How to Subscribe to the Azure Security Center Wrap Newsletter

The Azure Sentinel newsletter "experiment" I started a few months ago is a confirmed success. Its become a wildly popular weekly Inbox insert for many and the subscriber growth is still steadily increasing. And, for those that don't care for yet another newsletter, there's also a huge following for direct access through the social media … Continue reading How to Subscribe to the Azure Security Center Wrap Newsletter

How to Get the Network Security Dashboard for Security Center

There's a new dashboard in town for Azure Security Center. This particular dashboard (workbook) contains the following: Overview - a summary of all monitored network-related security components.Public IPs & Exposed Ports - Public IP and Asset Types and Ports Exposed to the InternetNetwork Security Services- DDoS Protection Plans, Azure Firewalls and Firewall Policies, Azure WAF … Continue reading How to Get the Network Security Dashboard for Security Center

How to Control Deployment of Defender for Endpoint to your Linux machines

Azure Security Center now supports (in preview) the automatic deployment of Defender for Endpoint to your Linux machines. To enable this... [1] In Azure Security Center go to Pricing & Settings for the Security Center enabled subscription and then Integrations. [2] Click the Enable for Linux Machines (Preview) button and click Save. [3] Finally, verify … Continue reading How to Control Deployment of Defender for Endpoint to your Linux machines

Security Center Compliance Over Time Report Now in Public Preview

The Microsoft Security Center team has now released an integrated report that gives customers the ability to track compliance status over time. This is a valuable report to enable managers and workers to view continuing progress toward a compliant environment. The Compliance Over Time workbook requires continuous export to export data to a Log Analytics … Continue reading Security Center Compliance Over Time Report Now in Public Preview

How to Obtain a Completion Certificate for Azure Security Center Ninja Training

Many of the Microsoft Ninja trainings have completion certificates available after a brief knowledge measure and a passing score. As of August 11th, this also goes for the Ninja training for Azure Security Center/Azure Defender. The knowledge measure for ASC consists of 30 questions. I've taken it myself and am pretty happy to say I … Continue reading How to Obtain a Completion Certificate for Azure Security Center Ninja Training

Regulatory Compliance in Azure Security Center Workflow Automation Reaches GA

As you know, in Azure Security Center, Workflow Automation can be used to trigger Logic Apps when security center data changes. In February of this year, the ability to enable these triggers based on Regulatory Compliance changes entered preview. Today, this capability is now complete and released to GA. As shown below, you can now … Continue reading Regulatory Compliance in Azure Security Center Workflow Automation Reaches GA

How to Find How Long an Azure Security Center Recommendation Has Been Open

Azure Security Center provides awesome capability to deliver recommendations on how to better secure the existing environment and also how to deploy new workloads securely. This evaluation is continuous and it should be part of a daily or weekly regimen to review the recommendation list and take action where necessary. But, what if you want … Continue reading How to Find How Long an Azure Security Center Recommendation Has Been Open

July 14: Thomas Maurer on Azure Arc for the Microsoft Security Insights Podcast and Twitch Stream

A couple weeks back during the Microsoft Security Insights Podcast, the topic of Azure Arc came up in reference to the new AMA client that uses DCRs to help filter the Windows events collected from on-prem servers and sent to the Log Analytics workspace for Azure Sentinel. At the time, I suggested Thomas Maurer would … Continue reading July 14: Thomas Maurer on Azure Arc for the Microsoft Security Insights Podcast and Twitch Stream

Microsoft Security Insights Podcast Replay: Yong Rhee and Microsoft Defender for Endpoint

Did you miss the live edition of the Microsoft Security Insights podcast on Wednesday evening? Never fear, the replay is here: https://www.twitch.tv/videos/1065493942 There was some fantastic Microsoft Defender for Endpoint knowledge administered by our guest PM, Yong Rhee. If you're an MDE fan, you'll want to catch this one. The biggest takeaway for me was … Continue reading Microsoft Security Insights Podcast Replay: Yong Rhee and Microsoft Defender for Endpoint