Azure Security Center

Do you have an idea or suggestion based on your experience with Azure Security Center? We would love to hear it! Please take a few minutes to submit your ideas or vote up an idea submitted by another customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Security Center. Remember that this site is only for feature suggestions and ideas!

For further reading on Azure Security Center, see our documentation. For general discussion, use our discussion forum. For technical support, take advantage of these support options.

  1. Conditional Access Policy and Named Location with date ranges

    We have employees temporarily traveling to countries that we otherwise want to block, because we are experiencing hacker attacks from e.g. China and Russia. It would be really helpful if we could enable a policy or named location that allows e.g. India for just a week or the period the person is traveling.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Enable to use Workspace across Tenant

    Customer request:
    One large company may have multiple tenants, and there may be scenarios where log data is collected from multi-cloud environments such as Azure, On-Premiss, and AWS and monitored using Azure analysis tools.

    ## The following article says that 'Cross-subscription workspace selection' is possible, but in fact it seems to have a prerequisite of 'in one Tenant'.
    https://docs.microsoft.com/en-us/azure/security-center/security-center-enable-data-collection#cross-subscription-workspace-selection

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Show the result of updating Definition and scanning

    Show the result of Definition updating and scanning

    We desire the additinoal function on Azure Security Center:
    - Showing the result of Definition updates for Windows Defender
    - Showing the result of scanning for virus

    Azure Security Center shows only malware protection is installed or not.
    Whether the "Definition is up-to-date" or "Scan is correct working" can only be seen directly from the OS.
    Even if we use Update Manament, but we can not see it in a centralized way.

    For example, it is very useful if there is a portal that can centrally manage the definition version of VM…

    13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add DISA STIG to compliance options Azure Security Center

    Would be nice to have a option to choose DISA STIG for the Regulatory Compliance within Azure Security Center as well as the others that are already available.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Azure policy effects like deny, append... only work on newly created resources/resource groups

    Currently Azure policy effects like deny, append etc only gets applied to newly created resources/ resource groups not on to existing ones. This is a design limitation at this moment. It would be really helpful if we can bring this feature to existing resources also.

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Feedback regarding Azure Policy and Azure Security Center

    Hi Team,

    We found that if we remove the Azure Policy: [Preview]: Deploy Log Analytics Agent for Windows VMs, the installed agent will not be removed.

    Ask fo help:

    Can we add the logic that when we remove the Azure Policy, the platform will also ask you whether the corresponding configurations need to be removed.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Azure policy does not support audit effect if we give nsg's destinating port range as a range

    Currently Azure policy doesn't have a feature which will audit if we give destination port ranges as a range.We can only audit for a single value but not for ranges. It will be very useful, if we can bring this feature soon.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Please provide the mapping matrix regarding Azure Security Center - Regulatory compliance

    Please provide mapping matrix(.xlsx or .pdf) so we can know the Regulatory compliance clearly

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Show security score changes over time

    It would be great to view the security score metric over time. Allowing us to report back that is security is continuously improving within Azure.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  10. JIT administration should be included in the Free Tier of Security Center

    JIT administration should be included in the Free Tier.

    For someone just wanting to use JIT but not the other features of the Standard tier of Security Center, it's way too cost prohibitive to upgrade to standard just for this.

    JIT should be more of a feature included with the Azure Portal as part of management features and not bundled in with Security Center (or, included in the free tier)

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Tai day

    Tran Thanh Cam on

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. Add ability to configure Security Center to apply Default Policies to Management groups

    Today Security Center applies default Azure Policy at a subscription level. Would like to see this configurable that default policy assignment could be assigned to Management Groups instead of each subscription.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  13. Create a builtin policy to deployIfNotExists ASC

    As an enterprise cloud custodian team, we want to ensure that ASC Standard is enabled on all subscriptions with auto provisioning to all VMs and collection to a centralized instance of Log Analytics so that our SecOps team has complete visibility into all resources in all subscriptions in the tenant.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Is it possible to connect azure sentinel for multiple azure ad tenants, so we can control and audit a different directory, which is not unde

    Is it possible to connect azure sentinel for multiple azure ad tenants, so we can control and audit a different directory, which is not under the tenanted generated by sentinel workspace ?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Email Notifications for All Security Alerts in Security Centre

    Currently we only have the option to receive email notifications for High Severity Alerts in Azure Security Centre. It would be good to have the option to receive email notifications for alerts of all severities. This would allow us to pro-actively deal with all security alerts rather than wait for them to show up on a screen.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Email alerts for security recommendations

    As a manager of a team using Azure, I want to track whether we are meeting security and compliance standards. Rather than having to regularly poll the security center, I want to be able to set up email alerts so that any time we are flagged e.g. with a new [high, medium] impact recommendation I am aware.

    The monitoring/alert/alert-rule/security recommendation functionality looks like it ought to do what I want - however it doesn't work and I've just been told on the forum that this indeed is not possible today.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Make tags blade dependent on Azure policy.

    Currently tag blade is independent of Azure policy. For example, at this moment we don't have a feature in Azure policy which will auto populate the tag name field by the tag names which you have predefined in the policy. User has to manually enter the tag names. It would be really helpful if we can make tags blade dependent on Azure policy.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Include FTP state recommendation for app services

    We would like to see FTP state (Configuration->General settings->Platform settings->FTP state) recommendation to not allow all

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Just in Time Access doesn't work with Azure Firewall and VNet peering

    Just in Time Access doesn't work when using VNet peering and all the traffic is routed to Azure Firewall in peered VNet. I have to manually add Dnat rule for this to work.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. resources.azure.com does not show microsoft.security provider

    Please add support to resources.azure.com for Microsoft.Security provider. Currently it does not show this provider at all.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 9 10
  • Don't see your idea?

Azure Security Center

Categories

Feedback and Knowledge Base