#Microsoft Azure Sentinel (Preview) Overview #Azure #Sentinel #Security #Analytics #SIEM

 

Microsoft Azure Sentinel

Microsoft Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.

• Collect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds.
• Detect previously undetected threats, and minimize false positives using Microsoft’s analytics and unparalleled threat intelligence.
• Investigate threats with artificial intelligence, and hunt for suspicious activities at scale, tapping into years of cyber security work at Microsoft.
• Respond to incidents rapidly with built-in orchestration and automation of common tasks.

In the following step-by-step guide you get a global overview of Azure Sentinel :

Search for Azure Sentinel in the Azure Portal.

Click on Create

Connect or add your Workspace.

Click on Add Azure Sentinel

Azure Sentinel is added to your workspace.

Azure Sentinel Overview

Security Analytics

Learn here more with Microsoft Azure Monitor analytics queries

Here you can play with Azure Log Analytics 😉

Here you can collect all your Security Cases

Azure Sentinel Build-In Dashboard Solutions

Azure AD Audit Logs

 

Linux Machines Security

When you have your Azure Sentinel Solutions in place with alerting rules and telemetry and analytics is coming to your workspace, Hunting is the next Threat management tool :

Azure sentinel Hunting

Working with Tags and Collaborate with Teammates

Launch Investigations and Bookmark

Working with Azure Notebooks for Azure Sentinel

Welcome to the Azure Sentinel repository! This repository contains out of the box detections, exploration queries, hunting queries, dashboards and playbooks to help you get ramped up with Azure Sentinel and provide you security content to secure your environment and hunt for threats. You can also submit any issues or feature requests as you onboard to Azure Sentinel. For questions and feedback, please contact AzureSentinel@microsoft.com

Azure Sentinel Notebooks on GitHub

 

Get started from here to Configure your Azure Sentinel Environment

Choose your Data Collections for Azure Sentinel Security

Lot of Choice already Build-in for you.

From here you can make your own Azure Sentinel Analytics Alert Rules.

Alert Rules

Create Alert rules with the right mappings, triggers, and scheduling, response automation.

Add your own playbooks for your Security

Unlock the power of AI for security with Machine Learning

Machine Learning in Azure Sentinel is built-in right from the beginning. We have thoughtfully designed the system with ML innovations aimed to make security analysts, security data scientists and engineers productive. One such innovation is Azure Sentinel Fusion built especially to reduce alert fatigue.

Building your Full Screen Dashboard for Monitoring

More information about Azure Sentinel Intelligent Security :

Start here free with Azure Sentinel Preview

Microsoft azure Sentinel Docs

Microsoft Azure Sentinel on GitHub

Join Microsoft Azure Monitor & Security for Hybrid IT Community

 

Categories: Azure, Azure AI, Azure Monitor, Azure Security, AzureDevOps, Containers, IoT, Microsoft Azure, SQL, Uncategorized, Windows Server 2016, Windows Server 2019, WindowsAzure | Tags: AI, Analytics, ASC, AzOps, Azure, Cloud, HybridCloud, Linux, Microsoft, MVPBUZZ, SecOps, Security, Sentinel, Threat | Permalink.

#Microsoft Hololens 2 Overview Videos #MWC2019 #Hololens #Azure #VR with @satyanadella

Microsoft Keynote HoloLens 2 at Mobile World Congress (MWC) 2019

HoloLens 2

Microsoft HoloLens 2: Partner Spotlight with Philips

Microsoft HoloLens 2: Partner Spotlight with Bentley

Conclusion:

I see Awesome possibilities for Maintenance in Smart Cities and Smart Buildings with Intelligent Cloud and Intelligent Edge together with the Microsoft Hololens 2 and Microsoft Azure. Intelligent Dashboards in your Hololens 2 hybrid with your Azure App for example. Great for Manufacturers, Healthcare, Architects, Maintenance Companies but also for Teachers and Students doing innovative Education 🙂

Here you find more information about Microsoft Hololens 2 and Business Ready Apps

Categories: Azure, Azure AI, Azure Monitor, Hololens, Microsoft Azure, WindowsAzure | Tags: AI, Apps, Azure, Hololens, Hololens2, Microsoft, MixedReality, VR | Permalink.

Learn Azure in a Month of Lunches Free E-book #Azure #Cloud #Education

Learn Azure in a Month of Lunches breaks down the most important Azure concepts into bite-sized lessons with exercises and labs—along with project files available in GitHub—to reinforce your skills. Learn how to:
Use core Azure infrastructure and platform services—including how to choose which service for which task.
Plan appropriately for availability, scale, and security while considering cost and performance.
Integrate key technologies, including containers and Kubernetes, artificial intelligence and machine learning, and the Internet of Things.

You can download the Free Learn Azure in a Month of Lunches E-book here

Categories: ARM, Azure, Azure AI, Azure Monitor, Azure Security, AzureDevOps, Containers, IoT, Microsoft Azure, OMS, SQL, Windows Containers, Windows Server 2016, Windows Server 2019, WindowsAzure | Tags: Apps, AzOps, Azure, AzureDevOps, Cloud, Developers, DevOps, Ebook, Education, Microsoft, Teachers | Permalink.

