New services in Azure Government to enhance your security posture
Azure Gov Team
Azure Government continues to invest in delivering new cloud capabilities to government customers at a rapid pace. Over the next few weeks, we’ll highlight a wide range of new services along with how-to resources to help you accelerate modernization initiatives.
On the security side, we’ve recently added several new services to give you greater choice and help you optimize the security of your digital estate. We’ll continue to bring new capabilities into Azure Government in the coming months; in line with our ongoing commitment to deliver the most secure and compliant cloud for the needs of government customers.
New security services available in Azure Government include Azure Advanced Threat Protection, Microsoft Cloud App Security, Azure Web Application Firewall and Azure IoT security.
Azure Advanced Threat Protection
Azure Advanced Threat Protection (ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
Azure ATP enables SecOp analysts and security professionals struggling to detect advanced attacks in hybrid environments to:
- Monitor users, entity behavior, and activities with learning-based analytics
- Protect user identities and credentials stored in Active Directory
- Identify and investigate suspicious user activities and advanced attacks throughout the kill chain
- Provide clear incident information on a simple timeline for fast triage
How it works
Azure ATP sensors are installed on your domain controllers to access required event logs. These logs are parsed and sent to Azure ATP cloud service for action.
- Azure ATP product page
- Azure ATP for US Government
- Azure ATP 5-minute quick-start tutorials and documentation
Microsoft Cloud App Security
Microsoft Cloud App Security helps you elevate your security posture with enhanced visibility of your cloud environment and integration with Azure ATP. Cloud App Security is a multimode Cloud Access Security Broker (CASB). It provides rich visibility, control over data travel and sophisticated analytics to combat threats across all your cloud services.
Accessing Azure ATP using the Microsoft Cloud App Security portal provides capabilities to detect and alert on sensitive data exfiltration while creating actionable policies. This hybrid offering analyzes activity based on User and Entity Behavior Analytics (UEBA) to determine risky behaviors while providing investigation priority scoring to streamline incident response.
How it works
Cloud app security helps map and identify resources in all of your cloud environments providing enhanced management over settings, policy and potentially rogue applications.
Cloud App Security resources
- Microsoft Cloud App Security documentation
- Cloud App Security proof of concept guide
- Cloud App Security e-book
Azure Web Application Firewall
Azure Web Application Firewall helps protect web apps from malicious attacks and common web vulnerabilities, such as SQL injection and cross-site scripting. The Azure Web Application Firewall (WAF) is a cloud service that deploys in minutes and you only pay for what you use.
How it works
Centralized management of Web Application Firewalls expedite threat response, management and web application defense.
- Web Application Firewall documentation
- Web Application Firewall on Azure Application Gateway
- Web Application Firewall on Azure Front Door Service
Azure IoT security
Unblock IoT innovation with confidence with Azure IoT security. Azure IoT is built for security. Simplify the complexity of your IoT security solution with built-in protection at each stage of your deployment (including your cloud services and devices) and minimize security weaknesses wherever they exist. Stay ahead of risks with intelligent monitoring tools built with powerful AI.
IoT Security Resources
To learn more about ways to enhance your security posture, check out these additional resources:
- How to setup a secure environment on Azure Government – part 1
- How to setup a secure environment on Azure Government – part 2
- Azure Security Center – Azure Government meetup presentation
- Government cybersecurity in the era of cloud – Azure Government meetup panel
Zero Trust with Microsoft Azure blog series
- Implementing Zero Trust with Microsoft Azure: Identity and Access Management (1 of 6)
- Protecting Cloud Workloads for Zero Trust with Azure Security Center (2 of 6)
- Monitoring Cloud Security for Zero Trust with Azure Sentinel (3 of 6)
- Enforcing Policy for Zero Trust with Azure Policy (4 of 6)
- Insider Threat Monitoring for Zero Trust with Microsoft Azure (5 of 6)
- Supply Chain Risk Management for Zero Trust with Microsoft Azure (6 of 6)