#Microsoft Azure Sentinel (Preview) Overview #Azure #Sentinel #Security #Analytics #SIEM

 

Microsoft Azure Sentinel

Microsoft Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.

• Collect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds.
• Detect previously undetected threats, and minimize false positives using Microsoft’s analytics and unparalleled threat intelligence.
• Investigate threats with artificial intelligence, and hunt for suspicious activities at scale, tapping into years of cyber security work at Microsoft.
• Respond to incidents rapidly with built-in orchestration and automation of common tasks.

In the following step-by-step guide you get a global overview of Azure Sentinel :

Search for Azure Sentinel in the Azure Portal.

Click on Create

Connect or add your Workspace.

Click on Add Azure Sentinel

Azure Sentinel is added to your workspace.

Azure Sentinel Overview

Security Analytics

Learn here more with Microsoft Azure Monitor analytics queries

Here you can play with Azure Log Analytics 😉

Here you can collect all your Security Cases

Azure Sentinel Build-In Dashboard Solutions

Azure AD Audit Logs

 

Linux Machines Security

When you have your Azure Sentinel Solutions in place with alerting rules and telemetry and analytics is coming to your workspace, Hunting is the next Threat management tool :

Azure sentinel Hunting

Working with Tags and Collaborate with Teammates

Launch Investigations and Bookmark

Working with Azure Notebooks for Azure Sentinel

Welcome to the Azure Sentinel repository! This repository contains out of the box detections, exploration queries, hunting queries, dashboards and playbooks to help you get ramped up with Azure Sentinel and provide you security content to secure your environment and hunt for threats. You can also submit any issues or feature requests as you onboard to Azure Sentinel. For questions and feedback, please contact AzureSentinel@microsoft.com

Azure Sentinel Notebooks on GitHub

 

Get started from here to Configure your Azure Sentinel Environment

Choose your Data Collections for Azure Sentinel Security

Lot of Choice already Build-in for you.

From here you can make your own Azure Sentinel Analytics Alert Rules.

Alert Rules

Create Alert rules with the right mappings, triggers, and scheduling, response automation.

Add your own playbooks for your Security

Unlock the power of AI for security with Machine Learning

Machine Learning in Azure Sentinel is built-in right from the beginning. We have thoughtfully designed the system with ML innovations aimed to make security analysts, security data scientists and engineers productive. One such innovation is Azure Sentinel Fusion built especially to reduce alert fatigue.

Building your Full Screen Dashboard for Monitoring

More information about Azure Sentinel Intelligent Security :

Start here free with Azure Sentinel Preview

Microsoft azure Sentinel Docs

Microsoft Azure Sentinel on GitHub

Join Microsoft Azure Monitor & Security for Hybrid IT Community

 

Categories: Azure, Azure AI, Azure Monitor, Azure Security, AzureDevOps, Containers, IoT, Microsoft Azure, SQL, Uncategorized, Windows Server 2016, Windows Server 2019, WindowsAzure | Tags: AI, Analytics, ASC, AzOps, Azure, Cloud, HybridCloud, Linux, Microsoft, MVPBUZZ, SecOps, Security, Sentinel, Threat | Permalink.

Learn Azure in a Month of Lunches Free E-book #Azure #Cloud #Education

Learn Azure in a Month of Lunches breaks down the most important Azure concepts into bite-sized lessons with exercises and labs—along with project files available in GitHub—to reinforce your skills. Learn how to:
Use core Azure infrastructure and platform services—including how to choose which service for which task.
Plan appropriately for availability, scale, and security while considering cost and performance.
Integrate key technologies, including containers and Kubernetes, artificial intelligence and machine learning, and the Internet of Things.

You can download the Free Learn Azure in a Month of Lunches E-book here

Categories: ARM, Azure, Azure AI, Azure Monitor, Azure Security, AzureDevOps, Containers, IoT, Microsoft Azure, OMS, SQL, Windows Containers, Windows Server 2016, Windows Server 2019, WindowsAzure | Tags: Apps, AzOps, Azure, AzureDevOps, Cloud, Developers, DevOps, Ebook, Education, Microsoft, Teachers | Permalink.

#Azure IoT Pipeline with Microsoft #AzureDevOps Project #IoT #Code #Apps #SmartCities

Azure IoT Edge – Hub with Azure DevOps Pipeline

Configure continuous integration (CI) and continuous delivery (CD) for your IoT Edge application with DevOps Projects. DevOps Projects simplifies the initial configuration of a build and release pipeline in Azure Pipelines.

