Microsoft Beefs Up Azure Security Center
The cloud security platform gains new threat-detection capabilities, Power BI analytics and new, more advanced firewall options.Azure Security Center, Microsoft's cloud security platform for Azure customer deployments, can now sniff out more threats, according to Sarah Fender, principal program manager of Microsoft Azure Cybersecurity. The company has updated its threat-detection algorithms to single out virtual machines that may be running undesirable code. "After years of examining crash dumps that customers sent to Microsoft from more than 1 billion PCs worldwide, we are able to analyze these events to detect when a crash is the result of a failed exploitation attempt or brittle malware," said Fender in a Feb. 25 announcement. "Azure Security Center automatically collects crash events from Azure virtual machines, analyzes the data, and alerts you when a VM is likely compromised." Azure Security Center will issue new alerts when it scours local security events logs and detects suspicious processes on virtual machines. It also alerts administrators to hacking attempts. "SSH [Secure Shell] brute-force attacks are now being detected for Linux virtual machines," stated Fender. "Much like the existing RDP [Remote Desktop Protocol] brute-force detections for Windows VMs, Azure Security Center is using Machine Learning to understand typical network traffic patterns and more effectively distinguish between legitimate remote connection attempts and those being executed by attackers."
Microsoft also expanded the service's management and monitoring capabilities, starting with a new policy-configuration option.