azure operation management suite - security and compliance
TRANSCRIPT
![Page 1: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/1.jpg)
OMS Security
Asaf NakashCTO & P-TSP AzureMicrosoft [email protected]
Any cloud
Any platform
Cybersecurity Meetup
![Page 2: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/2.jpg)
Security challenges
Threats are on the rise
Environments are more complex
Security talent is scarce
![Page 3: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/3.jpg)
Why Security within IT Operations?Issue: ‘IT Operations is responsible for managing datacenter infrastructure, applications, and data, including the stability and security of these systems. However, gaining security insights across increasing complex IT environments often requires organizations to cobble together data from multiple security and management systems - I need a solution that provides me with actionable security insights for all my datacenter resources.’
With OMS, • You can enable both IT ops and security professionals to effectively
monitor your entire environment for security vulnerabilities and active threats – all within the context of operations management.
![Page 4: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/4.jpg)
Holistic Security
IntelligentDetection
Rapid Investigation
Detect Security Risks and Threats Across Your
Environment
![Page 5: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/5.jpg)
bHolistic Security
IntelligentDetection
Rapid Investigation
![Page 6: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/6.jpg)
Holistic Security Posture
Issue: ‘Understanding the security posture of my hybrid-cloud environments is time- consuming, especially as these environments are changing rapidly.’
With OMS, • Quickly and easily understand the overall security posture of any
environment, all within the context of IT Operations, including: software update assessment, antimalware assessment, and configuration baselines. Furthermore, security log data is readily accessible to streamline security and compliance audit processes.
![Page 7: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/7.jpg)
AuditOngoing AssessmentCross-Platform
• Actionable security insights – network, identity, servers, …
• Prioritized notable issues
• Central collection of all security data
• Export to Excel and PowerBI or via API for reporting
• Data retention
• Windows and Linux• On premises, Azure, AWS• Microsoft and 3rd party
security solutions
Holistic Security Posture
![Page 8: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/8.jpg)
Antimalware and Update Assessments• Missing updates
• Antimalware Assessments• Malware reports
![Page 9: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/9.jpg)
Identity and Access• Failed Logons• Password changes• Current activity
![Page 10: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/10.jpg)
Baseline Assessment
• Over 180 recommended security configurations
• Correlation with Microsoft best- practices
![Page 11: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/11.jpg)
Notable Issues• Included common issues• Customizable• Severity and priority
![Page 12: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/12.jpg)
Security Audit• Easily accessible security event
logs• Searchable, actionable• Exportable via API
![Page 13: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/13.jpg)
bHolistic Security
IntelligentDetection
Rapid Investigation
![Page 14: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/14.jpg)
Threat Detection
Issue: ‘Cyber attacks are increasingly common and complex. Timely detection of attacks and breaches is critical to defending your environment’
With OMS, • You can leverage the power of Microsoft’s continuously updated
security intelligence to detect threats sooner and more accurately – across your entire environment.
![Page 15: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/15.jpg)
Continuous Innovation
Security AnalyticsThreat Intelligence
• Rule-based detections• Server and network
behavioral analytics• Anomaly detections
• Ongoing threat monitoring• Validation and tuning• Automatic updates to detection
algorithms
• Intelligent security graph• Global threat database• Specialized security teams
Intelligent Detection
![Page 16: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/16.jpg)
Threat Intelligence• Microsoft security intelligence and
leading intelligence vendors• Detects communication to known
malicious IP addresses
![Page 17: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/17.jpg)
Security Analytics• Behavioral analytics• Event correlation• Continuously updated
![Page 18: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/18.jpg)
bHolistic Security
IntelligentDetection
Rapid Investigation
![Page 19: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/19.jpg)
Threat Investigation
Issue: ‘Determining the nature and source of a security threat or breach is critical to mitigating damage to the business, but is very difficult without leveraging intelligence from security experts or the tools to cross reference data across security domains, and time is critical’
With OMS, • You can leverage the power of Microsoft’s security intelligence, as
well as the tools to search across your environment, to accelerate a comprehensive investigation.
![Page 20: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/20.jpg)
AutomationThreat IntelligenceSearch
• Geo tagging and interactive maps
• Threat intelligence reports
• OMS automation capabilities• Easy search of all security and operational data
Rapid Investigation
![Page 21: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/21.jpg)
Search• Rapid search across all
operations and security data
![Page 22: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/22.jpg)
Threat Intelligence• Interactive map• Built-in reports with insight into
attacker’s know techniques and objectives
![Page 23: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/23.jpg)
• Repeatable plans• Order sequencing• Customizable checkpoints
• Multi-platform support• Community gallery• Partner ecosystem
• Ready-made runbooks • Anywhere triggers• Native webhooks
Integratedsolutions
Orchestrated recovery
OMS Automation
Automated remediation
![Page 24: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/24.jpg)
Microsoft Security AssetsDATA CLOUD &
DATACENTERAPPLICATIONS ENDPOINTS IDENTITY DATA ENDPOINTS
(Devices)IDENTITY CLOUD &
DATACENTERAPPLICATIONS(SaaS)
Rights Management ServicesInformation Protection
Device GuardCredential GuardIntune Windows HelloWindows Defender & ATP
Azure AD Identity Protection Advanced Threat Analytics
OMS SecurityAzure Security Center
Cloud App SecurityAdvanced Threat Protection
![Page 25: Azure Operation Management Suite - security and compliance](https://reader035.vdocuments.site/reader035/viewer/2022062522/58e744461a28abd63a8b4c9f/html5/thumbnails/25.jpg)
© 2016 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.