In the following steps you can see how easy it is to build your Continuous integration and continuous deployment to Azure IoT Edge with DevOps Project :

Select Simple IoT

Click on Next.

From here you set your Azure DevOps organization to your Azure IoT Hub. Click on additional settings

In additional settings you can set :

• Azure Resource Group
• Location ( region)
• Container Registry
• Container Registry name
• Container registry SKU
• Container Location
• IoT Hub of Edge Devices
• IoT Hub Location

Select Container Registry Plan

Azure Container Registry allows you to store images for all types of container deployments including DC/OS, Docker Swarm, Kubernetes, and Azure services such as App Service, Batch, Service Fabric, and others. Your DevOps team can manage the configuration of apps isolated from the configuration of the hosting environment.
More information about Azure Container Registry and pricing

Azure DevOps Project will do the rest of the deployment.

Of course Infrastructure as Code (IaC) is possible by ARM JSON Template.

Save the template for later.

here you got your ARM Templates.

Later you will see when you complete the deployment, that your JSON ARM template is in Azure DevOps Repo.
You can connect your Azure DevOps Repo via the portal but also via Visual Studio and Visual Studio Code.

The resources coming into myiotpipeline-rg

MyIOTPipeline-IoTHub is created.

MyIOTPipelineACR Container Registry is created.

MyIOTPipeline with Azure DevOps is created 🙂

Your Continuous integration and continuous deployment to Azure IoT Edge is deployed and active. Now you have your Azure Pipeline in place to continuously update your IoT Device App. From here you can go to Azure DevOps Project Homepage.

Via Agent phase you can see all the jobs of the deployment.

Azure DevOps Pipeline Release

here we have Azure DevOps Repos

Azure DevOps Services includes free unlimited private Git repos, so Azure Repos is easy to try out. Git is the most commonly used version control system today and is quickly becoming the standard for version control. Git is a distributed version control system, meaning that your local copy of code is a complete version control repository. These fully functional local repositories make it easy to work offline or remotely. You commit your work locally, and then sync your copy of the repository with the copy on the server.
Git in Azure Repos is standard Git. You can use the clients and tools of your choice, such as Git for Windows, Mac, partners’ Git services, and tools such as Visual Studio and Visual Studio Code.

All the Azure Resources for the IoT Edge Pipeline with Azure DevOps.

When you have your Azure DevOps Pipeline with IoT Edge devices running, you can monitor your pipeline with Analytics inside Azure DevOps.

Click Next.

Click on Install Analytics.

Select the right Azure DevOps Organization for your IoT Edge Pipeline.

Done !

 

Analytics is now active, you can make automated test plans in Azure DevOps and see the results via Analytics.

Azure DevOps Overview Dashboard.

There are a lot of predefined Analytics Views for you shared.

An Analytics view provides a simplified way to specify the filter criteria for a Power BI report based on the Analytics Service data store. The Analytics Service provides the reporting platform for Azure DevOps.
More information about Analytics in Azure DevOps here

Easy to start with Powerbi and Azure DevOps Connector.

Planned manual testing
Plan, execute, and track scripted tests with actionable defects and end-to-end traceability. Assess quality throughout the development lifecycle by testing your desktop or web applications.

More information about making your testplan for your IoT Edge Devices Azure DevOps Pipeline

Conclusion :

When you connect Microsoft Azure IoT Edge – HUB with your Internet of Things Devices and combine it with Microsoft Azure DevOps Team to develop your Azure IoT Pipeline, then you are in fully control of Continuous integration and continuous deployment to Azure IoT Edge. From here you can make your innovations and Intelligent Cloud & Edge with Artificial Intelligence and Machine Learning to your Devices. You will see that this combination will be Awesome for HealthCare, Smart Cities, Smart Buildings, Infrastructure, and the Tech Industry.

In this Microsoft article, you learn how to use the built-in Azure IoT Edge tasks for Azure Pipelines to create two pipelines for your IoT Edge solution. The first takes your code and builds the solution, pushing your module images to your container registry and creating a deployment manifest. The second deploys your modules to targeted IoT Edge devices.

Join the Azure DevOps Community on LinkedIn

Join Containers in the Cloud Community on LinkedIn

Join Microsoft Azure Monitor & Security for Hybrid IT Community on LinkedIn

Categories: ARM, Azure, Azure AI, Azure Monitor, Azure Security, AzureDevOps, Containers, IoT, Linux, Microsoft Azure, VisualStudio, Windows Containers, WindowsAzure | Tags: AI, Azure, AzureDevOps, Cloud, Code, Developers, Devices, Edge, HybridCloud, Intelligence, IoT, MachineLearning, Management, MVPBUZZ, PipeLines, SmartBuildings, SmartCities | Permalink.

