Azure Security Center

Do you have an idea or suggestion based on your experience with Azure Security Center? We would love to hear it! Please take a few minutes to submit your ideas or vote up an idea submitted by another customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Security Center. Remember that this site is only for feature suggestions and ideas!

For further reading on Azure Security Center, see our documentation. For general discussion, use our discussion forum. For technical support, take advantage of these support options.

  1. Configuring Alerts for Azure Service Fabric certificate expiration

    It is possible to send notifications about Azure Web App certificates expiration using Azure Runbooks. But there is no possibility to trace certificates expiration configured in Service Fabric and other Azure Services. It's good to have a runbook for this or any other solutions would be fine.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. create built-in policy to prevent movement of subscriptions

    create built-in policy to prevent movement of subscriptions between azure ad tenants

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. Tai day

    Tran Thanh Cam on

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  4. specify additional client info in automatic notifications about potential security threats

    if the client accessing the resource is running on Azure, it should be possible for the notification to include more information about it, making it easier to understand the nature of the potential threat (or conclude that it isn't a threat)

    example: I recently got a notification about access to a publicly readable azure storage container (from an azure VM in my subscription). the notification could have told me the name of the VM and perhaps more properties of it as it is an azure resource in a subscription owned by me.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Add ability to configure Security Center to apply Default Policies to Management groups

    Today Security Center applies default Azure Policy at a subscription level. Would like to see this configurable that default policy assignment could be assigned to Management Groups instead of each subscription.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  6. Allow VOIP #'s for sign up and security checks.

    Setting up our partnership w/ Azure was more difficult than any other partnership because the process did not allow the use of our VOIP # at work. Our entire company is using VOIP, like many others, so this hurdle is pretty archaic.

    We all believe in security, but please consider using modern means such as work email addresses, etc.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. Is it possible to connect azure sentinel for multiple azure ad tenants, so we can control and audit a different directory, which is not unde

    Is it possible to connect azure sentinel for multiple azure ad tenants, so we can control and audit a different directory, which is not under the tenanted generated by sentinel workspace ?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  8. resources.azure.com does not show microsoft.security provider

    Please add support to resources.azure.com for Microsoft.Security provider. Currently it does not show this provider at all.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  9. Allow user to modify the default security policy applied to a subscription

    Please allow user to modify the default security policy applied to a subscription when the subscription has Azure security center enabled.
    Currently if user would like to disable a policy company-wide, they have to apply the security policy to management group, and modify/delete the default policies on each subscription.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  10. Is it possible to use other compliance reporting like National cyber Security Center (NCSC)

    Is it possible to include other compliance regularity reporting like cyber Essentials+ & National cyber Security Center (NCSC) into Azure Security Center

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  11. Azure policy exclude Identity not just subscription/Resource group

    Currently when assigning a policy w can exclude Management Group / Subscription or a Resource Group. Is it possible to add User principal to the list.
    Use case, sometime operator or Security compliance office would need to update an out of compliance resource. when the Resource is out of compliance, write will fail due to deny policy, an exclude for a principal / Group ID would Come in handy

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  12. Announce for EVC or the other security risks.

    Sometimes, we found some important vulnerability. So if the vulnerability relate to our system, we have to respond immediately. I hope Azure Advisor will have a feature that announce about some important EVCs or the other security risks.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Extended configuration for AntiMalware VM extension

    AntiMalware VM extension has only few parameter.
    Should be great to be able scheduling update signature with parameters :
    SignatureScheduleDay
    SignatureScheduleTime
    SignatureUpdateInterval

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  14. chrome....

    I don't want to ...

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. filter

    Add custom filter to choose Subscription name / Resource Group

    example :

    Threat protection --> Security Alerts over Time -->
    High Severity --> Resource group name , Subscription name

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Azure Information Protection in SharePoint Online

    Hello,

    Please allow set Sensitivity for all files stored in SharePoint Online.

    At this moment we can only Encrypt Documents library using Information Rights Management in SharePoint Online.

    But as example, we would like to set Sensitivity, for all files saved in our SharePoint Online tenant, in SharePoint Sites/Teams or users OneDrive Document libraries.

    At this moment it is possible if run PowerShell on End-User PC like:
    1. Query default Corporate OneDrive folder location
    2. Run: Get-ChildItem .doc -Recurse -Force | Set-AIPFileClassification -PreserveFileDetails

    But then each file will be downloaded to PC.

    So would be very useful to set Globally…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Monitorin On-prem servers with Threat Protection included

    when we try to add on-prem servers for monitoring using Threat Protection, we get an enormous amount of alerts. We have a scheduled PowerShell script running each day and this triggers an alert, one for each monitored server every day.
    We need a way to whitelist this script. Apparently there is an option of doing this for Azure VM's but this does not work for on-prem servers.
    So the rule could be something like ' if-this-script-is-run-by-this-user-from-this-location do not alert'.
    Or the better way may be to be able to use 'AppLocker' functionality and have that visible to and confirmed by…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Azure security center ARM template enable standard plan for all resources

    I can select the pricing tier in ARM template but that will just set pricing tier as standard and cover VMs. However, I would like have SQL servers and app services covered as well.
    What do I need to add to my my template?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  19. estoy conchrome doncoucegj@ en vez de jcouceg@gmail.com

    Al poner a cero el PC con mac sin el usb la 1ª vez Edge tomo las aplicaciones perdidas en el formateo de Chrome y no sé quien me ha puesto con ustedes y my nombre D.N.I. e identificación fiscal española:30.618.858-letra Q si coucegj@gmail.com, goravic782@outlook.com ó mi cuenta jcouceg@gmail.com

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  20. Make Azure Security Center for IoT deployable to ARM Linux versions

    Many companies use Raspberry Pi's to prototype their future IoT deployments. I see that Azure Security Center for IoT is in public preview (which is awesome!), but it would be very helpful to have this available for testing in the Pi environment to allow vetting of its capabilities.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Azure Security Center

Categories

Feedback and Knowledge Base