Monitoring your hybrid environment with OMS security

If you’re wondering how to use Microsoft Operations Management Suite (OMS) Security and Audit Solution to monitor a hybrid enterprise infrastructure, be sure to check out this new MVA course. Learn about deployment, antimalware, and update assessments, in addition to incident detection and response. Get the details on security challenges for IT operations and how…


Investigating Suspicious Activity in a Hybrid Cloud with OMS Security

Monitoring devices in a hybrid environment is imperative to your secure posture. The intent of having a tight secure posture is to close the gap between discovering a threat and take an action to proper add countermeasures in place. Monitoring will play a big role in the detection phase of your secure posture as shown…


Add Microsoft Antimalware to Azure Service Fabric Clusters

Hello Azure security community! Yuri Diogenes (CSI Enterprise Mobility + Security / Azure Security / OMS Security team) here. One question that keeps coming about Azure Antimalware is: can I add antimalware to Azure Service Fabric cluster? This question was recently asked in the Microsoft Antimalware for Azure Cloud Services and Virtual Machines article. Azure…


New book–Azure Security Infrastructure

Writing books is one of the most difficult things I’ve done. On the other hand, it’s also one of the easiest. Difficult because it takes long hours alone with my own thoughts, wondering about the people I’m talking to and constantly needing to remind myself that the readers can’t “read my mind” and that I…


Azure Infrastructure Security Book Coming Soon

We’re all about Azure security here on the Azure Security and Compliance Team blog. We know that the Azure public cloud has what you need to be successful faster than you could ever be on-premises. We’re seeing that with customers every day. But another thing we see and hear are concerns – security concerns. You…


Enabling Diagnostics Logging for Azure Antimalware

Hello Azure security community! Yuri Diogenes (CSI Enterprise Mobility and Azure Security team) here. Recently we had a great discussion online about how to enable diagnostics logs for Antimalware in Azure. This is an important discussion because when you enable Antimalware through the Azure Portal, this action will not enable the diagnostics logs for Antimalware…


Potential Refresh Issues with the Azure Security Center Power BI

Hello Azure Security community! Yuri Diogenes (CSI Enterprise Mobility and Azure Security team) here. We recently receive a report that some customers are experiencing a problem with Azure Security Center Power BI daily refresh report. By default a refresh is scheduled to take place in the daily basis, after a few times of successful refresh…


Missing Source Information in Azure Security Center Alerts

Hello Azure security community! Yuri Diogenes (CSI Enterprise Mobility and Azure Security team) here. Recently we updated our Managing and responding to security alerts in Azure Security Center article to add more details regarding alerts for suspicious activities. When the Azure Security Center attack detection mechanism triggers an alert, it will show you which resource…


Enabling Microsoft Antimalware User Interface on ARM VMs Post Deployment

Hello Azure security community! Yuri Diogenes (CSI Enterprise Mobility and Azure Security team) here. In our blog post Microsoft Antimalware and Azure Resource Manager (ARM) VMs, we clarified some issues regarding Microsoft Antimalware deployment using PowerShell for ARM VMs and the supportability question regarding accessing the antimalware user interface (UI) post deployment. As stated in…


Update on Microsoft Antimalware and Azure Resource Manager (ARM) VMs

Hello Azure security community! Yuri Diogenes (CSI Enterprise Mobility and Azure Security team) here. Recently we updated our Microsoft Antimalware for Azure Cloud Services and Virtual Machines article and had some interesting discussions regarding Azure antimalware on ARM VMs. While our original article has many examples for antimalware deployment using PowerShell, scripts for ARM VMs…