Whitepaper Achieving Compliant Data Residency and Security with #Azure #Cloud

Introduction

Security and compliance–basic elements of the trusted cloud–are top priorities for organizations today. This paper is designed to help customers ensure that their data is handled in a manner that meets their data protection, regulatory, and sovereignty requirements on the global cloud architecture of Microsoft Azure. Transparency and control are also essential to establishing and maintaining trust in cloud technology. Microsoft recognizes that restricted and regulated industries require additional details for their risk management and to ensure compliance at all times. Microsoft provides an industry-leading security and compliance portfolio. Security is built into the Azure platform, beginning with the development process, which is conducted in accordance with the Security Development Lifecycle (SDL), and includes technologies, controls and tools that address data management and governance, Active Directory identity and access controls, network and infrastructure security technologies and tools, threat protection, and encryption to protect data in transit and at rest. Microsoft also provides customers with choices to select and limit the types and locations of data storage on Azure. With the innovation of the security and compliance frameworks, customers in regulated industries can successfully run mission-critical workloads in the cloud and leverage all the advantages of the Microsoft hyperscale cloud. This simple approach can assist customers in meeting the data protection requirements of government regulations or company policies by helping them to:

Understand data protection obligations.

Understand the services and controls that Azure provides to help its customers meet those obligations.

Understand the evidence that customers need to assert compliance.

The paper is structured into these three sections, with each diving deeper into the security and technologies that help Microsoft customers to meet data protection requirements. The final section discusses specific requirements to which industries and organizations in selected European markets are subject.

Download this Awesome whitepaper, “Achieving compliant data residency and security with Azure.”

Learn here more on Compliance, Trust, Security and Responsibilities

Categories: ARM, Azure, Azure AI, Azure Monitor, Azure Security, Azure Stack, AzureDevOps, Containers, Microsoft Azure, SQL, Windows Server 2019, WindowsAzure | Tags: Azure, AzureStack, Cloud, Compliance, Controls, Data, Microsoft, MVPBUZZ, Protection, Responsibilities, Security, Whitepaper | Permalink.

Bye Bye 2018 vs Hello 2019 #MVPbuzz #Azure #Cloud #AzureDevOps #Education #Code #Analytics

Happy New Year !

First of all Thank you for following me and Sharing Microsoft Cloud and Datacenter Management content on Social Media 🙂 Sharing & Learning Together is Better. 

Here some work I did for the Community in 2018 :

•  I wrote 62 Blogposts in 2018 on https://mountainss.wordpress.com and shared them on LinkedIn,
  Twitter, Facebook and Microsoft Tech Community
• Made a Blogpost Serie about :
  It’s all about your Datacenter transition to the Cloud by Design and by Security.
  Microsoft Azure Hub-Spoke model by Enterprise Design
• 
  Started Azure DevOps Community Group on LinkedIn
• Together with Community Groups :  Microsoft Azure Monitor and Security for Hybrid IT and
  Containers in the Cloud
  
  @Jamesvandenberg
• Welcome 577 New Followers on Twitter of the 5904 Followers 🙂
  More then 2.807.000 Tweet impressions in One year !
• Started with Friday is MVPbuzz Day for Education to get Azure Cloud in the Classroom, working together with Teachers and Students in my Free time.
  
• Working with Microsoft Learn in Teams for the Students.
• Meetings and Speaking for Education, all about Azure and AzureStack Technologies.
• Conferences, like the Global MVP Summit 2018, DevOps Amsterdam, Community Group meetings.
  Microsoft Ignite, Microsoft Build, Microsoft Connect events.
• Almost every week Microsoft Product Group Intervention (PGI) sessions Online.
• Sharing the News every Day via Twitter, Facebook, LinkedIn, Microsoft Tech Community, Blog

But what is coming in 2019 ?

Rocking with Azure in the Classroom !

I will continue every day sharing knowledge with the Community and continue my Free work on MVPbuzz Friday for Education to get Azure Cloud Technology in the Classroom for Teachers and Students.
The trend I see for 2019 is more Infrastructure and Security by Code with Microsoft Azure DevOps
and of course you have to be in Control with Microsoft Azure Monitor

I will write a blogpost in January 2019 about Microsoft Azure Hub-Spoke model by Enterprise Design 4 of 4 : Optimize your Azure Workload.

More Items in 2019 to come :

• Microsoft Azure Security Center for Hybrid IT
• Windows Server 2019 in combination with Azure Cloud Services.
• More on Containers in the Cloud
• Azure Stack and ASDK
• Integration with Azure Cloud.
• API Management
• Azure DevOps Pipelines and Collabration
• Azure IoT for Smart Cities and Buildings combined with AI Technology

2019 will be a Great year again with New Microsoft Technologies and Features for your business.

