We just raised a $30M Series A: Read our story

Azure Security Center Valuable Features

Network & Security Architect at SNP Technologies, Inc.

For any type of service, I would recommend the go-to solution for security on Azure is Security Center. The advantage is, firstly, is that it has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem. It has seamless integration with their Log Analytics workspaces, and it also provides some insights into what can be a better solution when it comes to securing their environment.

When it comes to improving the security posture, whenever we have a small project for a customer where they want to migrate their resources into Azure, once the resources are migrated, such as the ones I noted above, we go ahead and integrate Security Center in various ways. One of those ways is to use an agent that can be installed on virtual machines so that we can extensively monitor security alerts or threats that happen on the device. 

But for platforms as a service, we can't have an agent installed, so it integrates with the Log Analytics workspace. For any PaaS services, or a database as a service, or data lakes, we take their Log Analytics workspace and integrate it with Security Center. Once we have integrated it, Security Center discovers the resources, determines what the different configurations are, and provides us with some recommendations for the best practices that Microsoft suggests.

For example, if the Security Center agent is installed on a virtual machine and it scans the environment and identifies that the access to this VM is public and also doesn't have any MFA, it will recommend that blocking public access is one of the best practices to make sure that only safe access is allowed. Along with that, it can also provide us with some insights about enabling MFA solutions that can provide an additional security layer. Those are examples of things that Security Center can recommend for providing a more secure infrastructure

View full review »
Senior DevSecOps Engineer at a consumer goods company with 11-50 employees

The most valuable feature is the help with regulatory compliance, as it gives us security scores and the CVE details.

Centralized management is another feature that is key for me.

View full review »
Cloud Architect at a legal firm with 5,001-10,000 employees

The most valuable feature is the recommendations. Azure Security Center is a product that can be useful in various grades and stages, depending on the state of maturity of both your application and your organization.

The alerts are also valuable, and they go hand-in-hand with the recommendations.

With respect to our security posture, there are at least two features that have been very useful. The first of these is the inventory section, where you can quickly see everything that you have. Especially in a larger organization where there have been mergers and acquisitions, it can be difficult to readily see everything that has been deployed. Using Security Center, you have a full view, at any given time, of what's deployed, and that is something that is very useful.

The security score has been very useful. This is another numeric metering system that basically tells you how well you have been doing.

View full review »
Learn what your peers think about Azure Security Center. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
543,424 professionals have used our research since 2012.
SOC Manager at a tech services company with 10,001+ employees

Most use cases that come from Microsoft are all automated. Even before any manual effort, the tool is designed in such a way that it just does the threat analysis. It gives us exactly what the incident alert is all about: 

  • The priority
  • The threat 
  • The impact
  • The risk
  • How it can be mitigated. 

Those are the key features of this particular tool.

The solution has features that have definitely helped improve our security posture.

One important security feature is the incident alerts. Now, with all these cyberattacks, there are a lot of incident alerts that get triggered. It is very difficult to keep monitoring everything automatically, instead our organization is utilizing the automated use case that we get from Microsoft. That has helped bring down the manual work for a lot of things. The automation tool does the following (when human interaction is needed): 

  • Identifies what kind of an alert is it. 
  • Whether we have to dismiss it. 
  • When we need to take any action so the team can do it appropriately. 

This is one of its key benefits.

It is easy to use based on my experience. If a newcomer comes in, it is just a matter of time to just learn it because it is not that difficult.

View full review »
Senior Consultant at a recruiting/HR firm with 51-200 employees

The most valuable features are regulatory compliance and security alerts. The security score is very helpful, as well. Together, these let us know the state of each subscription and whether there are any actions that we need to take. This functionality is pretty helpful in audits.

View full review »
JJ
Cyber Security Consultant at a tech services company with 10,001+ employees

The security alerts and correlated alerts are most valuable. It correlates the logs and gives us correlated alerts, which can be fed into any security information and event management (SIEM) tool. It is an analyzed correlation tool for monitoring security. It gives us alerts when there is any kind of unauthorized access, or when there is any malfunctioning in multifactor authentication (MFA). If our Azure is connected with Azure Security Center, we get to know what types of authentication are happening in our infra. 

