Microsoft Azure Security Tools
Besides the Microsoft Security Response Center (MSRC), Microsoft offers a handful of security related tools and APIs which are available via Web-based consoles, Microsoft Graph API and Powershell.
By navigating to https://security.microsoft.com/info, you should be able to utilize all available security tools and consoles as described below.
- Microsoft 365 security center. This is the home for monitoring and managing security across your Microsoft identities, data, devices, apps, and infrastructure. Learn more about the Microsoft 365 security center.
- Microsoft Defender Security Center. Monitor and respond to security alerts on devices protected by next-generation protection, endpoint detection and response, and many other capabilities of Microsoft Defender Advanced Threat Protection. Microsoft Defender for Endpoint has a new home and this is https://security.microsoft.com.
- Microsoft 365 compliance center. This allows you to manage your compliance needs across Microsoft 365 services using integrated solutions for information governance, classification, case management, and more.
- Azure Active Directory. Manage your organization’s identities. Set up multi-factor authentication, track user sign-ins, edit company branding, and more.
- Azure AD Identity Protection. Detect potential vulnerabilities affecting your organization’s identities. Investigate suspicious incidents related to your organization’s identities and set up automated responses to resolve them.
- Microsoft Defender for Identity. Identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
- Azure Information Protection. Configure and manage the Azure Information Protection client and scanner to automatically classify and protect your organization’s email and docs. Use reports to monitor label usage and identify sensitive info that should be protected.
- Azure Security Center. Protect your data centers and get advanced threat protection for your Azure and non-Azure workloads, in the cloud and on premises. Secure your Azure services fast with auto-provisioned, native protection.
- Azure Sentinel (Cloud-based SIEM solution)
- Microsoft 365 Device Management. Manage device access to your organization’s most important data. Set up Intune enrollment, assign apps and policies, and monitor enrolled devices.
- Microsoft Cloud App Security. Get visibility into your cloud apps using sophisticated analytics to identify and protect against cyberthreats, detect Shadow IT, and control how your data travels. This is accessible via https://YourMicrosoftAzureTenant.portal.cloudappsecurity.com/#/discovery URL.
- Microsoft 365 security & compliance center. Manage security and compliance for all of your organization’s data across Office 365. Import and archive content, prevent data leaks, protect against threats, and more.
