We’re proud to share our team’s technical knowledge through a curated calendar of events, covering the latest trends in technology. Tallan places a strong emphasis on education, whether it’s through internal Tech Talks or giving a hands-on virtual session to educate other developers about the tools we use daily. Check out the Tallan calendar to see what’s coming up!
Tallan’s 90-minute Cloud Security virtual event provided technical experts and executives with a comprehensive overview and experience of the Azure Security Center (ASC). Attendees were given an opportunity to experience and understand an overview of Microsoft security tools, including Azure Defender. The recording of this webinar provides education on strategies that help modernize your security posture, in addition to a review of the seven pillars and three principles of security. This event was presented by Tallan security expert Marc Jacquard, who also recently provided an in-depth Q&A on cyber security.
Here are some of the primary facets of cloud security covered in this webinar. Click here for the full video.
Why are we Having a Zero Trust Conversation?
- IT security is complex with many devices, users, & connections.
- “Trusted network” security strategy is based on initial attacks that were network-based, so it’s only seemingly economical and straightforward.
- Attackers have shifted to identity attacks with phishing and credential theft, leaving security teams overwhelmed and vulnerable.
Foundations of Zero Trust
Zero Trust is a security architecture model that institutes a deny-until-verified approach for access to resources from both inside and outside the network. This approach addresses the challenges associated with a shifting security perimeter in a cloud-centric and mobile workforce era. The core principle of Zero Trust is maintaining strict access control. This concept is critical to prevent attackers from pivoting laterally and elevating access within an environment.
By the Numbers
- Microsoft employs 3,700 security experts and spends more than $1B annually on security.
- In 2020, 6 billion malware threats were blocked by Microsoft Defender.
- Microsoft takes in over 8 trillion signals every 24 hours.
Microsoft Defender for Cloud (MDC) | Dashboard
Defender for Cloud is a tool for security posture management and threat protection. It strengthens the security posture of your cloud resources, and with its integrated Microsoft Defender plans, protects workloads running in Azure, hybrid, and other cloud platforms. Defender for Cloud provides the tools needed to harden your resources, track your security posture, protect against cyber attacks, and streamline security management.
Defender for Cloud fills three vital needs as you manage the security of your resources and workloads in the cloud and on-premises:
Microsoft Defender for Cloud | Regulatory Compliance
Industry standards, regulatory standards, and benchmarks are represented in Security Center’s regulatory compliance dashboard. Each standard is an initiative defined in Azure Policy. By default, every subscription has the Azure Security Benchmark assigned. This is the Microsoft-authored, Azure-specific guidelines for security and compliance best practices based on common compliance frameworks.
You can also add standards such as:
- NIST SP 800-53
- SWIFT CSP CSCF-v2020
- UK Official and UK NHS
- Canada Federal PBMM
- Azure CIS 1.3.0
- CMMC Level 3
- New Zealand ISM Restricted
** Standards are added to the dashboard as they become available.
Zero Trust is a security architecture model that institutes a deny-until-verified approach for access to resources from both inside and outside the network.
Microsoft Defender for Cloud | Inventory
Defender for Cloud periodically analyzes the security state of your Azure resources to identify potential security vulnerabilities. It then provides you with recommendations on how to remediate those vulnerabilities. When any resource has outstanding recommendations, they’ll appear in the inventory.
A prominent strip of values at the top of the inventory view shows:
- Total resources: The total number of resources connected to the Security Center.
- Unhealthy resources: Resources with active security recommendations. Learn more about security recommendations.
- Unmonitored resources: Resources with agent monitoring issues – they have the Log Analytics agent deployed, but the agent isn’t sending data or has other health issues.
- Unregistered subscriptions: Any subscription in the selected scope that hasn’t yet been connected to Azure Security Center.
Microsoft Defender for Cloud | Fix Recommendations
Recommendations give you suggestions on how to better secure your resources. You implement a recommendation by following the remediation steps provided in the recommendation. To simplify remediation and improve your environment’s security (and increase your secure score), many recommendations include a Fix option. Fix helps you quickly remediate a recommendation on multiple resources.
To implement a Fix:
- From the list of recommendations that have the Fix action icon, select the recommendation.
- From the Unhealthy resources tab, select the resources that you want to implement the recommendation on, and select Remediate.
- In the confirmation box, read the remediation details and implications.
- Insert the relevant parameters if necessary and approve the remediation.
- Once completed, a notification appears informing you if the remediation succeeded.