Security is a very critical component of any Infrastructure, whether on premise or in the cloud. Not having any security structure or plan in place will be highly devastating. Staying secured in Cloud Infrastructure is becoming increasingly a serious business. You have to mitigate against threats and attacks in the cloud. This is not an option but an essential practice.
Microsoft did not leave you alone to care for this important need. There are several provisions in Microsoft azure to protect and secure your resources and data.
In this blog, I will highlight one of them, Microsoft Defender for Cloud formerly known as Azure Security Center. This is a cloud-native application protection platform (CNAPP).It safeguards cloud-based applications from various cyber threats and attacks. It is best practice to defend applications being deployed from code level to infrastructure level to runtime level. Here is a list of what Microsoft Defender for Cloud is capable of doing.
- It unifies the DevOps security management at the code level
- It manages and strengthen the cloud security posture
- It protects workloads in the cloud
- It provides security recommendations
- It detect and block malware
- It analyse and identify potential attacks
- It provides just-in-time access control for ports
Lets move on to Azure portal and see for ourselves the common features and configuration options that Microsoft Defender for Cloud has.
Log in to Azure portal
Type Microsoft Defender for Cloud in the Search box
In this image above you can see the features of Microsoft Defender for Cloud that we listed earlier-Cloud Security posture management, Cloud workload protection for machine and Advanced Cloud protection for PaaS. These can be configured accordingly
Lets proceed to see the Security Alerts
There is no security breach on this subscription. That is why the Open alerts, Active alerts and In progress alerts are reading zero. If there is any alert, it will show here
To know the general status of the resources on this subscription, Click on Inventory
The total number of resources is 20, 6 of which are unhealthy and 1 is unmonitored. Lets get to know more about this in the next steps
Click on the Security Posture
If the Secure score is below 50%, that indicates that there is something to be worked on, in the Infrastructure.
The image indicates that 6 resources on this subscription is unhealthy and there are recommendations on how to fix this
Lets check out what the recommendations are.
For the Virtual machine, it was recommended that File integrity monitoring should be enabled and the VM should encrypt temp disks
The next image shows the severity levels of the recommendations
The levels ranges from high to low
I hope these tips about this wonderful service is useful. Kindly drop your feedbacks
Top comments (1)
Good one