Categories: ARM, Azure, Azure AI, Azure Monitor, Azure Security, Azure Stack, AzureDevOps, Containers, Docker, DSVM, Hyper-V, IoT, Linux, Microsoft Azure, NanoServer, OMS, PowerShell, SQL, VisualStudio, Windows 10, Windows Admin Center, Windows Containers, Windows Server 2019, WindowsAzure | Tags: 2018, 2019, ASC, Azure, AzureDevOps, Azuremonitor, AzureStack, Cloud, Code, Containers, DevOps, Education, Happy2019, HybridCloud, IaC, Linux, Microsoft, MVPBUZZ, Security | Permalink.

#Microsoft #AzureDevOps – Azure Pipelines, #Azure Boards + GitHub with @AbelSquidHead #LoECDA

Azure DevOps for CI/CD

Azure DevOps Services is a cloud service for collaborating on code development. It provides an integrated set of features that you access through your web browser or IDE client. The features are included, as follows:

• Git repositories for source control of your code
• Build and release services to support continuous integration and delivery of your apps
• Agile tools to support planning and tracking your work, code defects, and issues using Kanban and Scrum methods
• Many tools to test your apps, including manual/exploratory testing, load testing, and continuous testing
• Highly customizable dashboards for sharing progress and trends
• Built-in wiki for sharing information with your team

The Azure DevOps ecosystem also provides support for adding extensions and integrating with other popular services, such as: Campfire, Slack, Trello, UserVoice, and more, and developing your own custom extensions.

Start your CI/CD Pipelines Today with Azure DevOps

More information about Microsoft Azure DevOps :

Microsoft Azure DevOps Docs

Azure DevOps Community Group on LinkedIn

Azure DevOps PODCAST

and stay up-to-date on Azure DevOps via Twitter :

The #LoECDA Team

@AzureDevOps

@DonovanBrown

@AbelSquidHead

@jldeen

@damovisa

@StevenMurawski

Categories: Azure, Azure AI, Azure Monitor, AzureDevOps, Containers, Docker, Linux, Microsoft Azure, VisualStudio, Windows Containers, WindowsAzure | Tags: Azure, AzureDevOps, CICD, Cloud, Code, Developers, DevOps, IaC, Microsoft, MVPBUZZ, PipeLines | Permalink.

View Container Live logs with #Azure Monitoring #AKS #Kubernetes #Containers #AzureDevOps

Monitoring Azure Kubernetes Cluster

Azure Monitor for containers is a feature designed to monitor the performance of container workloads deployed to either Azure Container Instances or managed Kubernetes clusters hosted on Azure Kubernetes Service (AKS). Monitoring your containers is critical, especially when you’re running a production cluster, at scale, with multiple applications.
Azure Monitor for containers gives you performance visibility by collecting memory and processor metrics from controllers, nodes, and containers that are available in Kubernetes through the Metrics API. Container logs are also collected. After you enable monitoring from Kubernetes clusters, these metrics and logs are automatically collected for you through a containerized version of the Log Analytics agent for Linux and stored in your Log Analytics workspace.

Here you find awesome documentation about Understanding AKS cluster performance with Azure Monitor for containers

What I really like is that you now can see the Container Live logs from the Azure portal and see what is going on in the background of a Container 🙂

Activate Azure Kubernetes Container Live Logs

Here you see the Container Live logs

This feature provides a real-time view into your Azure Kubernetes Service (AKS) container logs (stdout/stderr) without having to run kubectl commands. When you select this option, new pane appears below the containers performance data table on the Containers view, and it shows live logging generated by the container engine to further assist in troubleshooting issues in real time.
Live logs supports three different methods to control access to the logs:

1. AKS without Kubernetes RBAC authorization enabled
2. AKS enabled with Kubernetes RBAC authorization
3. AKS enabled with Azure Active Directory (AD) SAML based single-sign on

You even can search in the Container Live Logs for Troubleshooting and history :

Search on ssh

Azure Monitor for containers uses a containerized version of the Log Analytics agent for Linux. After initial deployment, there are routine or optional tasks you may need to perform during its lifecycle.
Because of this agent you can work with Log Analytics in Azure Monitor :

Log Analytics on Containers.

Here you find more on Log Analytics query language

Conclusion :

When you have your production workload running on Azure Kubernetes Clusters, It’s important to monitor to keep you in Control of the solution in Microsoft Azure and watch for improvements like performance for the business. With Container Live logs you can see what is going on in the Containers when you have issues and that’s great for troubleshooting to get your problem solved fast. Get your workload into Azure Containers and make your Azure DevOps CI/CD Pipelines in the Cloud.

Join the LinkedIn Community Groups for :

Containers in the Cloud

Azure DevOps Community

Microsoft Azure Monitor & Security for Hybrid IT

Categories: ARM, Azure, Azure Monitor, Azure Security, Azure Stack, AzureDevOps, Containers, Docker, Linux, Microsoft Azure, OMS, Windows Containers, WindowsAzure | Tags: AKS, Azure, AzureDevOps, Azuremonitor, Cloud, Containers, DevOps, Kubernetes, Linux, Microsoft, Monitoring | Permalink.