Leveraging Azure Security Center and OMS Security for Incident Response
Hey Azure Security Community! Yuri Diogenes (CSI Enterprise Mobility and Azure Security team) here sharing with you some info we know you want to know about.
This week I had a great time recording an interview with Lex Thomas from Taste of Premier about how to leverage Azure Security Center and OMS Security for Incident Response. The Incident Response lifecycle that I used as example was extracted from our paper Microsoft Azure Security Response in the Cloud, which is also mentioned in the Incident Response section of our Azure Security Center Planning and Operations Guide.
In this interview I demonstrate how to use Azure Security Center Security Alerts to assist you in the following stages of the incident response:
- Stage 1 – Detect
- Stage 2 – Assess
- Stage 3 – Diagnose
I also explain how OMS Security and Audit Solution can be used in a hybrid environment where you need to perform further investigation regarding a potential attack, including the use of the Threat Intelligence capability. Watch the entire episode here or below:
Here are some useful links for you to learn more about OMS Security and Audit Solution, Azure Security Center and Azure Security in general:
- Visit Operations Management Suite page, and in the left navigation pane, click Security and Compliance for more information about OMS Security and Audit Solution.
- Visit Azure Security Center documentation page for more information about this cloud service.
- Visit Azure Security Information Site for more information about Azure Security capabilities in general.
- Pre-order our upcoming Azure Security Infrastructure book from Microsoft Press