Optimize Security and Compliancy with #Azure Security Center #ASC #Cloud #GDPR

Microsoft Azure Security Center

When you have your Hybrid Cloud Enterprise Design ready in a Microsoft HUB-Spoke model and your Security in place, you can do your optimize on your Azure workloads and keep up-to-date for your compliancy. Microsoft Azure Security Center can support you in Security and Compliancy (GDPR). Here you see my former blogposts about Microsoft Azure HUB-Spoke model architecture and Security by design :

1. Microsoft Azure Hub-Spoke model by Enterprise Design 1 of 4
2. Microsoft Azure Policy and BluePrints Overview (Extra Blogpost)
3. Microsoft Azure Hub-Spoke model by Enterprise Design 2 of 4 “Lift and Shift”
4. Microsoft Azure Hub-Spoke model by Enterprise Design 3 of 4 Data Migration
5. Managing and Working with Azure Network Security Groups (NSG) 

Security in software is always on the move and changing in this world, when you think you are ready something has changed already. That’s why I love Microsoft Azure Security Center to keep you posted and giving you advise on Security but also on Compliancy.

From here you see a high-level overview of these new possibilities in Microsoft Azure Security Center :

Security Center Overview

Microsoft Azure Security Center is working with the following navigation menu’s on the left :

• General
• Policy & Compliance
• Resource Security Hygiene
• Advanced Cloud Defense
• Threat Protection
• Automation & Orchestration

Microsoft Azure Secure Score Dashboard

Microsoft Azure Security Center is working with Overall Secure Score. In my Test LAB we have some work to do 😉
The Azure secure score reviews your security recommendations and prioritizes them for you, so you know which recommendations to perform first. This helps you find the most serious security vulnerabilities so you can prioritize investigation. Secure score is a tool that helps you assess your workload security posture.
Improve your secure score in Azure Security Center

Azure Security Center Recommendations

Microsoft Azure Security Center gives you advise to make your Security Score higher and you can improve immediately.

Open Subnet without NSG.

From here you can Enable a Network Security Group (NSG) on the Subnet and make your network more secure.

Creating NSG from Azure Security Center.

A subnet with NSG.

Azure Security Center Advise on Disk Encryption

1. Description on Applying Disk Encryption on your Virtual Machines
2. General Information, with Impact and Implementation Cost.
3. Threats, what can happen when you don’t implement the security.
4. Remediation Steps from Microsoft Azure Security Center
   Like this : Managing security recommendations in Azure Security Center

Security Center – Regulatory Compliance

I really like this feature in Azure Security Policy & Compliancy to help the business with GDPR and keep your Data Save by Security.

PCI DSS 3.2

ISO 27001

So now you can work on your Security and Compliance

SOC TSP

Here you find more information about Microsoft Azure Security Center

Microsoft Azure Security Center Playbooks

Integrate security solutions in Azure Security Center

 

Conclusion :

Security is a on-going process 24 hours -365 days to monitor, analyze, and prevent security issues. Working on Compliancy for your Business and making your own Security policies is important. Microsoft Azure Security Center can support you in this journey. When you Optimize your Azure workloads or make new solutions in Azure, keep it secure with Microsoft Azure Security Center.

Categories: Azure, Azure Monitor, Azure Security, Containers, IoT, Microsoft Azure, SQL, Uncategorized, Windows Containers, Windows Server 2012 R2, Windows Server 2016, Windows Server 2019, WindowsAzure | Tags: ASC, Azure, Cloud, Compliancy, GDPR, HybridCloud, MVPBUZZ, SecOps, Security, SIEM, Threat | Permalink.

Bye Bye 2018 vs Hello 2019 #MVPbuzz #Azure #Cloud #AzureDevOps #Education #Code #Analytics

Happy New Year !

First of all Thank you for following me and Sharing Microsoft Cloud and Datacenter Management content on Social Media 🙂 Sharing & Learning Together is Better. 

Here some work I did for the Community in 2018 :

•  I wrote 62 Blogposts in 2018 on https://mountainss.wordpress.com and shared them on LinkedIn,
  Twitter, Facebook and Microsoft Tech Community
• Made a Blogpost Serie about :
  It’s all about your Datacenter transition to the Cloud by Design and by Security.
  Microsoft Azure Hub-Spoke model by Enterprise Design
• 
  Started Azure DevOps Community Group on LinkedIn
• Together with Community Groups :  Microsoft Azure Monitor and Security for Hybrid IT and
  Containers in the Cloud
  
  @Jamesvandenberg
• Welcome 577 New Followers on Twitter of the 5904 Followers 🙂
  More then 2.807.000 Tweet impressions in One year !
• Started with Friday is MVPbuzz Day for Education to get Azure Cloud in the Classroom, working together with Teachers and Students in my Free time.
  
