7 Security monitoring for Azure resources: Microsoft Defender for Cloud plans
This chapter covers
- Cloud workload protection
- Microsoft Defender for Cloud plans
- Security alerts
- Workflow automation
- Exporting data
- Workbooks
As you learned in chapter 6, having good security hygiene can help avoid breaches by practicing and applying security best-practices that keep your Azure resources secured and protected. It’s important to adhere to compliance control frameworks and remediate security issues found in recommendations, but there is more to it. After security issues have been remediated it’s equally important to monitor your Azure environment for potentially suspicious activities and signs of compromise. With the amount of Azure resources being deployed in your environment increasing both in numbers and resource types, it can be challenging to employ the right security monitoring capabilities for the right resource type. As you can imagine monitoring VMs differs from monitoring containerized applications (like Kubernetes).
Note
To follow along the exercises in this chapter, you can use the GitHub repository (https://github.com/bmagusic/azure-security).