Time
8 hours 33 minutes
Difficulty
Intermediate
CEU/CPE
9

Video Transcription

00:00
Hello, Siberians. Welcome to this lesson on as your security center. This lesson is part of the seven spot do off. The Is that 500 Microsoft Azure security technologist costs.
00:12
Quick information on watch will be covering in this lesson.
00:15
We'll start with a conversation on the cloud. Security challenges would end this cause our hard Your security center can help us to miss this challenges with cloud security posture, management,
00:26
cloud complaints, pusher management and trade protection
00:30
and finally would discuss security center service years. Let's get into this.
00:36
When we talk about cloud security challenges, it's important to know where the traitor, the number one costs off breaches and the public cloud is Miss con figuration off cloud services on This is where, as your customers have configured controls in an insecure way,
00:54
the Miss configuration is then exploited by after cast to cost a bridge.
00:59
This challenge is compounded by the fact that workloads in the cloud a dynamic and they're constantly changing.
01:06
On this characteristic off the cloud can be both restraint and also a challenge.
01:11
So, for example, and users, I am power watch to do more with the cloud behind the other hand, it's challenging to ensure that the ever changing services and workloads are configured up to security and compliance standards. Attackers are also not relent in India, effort
01:29
attacks are increasingly getting more sophisticated,
01:32
and they could be from anywhere.
01:34
They could be hinting now trades or they could be excellent tracked. The order challenge is the security skews are also in short supply. I mean, just by looking at the logs that we covered in the previous lesson off this muddy. There's a world of security inside that could be obtained from activity logs on resource logs.
01:53
But there's just not enough people house there that have expertise
01:57
to know what to look for toe. Identify every trust in House Day.
02:01
And also, if they have the expertise, they did not have enough time to go to such volume off. Lux. How the Shelling Is Address by Security Center on there. Three men functionality State uses. To address these,
02:15
you have cloud security. Push a management
02:19
cloud compliance poster management, Andi trade protection.
02:23
So let's go have a look at this tree. Men functionalities.
02:27
Let's talk about cloud security posture management. This is where security center uses as your policy to monitor the con figuration off our services in Azur, it's done flags. If an insecure configuration is detected on the way this works, is that when we enable security Center
02:46
a Butte Insecurity for Cost Policy Initiative
02:50
is automatically assigned toe all security center registers subscriptions but talked about policy initiatives in the previous model, this policy initiative would don't continually discover new services that were deploying in harsher on assess if they're configured according to security best practices,
03:09
if they're not configured according Security best practices,
03:14
you're great to reflect on. We can get a privatised list of recommendations for what we needs to do to fix the security posture off the services on the men. Benefit of this functionality is to improve a security hygiene as a whole before also
03:30
to reduce the attacks a face off our azure environments.
03:35
The next functionality is the cloud compliance pushed. A management
03:39
on dysfunctionality extends to posture management capability of security center to regulatory compliance frameworks. So when we register I subscription in Security Center, it automatically assigns policy initiatives that are lies with the following regulatory standards. The C I has bench Mac
04:00
PC, I DSS,
04:01
I still 27,000 and one and sock TSP.
04:04
It would then flag services that are configured in a way that is not compliant with the requirements off this frameworks.
04:13
We can also download complaints with parts in a PDF format. The men benefit off. This functionality is to streamline the process for meeting regulatory compliance requirements. One quick thing to mention about those two previous functionalities light organizations that have multiple subscriptions
04:32
on my using management groups to structure their subscription. Iraqi could leverage this capability to configure security center policies at a central level.
04:42
So if you look at the diagram on the screen,
04:45
security Center policies have been assigned at the management group level instead off using individual subscriptions. And we can do this from the agile Pato. After we've done, these would needs to go toe as your policy on removed the Default Policy Initiative assignment from the subscription level,
05:02
let's look at the Todman functionality, which is straight protection.
05:06
The trade protection capability off security center allows us to address treads. Would doubt requiring us to be a security expert on their security capability covers tree areas. We have tried protection for azure computer sources
05:23
on discovers windows on dinner. Six
05:26
on discovers windows on Denard systems anywhere not just in Hajer.
05:30
It also Converse platform compute services like the azure half service on as your containers. Then we have trade protection for azure data resources on discovers platform stoppage on databases in Asia. So we're talking about sequel database, Sicko Data Warehouse on Just Started and Cosmos TV.
05:50
And finally, we have tread protection for azure service Layers
05:55
on discovers the actual natural cleared the management layer on even as a key vote. So the general way that trade protection works is that event from all these different sources are collected into a Log Analytics workspace Security center, then uses different methods
06:13
like information from security intelligence defeats,
06:15
machine learning algorithms, reputation assessment toe. Identify undertaxed threats on the streets have raised a security a lot. Insecurity center.
06:27
Let's review other features off security center.
06:30
We have the network map feature, which enables us to see the topology off our workloads so that we can see if it's note is properly configured,
06:39
and in some cases this can help us to easily identify network mis configuration where we're allowing traffic that we should not be allowing we have just in time VM access and VM vulnerability assessment that we talked about in the post security model.
06:56
We also have the content of registry vulnerability assessments that we talked about
07:00
in the continent physician model
07:01
there to service tears off security center. We have the free tier, and we have the stand that
07:08
the free tier foster ball is only for azure resources. It can only assess as your services and has limited functionalities. As we'll see in a minute. The tear off security center that we've enabled determines the functionalities that we can use. The continuous security assessment capability is supported by boat to tears.
07:28
Remember that the Frito hasn't limitation for actual resources. Only
07:30
The continuous complaints assessment is supported only by the service. Tear trade protection for both infrastructure and platform services is only supported by the stand that's here just in time. VM access is under supported by the standards here, and finally,
07:46
adaptive application controls on network Adnan functionality is only supported by the standards here.
07:54
Here are some supplementary links for further studies off the topics that we covered in this lesson,
08:00
and here's a summary off what we covered in this lesson who started out with the conversation on the cloud security challenges we don't talked about Our address. Security Center can help us To address those using cloud security posture, management cloud complaints pushed her management and threat protection and finally would discuss security center service years.
08:20
Thanks very much for watching,
08:20
and I'll see you in the next lesson.

Up Next

AZ-500: Microsoft Azure Security Technologies

In the AZ-500 Microsoft Azure Security Technologies training, students will learn the skills that are needed to pass the AZ-500 certification exam. All exam topics are covered as well as exam preparation strategies and hands-on practice.

Instructed By

Instructor Profile Image
David Okeyode
Cloud Security Architect
Instructor