Azure Security Center

Do you have an idea or suggestion based on your experience with Azure Security Center? We would love to hear it! Please take a few minutes to submit your ideas or vote up an idea submitted by another customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Security Center. Remember that this site is only for feature suggestions and ideas!

For further reading on Azure Security Center, see our documentation. For general discussion, use our discussion forum. For technical support, take advantage of these support options.

How can we improve Microsoft Azure Security Center?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  1. Conditional Access Policy and Named Location with date ranges

    We have employees temporarily traveling to countries that we otherwise want to block, because we are experiencing hacker attacks from e.g. China and Russia. It would be really helpful if we could enable a policy or named location that allows e.g. India for just a week or the period the person is traveling.

    13 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Azure policy effects like deny, append... only work on newly created resources/resource groups

    Currently Azure policy effects like deny, append etc only gets applied to newly created resources/ resource groups not on to existing ones. This is a design limitation at this moment. It would be really helpful if we can bring this feature to existing resources also.

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  3. Azure policy does not support audit effect if we give nsg's destinating port range as a range

    Currently Azure policy doesn't have a feature which will audit if we give destination port ranges as a range.We can only audit for a single value but not for ranges. It will be very useful, if we can bring this feature soon.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Show the result of updating Definition and scanning

    Show the result of Definition updating and scanning

    We desire the additinoal function on Azure Security Center:
    - Showing the result of Definition updates for Windows Defender
    - Showing the result of scanning for virus

    Azure Security Center shows only malware protection is installed or not.
    Whether the "Definition is up-to-date" or "Scan is correct working" can only be seen directly from the OS.
    Even if we use Update Manament, but we can not see it in a centralized way.

    For example, it is very useful if there is a portal that can centrally manage the definition version of VM…

    12 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Feedback regarding Azure Policy and Azure Security Center

    Hi Team,

    We found that if we remove the Azure Policy: [Preview]: Deploy Log Analytics Agent for Windows VMs, the installed agent will not be removed.

    Ask fo help:

    Can we add the logic that when we remove the Azure Policy, the platform will also ask you whether the corresponding configurations need to be removed.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. JIT administration should be included in the Free Tier of Security Center

    JIT administration should be included in the Free Tier.

    For someone just wanting to use JIT but not the other features of the Standard tier of Security Center, it's way too cost prohibitive to upgrade to standard just for this.

    JIT should be more of a feature included with the Azure Portal as part of management features and not bundled in with Security Center (or, included in the free tier)

    7 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Create a builtin policy to deployIfNotExists ASC

    As an enterprise cloud custodian team, we want to ensure that ASC Standard is enabled on all subscriptions with auto provisioning to all VMs and collection to a centralized instance of Log Analytics so that our SecOps team has complete visibility into all resources in all subscriptions in the tenant.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Show security score changes over time

    It would be great to view the security score metric over time. Allowing us to report back that is security is continuously improving within Azure.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Email Notifications for All Security Alerts in Security Centre

    Currently we only have the option to receive email notifications for High Severity Alerts in Azure Security Centre. It would be good to have the option to receive email notifications for alerts of all severities. This would allow us to pro-actively deal with all security alerts rather than wait for them to show up on a screen.

    9 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Make tags blade dependent on Azure policy.

    Currently tag blade is independent of Azure policy. For example, at this moment we don't have a feature in Azure policy which will auto populate the tag name field by the tag names which you have predefined in the policy. User has to manually enter the tag names. It would be really helpful if we can make tags blade dependent on Azure policy.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Is it possible to use other compliance reporting like National cyber Security Center (NCSC)

    Is it possible to include other compliance regularity reporting like cyber Essentials+ & National cyber Security Center (NCSC) into Azure Security Center

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. CIS Azure Benchmark 1.1

    Dear Microsoft team,
    I love the fact that you have implemented CIS Benchmark controls in Azure Security Center and I would like to know if you have any ETA for adding additional controls related to CIS Azure Benchmark 1.1.

    CIS Azure Benchmark 1.1 version and contains a total of around 140 controls between Level 1 and 2 (there is already a Draft for version 1.2.).

    Thanks!

    Manuel

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Azure security center ARM template enable standard plan for all resources

    I can select the pricing tier in ARM template but that will just set pricing tier as standard and cover VMs. However, I would like have SQL servers and app services covered as well.
    What do I need to add to my my template?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. estoy conchrome doncoucegj@ en vez de jcouceg@gmail.com

    Al poner a cero el PC con mac sin el usb la 1ª vez Edge tomo las aplicaciones perdidas en el formateo de Chrome y no sé quien me ha puesto con ustedes y my nombre D.N.I. e identificación fiscal española:30.618.858-letra Q si coucegj@gmail.com, goravic782@outlook.com ó mi cuenta jcouceg@gmail.com

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Fine Grained, disabling / enabling security policies

    In a subscription, there can be storage accounts that currently cannot be configured with a firewall - example: storage accounts with audit logs of Azure SQL.
    It would be good if Security Center, as default, monitored all objects in a subscription, but it should be possible to disable individual objects from the monitoring.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure policy exclude Identity not just subscription/Resource group

    Currently when assigning a policy w can exclude Management Group / Subscription or a Resource Group. Is it possible to add User principal to the list.
    Use case, sometime operator or Security compliance office would need to update an out of compliance resource. when the Resource is out of compliance, write will fail due to deny policy, an exclude for a principal / Group ID would Come in handy

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Extended configuration for AntiMalware VM extension

    AntiMalware VM extension has only few parameter.
    Should be great to be able scheduling update signature with parameters :
    SignatureScheduleDay
    SignatureScheduleTime
    SignatureUpdateInterval

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. chrome....

    I don't want to ...

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. filter

    Add custom filter to choose Subscription name / Resource Group

    example :

    Threat protection --> Security Alerts over Time -->
    High Severity --> Resource group name , Subscription name

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Base OS security configurations upon an open standard

    The documentation on OS security configurations in Azure Security Center states that it supports Windows Server up to version 2016. However, it is based upon a standard that supports up to version 2008 (the Azure Security Center documentation states it was based upon over "150 recommended rules" which in turn are based upon NIST's Common Configuration Enumeration which does not support beyond 2008). How does this work? Is the Windows Server 2016 support based upon a public standard or not?

    It would be nice if Azure Security Center OS security was based upon a standard like STIG or CIS, which…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 8 9
  • Don't see your idea?

Azure Security Center

Feedback and Knowledge Base