Azure Security
Microsoft Azure security architecture and services
Azure Security encompasses the services, features, and best practices for securing workloads and data in Microsoft Azure cloud environments.
Core Security Services
- Azure Active Directory (Entra ID) - Identity and access management
- Azure Key Vault - Secrets and key management
- Microsoft Defender for Cloud - Cloud security posture management
- Azure Policy - Governance and compliance
- Azure Blueprints - Environment templates with security controls
Security Monitoring & Detection
- Microsoft Sentinel - Cloud-native SIEM and SOAR
- Microsoft Defender for Cloud - Threat protection
- Azure Monitor - Logging and monitoring
- Azure Activity Log - Subscription-level events
- Azure Diagnostic Logs - Resource-level logging
Network Security
- Azure Virtual Network - Network isolation
- Network Security Groups (NSG) - Traffic filtering
- Azure Firewall - Managed network firewall
- Azure DDoS Protection - DDoS mitigation
- Azure Private Link - Private connectivity
- Azure Application Gateway/WAF - Web application firewall
Identity & Access
- Conditional Access policies
- Privileged Identity Management (PIM)
- Multi-Factor Authentication (MFA)
- Managed Identities
- Role-Based Access Control (RBAC)
- Azure AD B2B and B2C