• Working with Microsoft Learn in Teams for the Students.
• Meetings and Speaking for Education, all about Azure and AzureStack Technologies.
• Conferences, like the Global MVP Summit 2018, DevOps Amsterdam, Community Group meetings.
  Microsoft Ignite, Microsoft Build, Microsoft Connect events.
• Almost every week Microsoft Product Group Intervention (PGI) sessions Online.
• Sharing the News every Day via Twitter, Facebook, LinkedIn, Microsoft Tech Community, Blog

But what is coming in 2019 ?

Rocking with Azure in the Classroom !

I will continue every day sharing knowledge with the Community and continue my Free work on MVPbuzz Friday for Education to get Azure Cloud Technology in the Classroom for Teachers and Students.
The trend I see for 2019 is more Infrastructure and Security by Code with Microsoft Azure DevOps
and of course you have to be in Control with Microsoft Azure Monitor

I will write a blogpost in January 2019 about Microsoft Azure Hub-Spoke model by Enterprise Design 4 of 4 : Optimize your Azure Workload.

More Items in 2019 to come :

• Microsoft Azure Security Center for Hybrid IT
• Windows Server 2019 in combination with Azure Cloud Services.
• More on Containers in the Cloud
• Azure Stack and ASDK
• Integration with Azure Cloud.
• API Management
• Azure DevOps Pipelines and Collabration
• Azure IoT for Smart Cities and Buildings combined with AI Technology

2019 will be a Great year again with New Microsoft Technologies and Features for your business.

Categories: ARM, Azure, Azure AI, Azure Monitor, Azure Security, Azure Stack, AzureDevOps, Containers, Docker, DSVM, Hyper-V, IoT, Linux, Microsoft Azure, NanoServer, OMS, PowerShell, SQL, VisualStudio, Windows 10, Windows Admin Center, Windows Containers, Windows Server 2019, WindowsAzure | Tags: 2018, 2019, ASC, Azure, AzureDevOps, Azuremonitor, AzureStack, Cloud, Code, Containers, DevOps, Education, Happy2019, HybridCloud, IaC, Linux, Microsoft, MVPBUZZ, Security | Permalink.

Watch the Live Stream Today of #Microsoft Ignite 2018 in Orlando 24 – 28 September #MSIgnite #Azure #Cloud #DevOps and More

Don’t miss the Live Stream of Microsoft Ignite 2018

Get the latest insights and skills from technology leaders and practitioners shaping the future of cloud, data, business intelligence, teamwork, and productivity. Immerse yourself with the latest tools, tech, and experiences that matter, and hear the latest updates and ideas directly from the experts.

Watch live https://www.microsoft.com/en-us/ignite as Microsoft CEO Satya Nadella lays out his vision for the future of tech, then watch other Microsoft leaders explore the most important tools and technologies coming in the next year. After the keynotes, select Microsoft Ignite sessions will stream live—take a deep dive into the future of your profession.

More then 700+ Sessions and 100+ Expert-led and self-paced workshops

#MSIgnite

Categories: ARM, Azure, Azure Monitor, Azure Security, Azure Stack, Containers, Docker, DSVM, Hololens, Hyper-V, IoT, Linux, Microsoft Azure, NanoServer, Office365, OMS, PowerShell, SQL, System Center 2016, System Center vNext, VisualStudio, Windows 10, Windows Admin Center, Windows Containers, Windows Server 2019, WindowsAzure | Tags: Azure, AzureDevOps, AzureStack, Cloud, DevOps, Linux, Microsoft, MSIgnite, msignite2018, News | Permalink.

Download the August 2018 #Developers Guide to #Azure #Cloud

If you are a developer or architect who wants to get started with Microsoft Azure, this book is for you! Written by developers for developers, this guide will show you how to get started with Azure and which services you can use to run your applications, store your data, incorporate intelligence, build IoT apps, and deploy your solutions in a more efficient and secure way.

Download the August 2018 Update of Developers Guide to Azure E-book here

Happy Reading and Building in the Microsoft Azure Cloud with this Awesome E-book !

Categories: Azure, Azure Security, Containers, IoT, Microsoft Azure, WindowsAzure | Tags: Apps, Azure, Cloud, Code, Developers, DevOps, E-book, Microsoft | Permalink.