Azure Cloud Security

Aug 25, 2021

Microsoft 365 Defender, Azure Defender, Azure Sentinel One-Page Diagram

In the past we have published individual diagrams for a number of Microsoft cloud security solutions, but in the end we always intended to have the larger picture that can provide analysts with a visual understanding on what type of data is exchanged between various Microsoft security controls and how that data is used to […]

Read More
Microsoft 365 Defender, Azure Defender, Azure Sentinel One-Page Diagram
Jul 13, 2021

Mapping of On-Premises Security Controls Versus Services Offered by Major Cloud Providers

We are happy to publish the fifth version of a diagram that started in March 2017, with just AWS and Azure versus On-Premises. The diagram began as an effort to make a translation between the typical on-premises security controls that everybody, more or less, knows what they do and the various services advertised by major […]

Read More
Mapping of On-Premises Security Controls Versus Services Offered by Major Cloud Providers
Aug 3, 2020

Azure AD Identity Protection Design

Azure AD Identity Protection Design by Adrian Grigorof, CISSP, CISM, CRISC, CCSK , Marius Mocanu, CISSP, CISM, CEH, SCF, Dorian Birsan Last update: August 3rd, 2020 Azure AD Identity Protection (AAIP) is another piece of the Microsoft M365 security stack puzzle, extending the detection of threats related to identities. It provides ability to enforce policies, […]

Read More
Azure AD Identity Protection Design
May 24, 2020

Microsoft Defender Advanced Threat Protection (ATP) Design

Defender ATP is one of the stars of Microsoft’s security stack, with a meteoric rise in Gartner’s Magic Quadrant for endpoint protection. With 6 layers of protection geared towards specific requirements of the modern EDR, it takes advantage of the complementary Microsoft security services, such as Microsoft Cloud App Security, Azure ATP, Azure Information Protection, […]

Read More
Microsoft Defender Advanced Threat Protection (ATP) Design
May 10, 2020

Azure Advanced Threat Protection (ATP) Design

Azure Advanced Threat Protection (ATP) is probably a bit misunderstood as its main purpose is to identify threats in the traditional on-premises Active Directory with the help of multiple sources of information from other security controls that have visibility into various streams of data. It combines information collected from critical Windows event logs, network traffic […]

Read More
Azure Advanced Threat Protection (ATP) Design
May 10, 2020

Azure Sentinel Incidents & KPI Dashboards

Since its release in preview mode in February 2019, Azure Sentinel has provided the Incidents blade in its portal as a platform to monitor and manage the situation when the configured use cases (alerts) are triggered. As the product evolved in bounds and leaps, the Incidents features has become more mature and now, combined with […]

Read More
Azure Sentinel Incidents & KPI Dashboards
May 3, 2020

Microsoft Cloud App Security Design

Microsoft Cloud App Security (MCAS) has been rated as the number 1 leader CASB product in Gartner’s Magic Quadrant in 2019. As part of Microsoft’s cloud security stack, it provides full integration with other M365 security products, such as ATP, Security Center, Defender ATP and Azure Sentinel. It provides deep visibility and control of SaaS-related […]

Read More
Microsoft Cloud App Security Design
Apr 27, 2020

Azure Windows Virtual Desktop Security Monitoring

Azure Windows Virtual Desktop (WVD) environment provides desktop and application virtualization, allowing connections from almost any kind of device to either a fully functional Windows 10 desktop or to an application virtualized on a Windows 10 VM. While providing great flexibility, it introduces additional components that require monitoring from a security perspective. Fortunately, the Azure […]

Read More
Azure Windows Virtual Desktop Security Monitoring
Jul 19, 2019

Mapping of On-Premises Security Controls vs Major Cloud Providers

A mapping at the very high level of on-premises security controls to native cloud services that can be used to replicate their specific role. As the cloud services tend to be more granular and overlapping in functionality, the mapping is at best approximate but it may bring some extra awareness on the options available in […]

Read More
Mapping of On-Premises Security Controls vs Major Cloud Providers
Jul 17, 2019

Azure Security Center Components and Relations with Other Services

One of the most common questions that we are receiving about Azure Sentinel is about its functionality compared with Azure Security Center. The diagram below is an attempt to describe the various components of Azure Security Center, its relation with other Azure services, including Azure Sentinel as well as the interaction with non-Azure services and […]

Read More
Azure Security Center Components and Relations with Other Services
Jun 19, 2019

Azure Cloud Security Stack vs. NIST Cybersecurity Framework

In May 2019, Managed Sentinel released a diagram presenting a mapping of Azure Security services vs on-premises security controls. The cybersecurity community expressed an interest in having the same security controls mapped against the NIST Cybersecurity Framework functions: Identify, Detect, Protect, Respond and Recover. The diagram below provides a high-level view of how various Azure […]

Read More
Azure Cloud Security Stack vs. NIST Cybersecurity Framework
May 28, 2019

On-Premises vs. Azure Cloud Security Stack

In February 2019, Managed Sentinel released a diagram presenting a mapping of on-premises security controls vs. services offered by major cloud services providers. The following diagram follows a similar pattern, focused just on Azure security technologies and including additional information such as free vs. billable Azure services, availability of the 3rd party tools within Azure Marketplace and […]

Read More
On-Premises vs. Azure Cloud Security Stack
Page 1 of 1
Back to top
Close