With the release of Azure Sentinel, Microsoft has shifted some features from Azure Security Center to their new threat hunting solution. But how do all the security tools Microsoft offers nowadays integrate with each other? How can you find a way through this security jungle? And how do you make sure to have the right tools in place when it comes to protecting your IT environments and hunting threats?
Join cloud security expert and Microsoft MVP Tom Janetscheck for this demo-rich session to get all these questions answered and to learn how to protect your resources easily and efficiently.
3. Innovative technology consulting for business.
Threat hunting with the
Microsoft Cloud
Making data-informed decisions with
Microsoft Azure
Tom Janetscheck, Principal Cloud Security Architect &
Microsoft MVP
4. about me.
Tom Janetscheck
Principal Cloud Security Architect @ Devoteam Alegri
Focused on Azure Identity, Security, Governance, and Infrastructure
International user group and conference speaker
Community lead of Azure Meetup Saarbrücken
Co-organizer of Azure Saturday
Tech blogger and book author
@azureandbeyond
https://blog.azureandbeyond.com
5. ● Cloud security challenges
Why is cloud security so difficult and identity security so
important?
● Azure Security Center
Improve your hybrid cloud security posture
● Microsoft Intelligent Security
Graph
Unique insights, informed by trillions of signals
● Azure Sentinel
SIEM/SOAR solution from the cloud
● Demo
agenda.
6. Federal criminal agency – 2018 cybercrime situation report
87.000 cases of cybercrime in
2018
60.000.000 € amount of
damage with an immense dark
figure
Estimated amount of damage
according to Bitcom: 100.000.000.000
(!) € per yearSource: BKA - 2018 Cybercrime situation report
7. Governance – a definition
Establishment of policies, and
continuous monitoring of their
proper implementation, by the
members of the governing body of
an organization[…]1
1Source: BusinessDictionary
8. Cyber Threat Hunting – a definition
The process of proactively and
iteratively searching through
networks to detect and isolate
advanced threats that evade
existing security solutions[…]1
1Source: TechRepublic
9. Today‘s cloud security challenges
Increasingly
sophisticated attacks
It’s both, a strength and a challenge
of the cloud. How do you make sure
that ever-changing services are up to
your security standards?
Attack automation and evasion
techniques are evolving along
multiple dimensions
We need human expertise,
adaptability, and creativity to combat
human threat actors.
11. Microsoft Azure Security Center
Security Center assesses your
environment and enables you to
understand the status of your
resources, and whether they are
secure.
Enable actionable, adaptive
protections that identify and mitigate
risk to reduce exposure to attacks
Use advanced analytics and Microsoft
Intelligent Security Graph to rapidly
detect and respond to evolving cyber
threats
12. Strengthen your security posture
Identify shadow IT
subscriptions
Optimize and
improve resource
security
Continous
assessments
14. Microsoft Azure Security Center
Security Center assesses your
environment and enables you to
understand the status of your
resources, and whether they are
secure.
Enable actionable, adaptive
protections that identify and mitigate
risk to reduce exposure to attacks
Use advanced analytics and Microsoft
Intelligent Security Graph to rapidly
detect and respond to evolving cyber
threats
15. Adaptive threat prevention
Advanced Threat Protection
Native integration with
Microsoft Defender ATP for
Windows machines
Advanced Thread Detection
for Linux machines
16. Microsoft Azure Security Center
Security Center assesses your
environment and enables you to
understand the status of your
resources, and whether they are
secure.
Enable actionable, adaptive
protections that identify and mitigate
risk to reduce exposure to attacks
Use advanced analytics and Microsoft
Intelligent Security Graph to rapidly
detect and respond to evolving cyber
threats
24. Witness on-stage live attacks against
identities and servers and learn how
Azure Security Center and Azure
Sentinel help you to keep track on
current threats.
demo.