Professional Documents
Culture Documents
Microsoft Confidential
http://www.microsoft.com/en-us/legal/intellectualproperty/Permissions/default.aspx
Agenda
• Asset Inventory
• Security Hygiene
• Agent Health
• Azure Defender Health
• Strengthen Your Security Posture
• Security Center for IoT Architecture
• Azure Resource Graph
• Asset Inventory FAQ
• Security Solutions
Azure Security Center
Leveraging
Cloud Security Posture Management Cloud Workload Protection Platform Azure Arc
Unhealthy Resources –
Identifies resources that have
active security recommendations
Unmonitored Resources –
These are resources with agent
monitoring issues. The resource
has the Log Analytics agent
deployed, but the agent isn't
sending data or has other health
issues
Asset Inventory
Asset inventory experience Filter on your subscriptions Write queries using resource graph explorer
Automate with
Onboard servers Assign tagsDownload reports Logic Apps
The Inventory page provides
you action options to help you
perform many tasks on your
monitored resources.
• Description
• Impact
• General information Information on the
CVEs
• Threat
• Remediation
• Additional References
• Affected resources Here are additional machines that are also
missing this security update
Security Hygiene
Update Management Solution available in Log Analytics
• For good security hygiene, ensure your computers have the latest updates
installed
• You can automate Windows and Linux updates with Azure Automation
Update
Management
Asset Inventory
Search for Security Vulnerabilities High-level summary of
recommendations
• You can also select a machine to more
details of the virtual machine's health
and recommendations
• If your agents are not reporting or if the agent is not installed data is not collected from the machine
• Security-related configurations
• Event logs from the machine
• Operating system information
• Running processes, machine name, IP addresses, and logged in user
• Visibility into missing updates
• Misconfigured OS security settings
• Endpoint protection status
• Health and threat protection
Agent Health
What is the health of your agents Using the Agent monitoring filter
option will help you identify
machines with agent issues
Agent Health
How to fix your agent health using Quick Fix
Azure Security Center for IoT simplifies hybrid workload protection by delivering unified visibility and control,
adaptive threat prevention, and intelligent threat detection and response across workloads running on edge, on-
premises, in Azure, and in other clouds.
Strengthen Your Security Posture
Use Azure Security Center to enhance your Security Hygiene Review the
Recommendations
summary
• Asset inventory utilizes Azure Resource Graph (ARG), an Azure service that provides the ability to query Security
Center's security posture data across multiple subscriptions
Question: If I have access to monitor 10 subscriptions why do I only see 6 subscriptions when I filter on Resource
types that equals subscription?
Filter on subscriptions
Answer: The filters don't return every resource in your environment, only the ones with outstanding (or 'active')
recommendations will be shown. You can always use the search option to find a resource.