Azure Security Center now provides you with several new capabilities to help you secure your containers. These updates include support for securing Linux containers, the CIS benchmark for Docker, and real time threat detection for containers.
We are excited to announce the general availability of Security Center’s Fileless Attack Detection. With Fileless Attack Detection, automated memory forensic techniques identify fileless attack toolkits, techniques, and behaviors. Fileless Attack Detection periodically scans your machine at runtime and extracts insights directly from the memory of security-critical processes.
Azure Security Center now includes these new features, available in public preview:
Security state of containers
Network visibility map
Information protection for Azure SQL Database
Threat detection for Azure Blob storage and Azure Database for PostgreSQL
Limited public preview features:
Adaptive network controls (NSG) and Regulatory compliance requirements monitoring.
The following capabilities are now generally available in Azure Security Center:
Threat detection for Linux, Azure App Service, Fileless Attack Detection
Alert confidence score
Integration with Windows Defender Advanced Threat Protection (ATP)
Pricing for resource groups can't be set from the Security Center UI any more. It can only be set via the pricing API.
We are pleased to share that your SQL Information Protection policy can now be centrally managed for your entire tenant within Azure Security Center. SQL Information Protection is an advanced security capability for discovering, classifying, labeling, and protecting sensitive data in your Azure data resources. With central policy management you can now define a customized classification and labeling policy that will be applied across all databases on your tenant.
Azure Security Center Secure Score, which provides visibility and recommendations to improve your security posture for Azure resources, is now available in preview. The single score will help you to better understand what you can do to reduce your risk. Additionally, we're extending threat protection to new IaaS and PaaS services like Azure Storage, Azure Postgre SQL, and containers on Linux virtual machines. With the preview information protection capabilities for Azure SQL you can classify, label, and protect sensitive information.