden Administration signed Executive Order (EO) 14028, placing cloud security at the forefront of national security. Federal agencies

Microsoft Ignite

Sitting through roadmap sessions over the last few weeks I know Ignite (November 2–4, 2021) is going to be monumental. Add the event to your calendar! https://cda.ms/2rN #MSIgnite