Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

Azure Security Center

Do you have an idea or suggestion based on your experience with Azure Security Center? We would love to hear it! Please take a few minutes to submit your ideas or vote up an idea submitted by another customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Security Center. Remember that this site is only for feature suggestions and ideas!

For further reading on Azure Security Center, see our documentation. For general discussion, use our discussion forum. For technical support, take advantage of these support options.

  1. Support other Antivirus products in Malware Assessment

    I added the Malware Assessment Intelligence Pack today, and it seems to be listing all of my servers as not having any real time AV protection. The servers in question are running Symantec Endpoint Protection. I looked in the description of the intelligence pack to see what AV products it works with, but didn't find that info.

    [Edited during forum migration: comments/responses in the old forum included Symantec and Sophos]

    283 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  112 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. Export to CSV

    Interested in generating reports on recommendations or security alerts in Security Center? If you could export this data to a CSV, you could create your own reports in Excel or PowerBI to share with others within in organization. Vote for this idea if you would export Security Center data to a CSV.

    122 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    60 comments  ·  Flag idea as inappropriate…  ·  Admin →

    To update on this, ASC now has a capability to export it’s findings (alerts/recommendations) to CSV as well as to Log Analytics and Events Hub.

    thanks,
    Gilad Elyashar, head of product, Azure Security Center

  3. Combine OMS and Azure Security Center

    Now we have 2 different solutions in Azure... OMS and Azure Security Center. Both looks not bad, but paying twice - it's not the best business approach. Also it's looks like duplication(I know the difference, but it's still very close to each other)

    I think we(Microsoft) can create Solution in OMS that will consume security info from Security Center.

    43 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  6 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. File and Folder Audit

    It would be really appreciated, if Microsoft would create a "File and Folder audit" Intelligent Solution Pack for monitoring/auditing users access to files and folders like the capabilities provided by System Center Operations Manager Audit Collection Services.

    We would like to see the same insights in this "File and Folder" solution pack as you provide with the Office 365 Solution Pack.


    • File Access

    • File Change

    • File Delete

    • File Create

    • File Permission Change

    • Folder Access

    • Folder Delete

    • Folder Change

    • Folder Permission Change

    • Folder Create

    • etc.

    Features:
    - The visual overview should provide the same capabilities as SCOM ACS reports for file…

    42 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    8 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add support for Virtual Machine Scale Sets

    We use VM scale sets when provisioning our environment in Azure. These scale set VMs are not supported by Azure Security Center. Please consider adding support for VM scale sets.

    37 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  6 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Map security recommendations to NIST CCE's / NIST 800-53 controls

    Map security setting recommendations to standards bodies such as NIST 800-53 controls so this solution can be offered inside Federal Cloud scenarios.

    Provide traceability down to the CCE level and an automated way to EASILY import the data into IT-GRC dashboards, or alternatively build an IT-GRC solution and link the data to it.

    33 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Does Security center playbook can be triggered automatically when any alert get fired?

    I have explored security center playbook , but found that we need to trigger it manually. It will be great if we can map certain alert with playbook and when that alert is fired our playbook will be triggered automatically.

    26 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Suppressing Individual alerts in Security Center

    Currently there is no way to suppress or make a alert silent for a particular time frame or permanently. This is one thing which will really help if implemented. At times security center keeps throwing alert for a process which you know is not malicious but have no way to stop Security Center send email alerts repeatedly for the same thing.
    There should be a way to either stop or suppress, individual alerts so that one can focus on other alerts and take action on them instead of thinking it is the same alert and no action is required

    24 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  5 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Support for all PaaS offerings

    App Services, API Management, Data Lake, HDInsight, Storage Accounts, Azure Redis, Load Balancer, AAD, etc... Aggregate all logs. Make them available to 3rd party SIEM options too.

