Azure Security Center

Gain unmatched hybrid security management and threat protection

Not yet subscribed to Azure? Start for free

Turn on protection you need

Microsoft uses a wide variety of physical, infrastructure and operational controls to help secure Azure – but there are additional actions you need to take to help safeguard your workloads. Turn on Security Center to quickly strengthen your security posture and protect against threats.

Watch on-demand: Azure security expert series premiere + expert-led sessions on Microsoft security services

Security posture management for your cloud workloads

Quickly assess your security posture with Secure Score. This feature provides recommendations with numeric values to help you prioritise your responses.

Ensure you’re following best practices and fix common mis-configurations for Azure infrastructure as a service (IaaS) and platform as a service (PaaS) resources that may include:

  • Failure to deploy system updates on virtual machines (VMs).
  • Unnecessary exposure to the Internet through public-facing endpoints.
  • Unencrypted data in transit or storage.

When you address these, easily deploy Microsoft and partner solutions directly from the Azure portal.

Customise your security policy to focus on what you need to – for example, check for web application firewalls or storage encryption – and apply your policy to multiple Azure subscriptions. Gain visibility across your environment to verify compliance with regulatory requirements, such as CIS, PCI DSS, SOC and ISO.

Get enhanced threat protection with Security Center Standard tier

Security Center gives you in-depth defence with its ability to both detect and help protect against threats. Using machine learning to process trillions of signals across Microsoft services and systems, Security Center alerts you of threats to your environments such as remote desktop protocol (RDP) brute-force attacks and SQL injections. And it provides actionable recommendations for mitigating these threats.

Standard Tier also provides features to help you reduce your attack surface area. Our more than 3,500 security experts use Standard tier and recommend that you do too.

Security Center helps safeguard Windows servers and clients with Windows Defender Advanced Threat Protection and helps protect Linux servers with behavioural analytics. For every attack attempted or carried out, you receive a detailed report and recommendations for remediation.

Safeguard servers running in Azure and other clouds with advanced controls. Just-in-Time VM Access reduces your surface area exposed to RDP/SSH brute-force attack – one of the most common threats with more than 100,000 attack attempts on Azure VMs per month. Turn on Standard tier to mitigate this threat.

As you add applications to VMs in Azure, block malicious apps, including those not mitigated by anti-malware solutions, by using adaptive application controls. Machine learning automatically applies new application white-listing policies across your VMs.

Address vulnerabilities in web applications, such as exposed web pages and plug-ins, that are frequently targeted by attackers. Standard tier helps you protect your applications running on Azure App Service by flagging behaviour that could pass through web application firewall instruments. It also helps you protect other cloud services, such as VM scale sets and containers.

Breakthroughs in big data and machine learning make it possible for Security Center to detect anomalous database access and query patterns, SQL injection attacks, and other threats targeting your SQL databases in Azure. Receive alerts on suspicious activity and recommended actions for investigating and mitigating these threats. Discover, classify, label and protect sensitive data in your databases. Stop threats on your Azure Storage including access from an unusual location, unusual anonymous access, unusual data extraction or an unexpected delete.

Try Standard tier free for 30 days

Get a unified view of security across all of your on-premises and cloud workloads, including your Azure IoT solution. Automatically discover and onboard new devices and apply security policies across your workloads (Leaf devices, Edge devices, IOT Hub) to ensure compliance with security standards. Continuously monitor the security of IoT devices, machines, networks and Azure services, including your Azure IoT solution from edge devices to applications, using hundreds of built-in security assessments or create your own in a central dashboard. Optimise your security settings and improve your security score with actionable recommendations across virtual machines, networks, apps and data. With newly added IoT capabilities, you can now reduce attack surface for your Azure IoT solution and remediate issues before they can be exploited. Monitor your IoT solution for incoming attacks and post-breach activity.

Learn more about IoT security

Quickly set up and extend security beyond Azure

  • Extend security posture management and threat protection to on-premises VMs.
  • Easily provision an agent to server workloads running on-premises.
  • Assess your security through a unified view across your hybrid cloud workloads.
  • Connect to existing tools and processes, such as security information and event management (SIEM), or integrate partner security solutions.
  • Reduce investments and reallocate resources by using built-in first-party or third-party security controls.

How Security Center works

When you activate Security Center, a monitoring agent is automatically deployed into Azure virtual machines. For on-premises VMs, you manually deploy the agent. Security Center begins assessing the security state of all your VMs, networks, applications and data.

Our analytics engines analyse the data, and machine learning synthesises it. Security Center provides recommendations and threat alerts for protecting your workloads. You’ll know straight away if there’s been an attack or anomalous activity.

Aggregate your security information in an Azure Monitor workspace for big data querying capabilities. Alternatively, you can query your data through REST APIs, PowerShell cmdlets or integration with an existing SIEM, such as Azure Sentinel.

See how companies are protecting workloads with Security Center

What’s new in Security Center

Take advantage of our partner ecosystem

Get started in the Azure portal

Not subscribed yet? Start free now