A Leading MNC Implements Azure Security Center for Unified Security Management and Threat Protection

The client is a global organization which specializes in inventory management applications, which is hosted on Azure and is used by MNC’s. They have huge databases that store mission critical data of the customers using their applications. The client was very concerned with aspects around security on Azure, so the challenge was to secure the resources, applications and databases at every possible level and make sure the that does not hinder the flexibility of using and accessing the resources hosted on Azure.

SNP’s team of security experts worked closely with the client team and leveraged the native security applications and few marketplace appliances on Azure. We were able to deliver exactly what the client expected by enabling security center. The client could get a complete and clear picture of the security state of the resources on Azure, SNP helped them define the policies specific to their requirement. As the next step, SNP worked with the client in making them understand the importance of the recommendations and helped the remediate them, thereby achieving the highest secure score as possible, the secure score reflects the security state of the resources on Azure. To get the client production ready SNP leveraged technologies like Azure Sentinel, Log Analytics, Azure Monitor and Azure Security Center. Some of the benefits the customer experienced were:

• Prioritized alerts and incidents – with security center, the customer got access to advanced analytics and global threat intelligence to detect incoming attacks and post-breach activity. Alerts automatically prioritized and grouped into incidents, helping them address the most critical threats first, and giving them the flexibility to create custom security alert groupings.
• We helped the customer reduce network attacks with controlled access to management ports on Azure VMs. This drastically reduces exposure to brute force and other network attacks.
• Adaptive application controls were leveraged to block malware and other unwanted applications by applying whitelisting recommendations adapted to specific Azure workloads.
• Security Policy Settings were leveraged for applications that used regulated data, such as personally identifiable information. These helped the customer easily identify potential vulnerabilities and mitigate threats.
• Email notifications determined security contacts, and email notification settings