    22 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →

    ASC has secure score recommendations across almost all Azure Services and in addition has unique threat detection modules for VMs, App Services, Azure SQL, Storage, AKS, AKV

    thanks,
    Gilad Elyashar, head of product, Azure Security Center

  10. Add support fro cross-tenant with Azure Security Center

    We have more and more customers, where dedicating a hub tenant with cross security ressources (centralized WAF, OMS, ...). But with ASC, we are unable to add subscription in different tenants at this time, it could be really useful. Thanks

    15 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Azure Security Center should monitor which NSG rules are used

    ASC should provide recommendation for which NSG rules that needs to be reviewed, if they are not used for a long time.

    This would be great

    12 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    ASC’s Adaptive Network Hardening feature does just that. It continuously monitors your network coming from the internet and runs it through a model that help to harden over-permissive NSG rules.

    thanks,
    Gilad Elyashar, head of product, Azure Security Center

  12. ASC SecureScore available through Graph API or ASC Rest API

    Would like to have the ASC SecoreScore available through Graph or ASC Rest API's.
    This is to show them on our dashboard and have more attention on the score.

    11 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    4 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Email Notifications for All Security Alerts in Security Centre

    Currently we only have the option to receive email notifications for High Severity Alerts in Azure Security Centre. It would be good to have the option to receive email notifications for alerts of all severities. This would allow us to pro-actively deal with all security alerts rather than wait for them to show up on a screen.

    10 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    completed  ·  6 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Create a builtin policy to deployIfNotExists ASC

    As an enterprise cloud custodian team, we want to ensure that ASC Standard is enabled on all subscriptions with auto provisioning to all VMs and collection to a centralized instance of Log Analytics so that our SecOps team has complete visibility into all resources in all subscriptions in the tenant.

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Email Notifications

    We’ve heard from some users that they want to receive email notifications when a new security alert is created by Security Center. What do you think? Do you want to receive an email when a new high severity alert is created? If so, vote for this idea, and complete this online survey (https://www.surveymonkey.com/r/securityalerts) to tell us more about your notification preferences.

    8 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Enable the ability to switch storage accounts.

    I deleted the storage account Security Center originally pointed to and I am unable to point it elsewhere. Currently Security Center is broken.

    5 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Include Nessus agent as a solution for Vulnerability Assessment in ASC

    ASC recommends "Install a vulnerability assessment solution on your VM" even though we have the latest Nessus agent installed on our Linux VMs.

    2 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for your feedback,
    At Ignite 2019, ASC announced a partner program enabling customers to push findings from their partner solutions into ASC and have them show up as recommendations in secure score.

    Tenable was one of the partners already available for such integration. If you’re using their VA solution I suggest you – (a) connect it using the above mentioned integration and see the findings in ASC and (b) turn OFF the ASC VA recommendation so that you will not be flagged for it.

    thanks,
    Gilad Elyashar, head of product, Azure Security Center

  18. ASC is not showing old Alerts and Incidents

    We have noticed the ASC is not showing old(last 1 week ) alerts and incident

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    thanks for your feedbacks,
    ASC shows in its UX alerts from the last 21 days and via the API we provide all alerts in the past 90 days (with paging).
    In addition, ASC support capability to export all your alerts to Log Analytics (or to your SIEM) enabling you to store them for as long as you need.

    thanks, Gilad Elyashar, head of product, Azure Security Center

  19. For all alerts like Metrics, OMS... there is one option to automate like automation account and Runbook. like that please enable in ASC too

    For all alerts like Metrics, OMS... there is one option automate like automation account and Runbook. like that please enable in ASC too.

    For all alerts like Metrics, OMS... there is one option to automate like automation account and Runbook. like that please enable in ASC too.
    We have to to automate with service now. A ticket have to be created when ASC trigger any alerts. we need some automation feature to do the same?

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    thanks for your feedback,

    ASC provides a capability to set automated workflows that trigger Logic Apps playbooks from alerts/recommendations. These can be used to trigger any organizational workflow including creating ServiceNow tickets.

    thanks,
    Gilad Elyashar, head of product, Azure Security Center

  20. An audit trail for all interactions with azure performed via web console or API

    Log all API calls (success and failure) to create an audit trail (or CloudTrail if you will...) for changes to an Azure subscription. Then some ability to trigger notifications or actions based on logged events

    1 vote

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Azure Security Center

Categories

Feedback and Knowledge Base