Azure Security Center

Do you have an idea or suggestion based on your experience with Azure Security Center? We would love to hear it! Please take a few minutes to submit your ideas or vote up an idea submitted by another customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Security Center. Remember that this site is only for feature suggestions and ideas!

For further reading on Azure Security Center, see our documentation. For general discussion, use our discussion forum. For technical support, take advantage of these support options.

  1. Email alerts for security recommendations

    As a manager of a team using Azure, I want to track whether we are meeting security and compliance standards. Rather than having to regularly poll the security center, I want to be able to set up email alerts so that any time we are flagged e.g. with a new [high, medium] impact recommendation I am aware.

    The monitoring/alert/alert-rule/security recommendation functionality looks like it ought to do what I want - however it doesn't work and I've just been told on the forum that this indeed is not possible today.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Just in Time Access doesn't work with Azure Firewall and VNet peering

    Just in Time Access doesn't work when using VNet peering and all the traffic is routed to Azure Firewall in peered VNet. I have to manually add Dnat rule for this to work.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. JIT support for AKS

    Kubernetes is going big in industry and with our own offering of AKS we are also betting big on it. But from privacy practices point of view, we do not have JIT support for it. This blocks us from using AKS in core microsoft product where JIT is must.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. can i enable azure security center policy to a singe VM in my subscription out of 10 VM's

    can i enable azure security center policy to a singe VM in my subscription out of 10 VM's

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. JIT for more than virtual machines

    We want to use JIT to access other resources on demand, like an Azure SQL database for example. One way might be to allow the creation of arbitrary NSG rules that can be enabled/disabled when a user requests JIT access.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Enable to use Workspace across Tenant

    Customer request:
    One large company may have multiple tenants, and there may be scenarios where log data is collected from multi-cloud environments such as Azure, On-Premiss, and AWS and monitored using Azure analysis tools.

    ## The following article says that 'Cross-subscription workspace selection' is possible, but in fact it seems to have a prerequisite of 'in one Tenant'.
    https://docs.microsoft.com/en-us/azure/security-center/security-center-enable-data-collection#cross-subscription-workspace-selection

    4 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Add DISA STIG to compliance options Azure Security Center

    Would be nice to have a option to choose DISA STIG for the Regulatory Compliance within Azure Security Center as well as the others that are already available.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Configuring Alerts for Azure Service Fabric certificate expiration

    It is possible to send notifications about Azure Web App certificates expiration using Azure Runbooks. But there is no possibility to trace certificates expiration configured in Service Fabric and other Azure Services. It's good to have a runbook for this or any other solutions would be fine.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. create built-in policy to prevent movement of subscriptions

    create built-in policy to prevent movement of subscriptions between azure ad tenants

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Tai day

    Tran Thanh Cam on

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. specify additional client info in automatic notifications about potential security threats

    if the client accessing the resource is running on Azure, it should be possible for the notification to include more information about it, making it easier to understand the nature of the potential threat (or conclude that it isn't a threat)

    example: I recently got a notification about access to a publicly readable azure storage container (from an azure VM in my subscription). the notification could have told me the name of the VM and perhaps more properties of it as it is an azure resource in a subscription owned by me.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Add ability to configure Security Center to apply Default Policies to Management groups

    Today Security Center applies default Azure Policy at a subscription level. Would like to see this configurable that default policy assignment could be assigned to Management Groups instead of each subscription.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Please provide the mapping matrix regarding Azure Security Center - Regulatory compliance

    Please provide mapping matrix(.xlsx or .pdf) so we can know the Regulatory compliance clearly

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Allow VOIP #'s for sign up and security checks.

    Setting up our partnership w/ Azure was more difficult than any other partnership because the process did not allow the use of our VOIP # at work. Our entire company is using VOIP, like many others, so this hurdle is pretty archaic.

    We all believe in security, but please consider using modern means such as work email addresses, etc.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Is it possible to connect azure sentinel for multiple azure ad tenants, so we can control and audit a different directory, which is not unde

    Is it possible to connect azure sentinel for multiple azure ad tenants, so we can control and audit a different directory, which is not under the tenanted generated by sentinel workspace ?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Include FTP state recommendation for app services

    We would like to see FTP state (Configuration->General settings->Platform settings->FTP state) recommendation to not allow all

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. resources.azure.com does not show microsoft.security provider

    Please add support to resources.azure.com for Microsoft.Security provider. Currently it does not show this provider at all.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow user to modify the default security policy applied to a subscription

    Please allow user to modify the default security policy applied to a subscription when the subscription has Azure security center enabled.
    Currently if user would like to disable a policy company-wide, they have to apply the security policy to management group, and modify/delete the default policies on each subscription.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Feedback regarding Azure Policy and Azure Security Center

    Hi Team,

    We found that if we remove the Azure Policy: [Preview]: Deploy Log Analytics Agent for Windows VMs, the installed agent will not be removed.

    Ask fo help:

    Can we add the logic that when we remove the Azure Policy, the platform will also ask you whether the corresponding configurations need to be removed.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4 5 9 10
  • Don't see your idea?

Azure Security Center

Categories

Feedback and Knowledge Base