as your security center, is a monitoring service that provides threat protection not only for your azure workloads but also for your on premises ones.
Let's see what you can do with it
as your security center is a central place where you can examine the security posture of your cloud, workloads and solutions.
It can continuously monitor all your resources and perform automatic security assessments to identify vulnerabilities and provide recommendations.
It uses intelligent machine learning to detect and block malware from being installed in your virtual machines.
You can configure a list of allowed programs and applications that the system should not deviate from.
It can identify potential inbound attacks against your network and help you investigate threats to do a forensic analysis on post breach activities.
It enables you to do just in time access for ports and users and help you reduce your attack surface.
It monitors security settings across on premises and cloud workloads to help you manage your complete application. Infrastructure
as a security center comes in two tiers
free, limited to assessments and recommendations and a standard tier that includes continuous monitoring, threat detection just in time access and more.
The free tier is included with your azure subscription, while the standard one varies per region and services included
as your security center can help you in two main scenarios.
The first one is to enhance your security in the cloud
With the help of security center recommendations, you can leverage the building or create your own security policies that, as your security center can evaluate and then give you recommendations if those aren't followed for certain resources or applications.
Once you evaluate those recommendations, you can decide what corrective actions you need to take.
You can also use azure security center during stages of your incident response plan
as your security center is helpful during the detect, assess and diagnose stages, allowing you to discover the first indication of an event. Perform initial assessment and gather information about the suspicious activity and then perform a technical investigation to determine containment and potential mitigation actions.
Now you know how you can review your security posture in Azure.
Let's see how you can manage access