Azure Security Center

Do you have an idea or suggestion based on your experience with Azure Security Center? We would love to hear it! Please take a few minutes to submit your ideas or vote up an idea submitted by another customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Security Center. Remember that this site is only for feature suggestions and ideas!

For further reading on Azure Security Center, see our documentation. For general discussion, use our discussion forum. For technical support, take advantage of these support options.

  1. Add an option to hide deallocated VMs from recommendations

    For example, a deallocated VM without endpoint protection is not an issue... until is is live again.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. See All Subscriptions Capability in Security Centre

    We have multiple departments with subscriptions and our own subscriptions managing key vaults. Our Security staff need sight of all subscriptions in one place. This could be with the addition of Global Security Admin role which was automatically assigned security admin role in all subscriptions created from the AD. This can be done now with global admin but not security admin it seems.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Please combine OMS Security and Audit Solution and Azure Security Center under a single dashboard.

    Please combine a complete security posture of an environment in one single Dashboard. This will help customers and partners to position and recommend security solution in more effective way.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Type of protection computer count

    The Type of Protection graph shows: 3 total "Computers with antimalware protection". This workspace only has 2 computers connected. I believe that the total should not count twice a computer that has 2 forms of antimalware protection.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Customize out-of-the-box querys for a solution

    Make it possible to change the Queries for a solution such as the malware assessment, where the Blade "Computers with detected threats" continues to show that there are active threats even though the threat have been remove. The reason is that the Query shows events for the last one day which may not be relevant if the events have be handled.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. API to retrieve the scores like the MS Secure Score!

    We are already pulling the MS Secure Score from (MS Graph API). The same is needed for Azure. I am surprised that it isn't already available.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Azure Security Centre Recommendations - Show estimated costs

    Azure Security Centre Recommendations - Show estimated costs.
    Azure Security Centre shows recommendations of actions to take to enhance the security of an environment.

    While this is a great feature, I find it difficult today to at least Estimate the cost implications of the recommendations.
    This is to the point that recommendations that may have low or no cost implication may not be implemented due to concerns around costs.

    There appears to be no way currently to calculate estimates of cost increase for a tenant. Azure cost calculator is insufficient for this, and estimates of $ value per GB is…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Manage false positives with custom rules/exceptions

    We get a lot of false positivies in security center, it would be useful to be able to add in exceptions to stop these from triggering alerts to stop the noise so we can focus on the legitimate alerts.

    For example, we would like to be able to define a rule that whitelists users in our active directory AND logging in from a trusted location.

    Other customiseable rules would also be useful to allow people to better tailor the alerting security center provides.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Documentation of Advanced Threat Protection alerts can be improved

    Documentation can be much clear.
    https://docs.microsoft.com/en-us/azure/sql-database/sql-database-threat-detection-overview

    User should understand Advanced Threat Protection alerts types as in screenshot wrt what is provided in above link like if I uncheck any alert type in screenshot, I would like to understand what kind of alerts mentioned in the link would not come to us. It should show difference between “Data exfiltration” and “Unsafe action” and how is “Unsafe action” differ from “Anomalous Client login” and how that is referred in link.
    The document should also have sample of each email alert triggered to users and it should be inline to the alert type…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Provide ALL information about alerts in the export/download csv feature, including source IP address and user details

    Currently the download CSV feature in security alerts only provides a very limited set of information. To obtain more information on the alerts you need to click into a specific alert and then into a specific occurrence. This is a very manual process. It would be much more useful to be able to export this granular information about all the alerts at once.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Qualys agent installation at the management group level vs. subscription level.

    Qualys agents can be setup to be auto installed at the subscription level. Since management groups help govern groupings of subscriptions, would like to see Qualys agent auto installation available at the management group level as well.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Regulatory Compliance Frameworks

    I would encourage the need to remove a compliance framework in the event one is not applicable to an organization. Though they can be helpful when applying security standards, some personnel may see that those frameworks aren't being adhered to and may force unnecessary security controls upon their employees.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Just in Time Access doesn't work with Azure Firewall and VNet peering

    Just in Time Access doesn't work when using VNet peering and all the traffic is routed to Azure Firewall in peered VNet. I have to manually add Dnat rule for this to work.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Please provide the mapping matrix regarding Azure Security Center - Regulatory compliance

    Please provide mapping matrix(.xlsx or .pdf) so we can know the Regulatory compliance clearly

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Include FTP state recommendation for app services

    We would like to see FTP state (Configuration->General settings->Platform settings->FTP state) recommendation to not allow all

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Feedback regarding Azure Policy and Azure Security Center

    Hi Team,

    We found that if we remove the Azure Policy: [Preview]: Deploy Log Analytics Agent for Windows VMs, the installed agent will not be removed.

    Ask fo help:

    Can we add the logic that when we remove the Azure Policy, the platform will also ask you whether the corresponding configurations need to be removed.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Adaptive application control - configure user of manually added whitelisted paths

    It is possible to white list new paths in AAC - but these manually entered paths are available to Everyone.
    When adding new paths to be whitelisted, please add an option to be able to configure the users - so Everyone, Root, or users that AAC has detected on the specific VM. Granting permissions to AAD groups would even be better.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Azure Policy - Monitor a drop in compliance %

    We are using Azure Policy initiates, and defined per security principle
    a subset of policies which are relevant for this principle. With a management group we have
    assigned the initiative to all our subscriptions, this makes it very easy to view the compliance.

    We are now using the Azure Policy blade to view the compliance, however, it would be very useful
    if we can monitor the compliance percentage, and get an alert once the percentage drops to a certain
    value, or percentage.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to up-vote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  19. 2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Base OS security configurations upon an open standard

    The documentation on OS security configurations in Azure Security Center states that it supports Windows Server up to version 2016. However, it is based upon a standard that supports up to version 2008 (the Azure Security Center documentation states it was based upon over "150 recommended rules" which in turn are based upon NIST's Common Configuration Enumeration which does not support beyond 2008). How does this work? Is the Windows Server 2016 support based upon a public standard or not?

    It would be nice if Azure Security Center OS security was based upon a standard like STIG or CIS, which…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Azure Security Center

Categories

Feedback and Knowledge Base