It has so many security monitoring features, such as compromised accounts. For example, if I'm working for abc.com company, and I'm using the same company email address for registering to another hotel or some other place where it gets hacked or something goes wrong, they will alert us. If my credentials are dumped somewhere on the dark web, they trigger an alert stating that you should go and reset your credentials. There are many more interesting alerts, and such features are pretty awesome in terms of security monitoring. In terms of security, it gives a very good overview of our estate. It also has many features from the cloud administration side.

View full review »
DD
Senior Architect at a tech services company with 10,001+ employees

We are using most of the good services in Azure:

  • The load balancing options
  • Firewall
  • Application Gateway
  • Azure AD. 

I value Azure Security Center the most from a security point of view. Everybody is concerned about moving data or infrastructure to the cloud. This solution proves that we are secure enough for that infrastructure, which is why I really value the Azure Security Center. We are secure in our infrastructure.

This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot.

View full review »
Senior Project Engineer at a tech services company with 10,001+ employees

The most valuable features related to my involvement are Azure Defender and enabling log analytics on the workloads. This helps to integrate the workload suite with the analytics repository. For example, if I want to capture any logs from a Windows 10 workload, then this allows me to do so.

The Log Analytics Workspace acts as a repository where it captures all of the data from Windows 10 and Windows 8 workloads. In order to implement it, an agent needs to be installed. With Azure Security Center, we can configure a policy that accounts for different subscription levels. It automatically installs the agent and begins capturing data.

This product provides us with many features including auto-provisioning of dependency agents for Azure Log Analytics, as well as for Azure Defender.

We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language.

View full review »
OB
Security Consulting, Manager at a computer software company with 1,001-5,000 employees

The most valuable feature of this solution is the support for a multi-cloud environment.

The policy-related features are good. For example, there is a compliance policy that is related to PCI and another related to NIST.

The support for dynamic networking is good.

Alerting and incident management are valuable features.

The integration with Logic Apps allows for automated responses to incidents. It is also integrated with Microsoft Defender.

They added new functionality into the pretty long list of features and it is constantly being updated. 

View full review »
JJ
System Administrator at a tech services company with 201-500 employees

The dashboard is very good. It gives our clients a lot of information and allows them to have a complete overview of the system. Everything is visible in one glance.

View full review »
MK
Cloud Security Design Lead at a retailer with 1,001-5,000 employees

I personally like the features of the daily recommendations because that's a major deal, and it hosts Microsoft products so it has visibility. If you are bringing in a third party to get a high level of visibility, then a lot of work is required to get that level of capability. This product gives a very good view of the entire security setup of your organization which can be used by the security and operation teams. It provides alerts to the security team on the one hand, and all the AI and ML based detections on the other. It's very beneficial for our security and assault teams. In addition, it provides recommendations for the operations teams who need to sustain a high level of security. It's an important capability. 

View full review »
Managing Partner at Digitaiken

We saw improvement from a regulatory compliance perspective due to having a single dashboard.

View full review »
DB
Sr Cybersecurity Engineer at a computer software company with 10,001+ employees

The most valuable features of this solution are the remote workforce capabilities and the general experience of the remote workforce.

View full review »
Senior Analyst Security and Compliance at a insurance company with 5,001-10,000 employees

The most valuable feature is that it's intuitive. It's very intuitive. The only problem that we're struggling with is that we have 21 different subscriptions we're trying to apply security to. It's impossible to keep everything organized.

View full review »
DP
CEO at a non-profit with 11-50 employees

It helps you to identify the gaps in your solution and remediate them. It produces a compliance checklist against known standards such as ISO 27001, HIPAA, iTrust, etc.

View full review »
NB
Cyber & Cloud Security Leader at a computer software company with 1,001-5,000 employees

It takes very little effort to integrate it. It also gives very good visibility into what exactly is happening.

View full review »
PW
Senior Security Architect at a transportation company with 5,001-10,000 employees

The most valuable feature for me are the compliance policies.

View full review »
Learn what your peers think about Azure Security Center. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
543,424 professionals have used our research since 2012.