Azure Event Grid can now publish events to AAD protected endpoints
Large organizations have thousands of certificates in key vaults distributed across thousands of applications and subscriptions.
The Azure Key Vault Virtual Machine extension makes it easier for apps running on virtual machines to use certificates from a key vault, by abstracting the common tasks as well as best practices.
Azure Disk Encryption enables you to encrypt your Azure Virtual Machine disks with your keys safeguarded in Azure Key Vault.
Customer Lockbox provides customers the capability to control Azure support engineers' access to workloads that contain customer data This expanded support now provides customers control over access to their data for a larger set of Azure offerings.
With the Microsoft Security Code Analysis extension, you can infuse security analysis tools including Credential Scanner, BinSkim, and others into your Azure DevOps continuous integration and delivery (CI/CD) pipelines.
Azure Key Vault is an essential service for protecting data and improving performance of cloud applications by offering the ability to centrally manage keys, secrets, cryptographic keys and policies in the cloud.
You can now view detected malware across storage accounts using Azure Security Center.
使用客戶管理的金鑰進行 Azure SQL Database 受控執行個體的透明資料加密 (TDE) 現已正式推出。
目標可用性： Q4 2019
Azure HDInsight 和 Azure 防火牆的整合，用於限制從叢集到未經授權目的地的輸出流量，現已正式推出。
Azure Private Link 提供對 Azure 服務的私人連線，現已在所有區域可用。
Azure 防火牆管理員預覽是一種安全性管理服務，能為雲端式安全性週邊提供集中的安全性原則及路由管理。適用於 Azure 虛擬 WAN 中樞，這是一項由 Microsoft 管理的資源，可讓您輕鬆建立中樞和輪輻架構。當安全性和路由原則與這類中樞相關聯時，我們即稱之為安全虛擬中樞。
Windows Admin Center is a management portal for Windows Servers who are not deployed in Azure offering them several Azure management capabilities such as backup and system updates. We have recently added an ability to onboard these non-Azure servers to be protected by ASC directly from the Windows Admin Center experience.
Today we are introducing a new capability in Security Center that allows customers to create automation configurations leveraging Azure Logic Apps and to create policies that will automatically trigger them based on specific ASC findings such as Recommendations or Alerts.
With the many tasks that a user is given as part of Secure Score, the ability to effectively remediate issues across a large fleet can become challenging. In order to simplify remediation of security misconfigurations and to be able to quickly remediate recommendations on a bulk of resources and improve your secure score you can use Quick Fix.
The Regulatory Compliance dashboard provides insights into your compliance posture based on Security Center assessments. The dashboard shows how your environment complies with controls and requirements designated by specific regulatory standards and industry benchmarks and provides prescriptive recommendations for how to address these requirements.
Azure Security Center can now scan container images in Azure Container Registry for vulnerabilities. The image scanning works by parsing the container image file, then checking to see whether there are any known vulnerabilities (powered by Qualys).
Security Center is expanding its support in the container space to one of the fastest growing services in Azure - Azure Kubernetes Service.
Applications that are installed in virtual machines could often have vulnerabilities that could lead to a breach of the virtual machine. We are announcing that the Security Center Standard tier includes built-in vulnerability assessment for virtual machines for no additional fee.
To support Security Center’s fast growth in the marketplace and meet our customers’ demands around threat protection, cloud security posture and enterprise scale deployment and automation, our team delivered on many new capabilities, as well as worked with some new partners that are part of the Microsoft Intelligent Security Association.