Azure Security Center

Do you have an idea or suggestion based on your experience with Azure Security Center? We would love to hear it! Please take a few minutes to submit your ideas or vote up an idea submitted by another customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Security Center. Remember that this site is only for feature suggestions and ideas!

For further reading on Azure Security Center, see our documentation. For general discussion, use our discussion forum. For technical support, take advantage of these support options.

  1. Add an option to hide deallocated VMs from recommendations

    For example, a deallocated VM without endpoint protection is not an issue... until is is live again.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. See All Subscriptions Capability in Security Centre

    We have multiple departments with subscriptions and our own subscriptions managing key vaults. Our Security staff need sight of all subscriptions in one place. This could be with the addition of Global Security Admin role which was automatically assigned security admin role in all subscriptions created from the AD. This can be done now with global admin but not security admin it seems.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Please combine OMS Security and Audit Solution and Azure Security Center under a single dashboard.

    Please combine a complete security posture of an environment in one single Dashboard. This will help customers and partners to position and recommend security solution in more effective way.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Type of protection computer count

    The Type of Protection graph shows: 3 total "Computers with antimalware protection". This workspace only has 2 computers connected. I believe that the total should not count twice a computer that has 2 forms of antimalware protection.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Customize out-of-the-box querys for a solution

    Make it possible to change the Queries for a solution such as the malware assessment, where the Blade "Computers with detected threats" continues to show that there are active threats even though the threat have been remove. The reason is that the Query shows events for the last one day which may not be relevant if the events have be handled.

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Please provide the mapping matrix regarding Azure Security Center - Regulatory compliance

    Please provide mapping matrix(.xlsx or .pdf) so we can know the Regulatory compliance clearly

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  7. Include FTP state recommendation for app services

    We would like to see FTP state (Configuration->General settings->Platform settings->FTP state) recommendation to not allow all

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  8. Feedback regarding Azure Policy and Azure Security Center

    Hi Team,

    We found that if we remove the Azure Policy: [Preview]: Deploy Log Analytics Agent for Windows VMs, the installed agent will not be removed.

    Ask fo help:

    Can we add the logic that when we remove the Azure Policy, the platform will also ask you whether the corresponding configurations need to be removed.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Azure Policy - Monitor a drop in compliance %

    We are using Azure Policy initiates, and defined per security principle
    a subset of policies which are relevant for this principle. With a management group we have
    assigned the initiative to all our subscriptions, this makes it very easy to view the compliance.

    We are now using the Azure Policy blade to view the compliance, however, it would be very useful
    if we can monitor the compliance percentage, and get an alert once the percentage drops to a certain
    value, or percentage.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to up-vote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

  10. Base OS security configurations upon an open standard

    The documentation on OS security configurations in Azure Security Center states that it supports Windows Server up to version 2016. However, it is based upon a standard that supports up to version 2008 (the Azure Security Center documentation states it was based upon over "150 recommended rules" which in turn are based upon NIST's Common Configuration Enumeration which does not support beyond 2008). How does this work? Is the Windows Server 2016 support based upon a public standard or not?

    It would be nice if Azure Security Center OS security was based upon a standard like STIG or CIS, which…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Fine Grained, disabling / enabling security policies

    In a subscription, there can be storage accounts that currently cannot be configured with a firewall - example: storage accounts with audit logs of Azure SQL.
    It would be good if Security Center, as default, monitored all objects in a subscription, but it should be possible to disable individual objects from the monitoring.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  12. CIS Azure Benchmark 1.1

    Dear Microsoft team,
    I love the fact that you have implemented CIS Benchmark controls in Azure Security Center and I would like to know if you have any ETA for adding additional controls related to CIS Azure Benchmark 1.1.

    CIS Azure Benchmark 1.1 version and contains a total of around 140 controls between Level 1 and 2 (there is already a Draft for version 1.2.).

    Thanks!

    Manuel

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Update Remote Desktop Manager (RDCman) to support JIT

    RDCMan is one of my favorite tools. Having RDCMan support JIT would be incredible.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. Security Center recommendation that flags Inbound port rules that are open to the Internet with src of ANY

    A Security Center recommendation that flags Inbound port rules that are open to the Internet like ssh, etc., with a source IP of ANY that may pose a security risk.

    Right now the only way to see these risky rules is to look at the inbound rules foreach individual VM

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  15. Enable a button for dismiss “Disable unrestricted network access to storage account (Preview)”

    Shall we have a button for dismiss “Disable unrestricted network access to storage account (Preview)”.

    This recommendations shows as high severity in the Recommendations blade. This display is very annoying.

    A storage account is a global service that can be used publicly. The firewall feature is only required in VNET. Why do we have to enable the firewall in the suggestion? Can we lower the display level? Leaders will be very worried when they see this suggestion.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  16. Include the ability to search the network security recommendations in Log Analytics worspace

    Include the ability to search the network security recommendations in Log Analytics worspace, so that alerts can be generated from them and email notfications sent
    Example of recommendations:
    Enable Network Security Groups on subnets
    Enable Network Security Groups on virtual machines
    Restrict access through Internet facing endpoint

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  17. Include Nessus agent as a solution for Vulnerability Assessment in ASC

    ASC recommends "Install a vulnerability assessment solution on your VM" even though we have the latest Nessus agent installed on our Linux VMs.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. 2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  19. Option for Security Center to differentiate between Environments with a tag?

    It would be great if the default behavior for Security Center is to monitor everything, AND when tagged, to have a more granular view of Production vs Non-Production environments.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add webhooks as a notification target in addition to email addresses or co-administrators to enable notifications to go to Slack

    Currently I can only send Security Center alerts to email addresses or simply specify co-administrators of the server. Giving the ability to specify a web hook means the alerts could go to a Slack channel (like I have done with my Classic Alerts when my pool eDTU exceeds 80%).

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Azure Security Center

Categories

Feedback and Knowledge Base