Introduction to Azure Security Center
Given the threat landscape presented in Chapter 1, it is clear that there is a need for a system that can both unify security management and provide advanced threat protection for workloads running in Azure, on-premises, and on other cloud providers.
Azure Security Center gives organizations complete visibility and control over the security of hybrid cloud workloads, including compute, network, storage, identity, and application workloads. By actively monitoring these workloads, Security Center enhances the overall security posture of the cloud deployment and reduces the exposure of resources to threats. Security Center also uses intelligent threat detection to assist you in protecting your environment from rapidly evolving cyberattacks.
Security Center also assesses the security of your hybrid cloud workload and provides recommendations to mitigate threats. And it provides centralized policy management to ensure compliance with company or regulatory security requirements.
In this chapter, you will learn how you can use Security Center in your security operations, you will learn key considerations for adoption, and you’ll learn how to onboard resources.
As enterprises start their journey to the cloud, they will face many challenges trying to adapt their on-premises tools to a cloud-based model. In a cloud environment, where there are different workloads to manage, it becomes imperative to have ongoing verification, and corrective actions to ensure that the security posture of those workloads are always at the highest quality possible.
Security Center has a variety of capabilities that can be used in two categories of cloud solutions:
Cloud Security Posture Management (CSPM) Enable organizations to assess their cloud infrastructure to ensure compliance with industry regulations and identify security vulnerabilities in their cloud workloads.
Cloud Workload Protection Platform (CWPP) Enable organizations to assess their cloud workload risks and detect threats against their server (IaaS), containers, databases (PaaS), and storage. It also allows organizations to identity faulty configurations and remediate those with security best practices recommendations. To use the CWPP capabilities you need to upgrade to Azure Defender.