Intro

Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers, and provides advanced threat protection across your hybrid workloads in the cloud - whether they're in Azure or not - as well as on premises.

Documentation

Tips and Tidbits

You can view the security state of your resources and any issues per resource type:

To monitor the health of your computer resources and your apps and receive recommendations for improving their security.
To monitor your network resources, such as virtual machines, network security groups and endpoints, and receive recommendations for improving their security.
To monitor your data and storage resources, such as SQL servers and storage accounts, and receive recommendations for improving their security.
To monitor your identity and access resources, including MFA and account permissions, and receive recommendations for improving their security.
To monitor just-in-time access to your resources.
In the Azure Security Center regulatory compliance blade, you can get an overview of key portions of your compliance posture with respect to a set of supported standards.
- Currently supported standards are Azure CIS, PCI DSS 3.2, ISO 27001, and SOC TSP

Security Center protects non-Azure servers and virtual machines in the cloud or on premises, for both Windows and Linux servers, by installing the Log Analytics agent on them.
Azure virtual machines are auto-provisioned in Security Center.

Security Center helps you respond to threats faster, and in an automated way, through playbooks.
- Playbooks are automated procedures that you run against alerts.
- You configure a playbook in the Playbooks pane of the Azure Security Center menu.
- You create a playbook by configuring a logic app.
  - Use the designer to search for Security Center connectors and triggers for your playbook