Describe security management capabilities of Azure Flashcards
What does CSPM do?
Cloud security posture management (CSPM) identifies is a combination of tools and services that remediate risks through security assessments and automated compliance monitoring.
What is Azure Security Center?
A unified infrastructure security management system that strengths the security posture of your data and provide advanced threat protection across your hybrid workloads in the cloud.
What are the key features of Azure Security Center?
Continous assessment and prioritized list of recommendations
Detect and prevent on IaaS, non-Azure servers and PaaS.
Provides a Network Map - topology view of your workloads to easily see if each node is configured.
Integration with other Microsoft Security Solutions
What is Azure secure score?
An aggregation of your security posture measured by Azure Security Center. The Security score is continuously updated.
What is Microsoft Defender for Cloud?
Microsoft Defender for Cloud is a tool for security posture management and threat protection. It strengthens the security posture of your cloud resources, and with its integrated Microsoft Defender plans, Defender for Cloud protects workloads running in Azure, hybrid, and other cloud platforms.
Microsoft Defender for Cloud fills three vital needs as you manage the security of your resources and workloads in the cloud and on-premises:
Continuously assess - Know your security posture, identify and track vulnerabilities.
Secure - Harden all connected resources and services.
Defend - Detect and resolve threats to resources, workloads, and services.
What aret the two modes for Microsoft Defender for Cloud?
Microsoft Defender for Cloud is offered in two modes:
1) Microsoft Defender for Cloud (Free) - Microsoft Defender for Cloud is enabled for free on all your Azure subscriptions. Using this free mode provides the secure score and its related features: security policy, continuous security assessment, and actionable security recommendations to help you protect your Azure resources.
2) Microsoft Defender for Cloud with enhanced security features - Enabling enhanced security extends the capabilities of the free mode to workloads running in Azure, hybrid, and other cloud platforms, providing unified security management and threat protection across your workloads. Cloud workload protections are delivered through integrated Microsoft Defender plans, specific to the types of resources in your subscriptions and provide enhanced security features for your workloads.