Azure Security Center

Do you have an idea or suggestion based on your experience with Azure Security Center? We would love to hear it! Please take a few minutes to submit your ideas or vote up an idea submitted by another customer. All of the feedback you share in these forums will be monitored and reviewed by the Microsoft engineering teams responsible for building Security Center. Remember that this site is only for feature suggestions and ideas!

For further reading on Azure Security Center, see our documentation. For general discussion, use our discussion forum. For technical support, take advantage of these support options.

  1. Extended configuration for AntiMalware VM extension

    AntiMalware VM extension has only few parameter.
    Should be great to be able scheduling update signature with parameters :
    SignatureScheduleDay
    SignatureScheduleTime
    SignatureUpdateInterval

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  2. chrome....

    I don't want to ...

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  3. filter

    Add custom filter to choose Subscription name / Resource Group

    example :

    Threat protection --> Security Alerts over Time -->
    High Severity --> Resource group name , Subscription name

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  4. Azure Information Protection in SharePoint Online

    Hello,

    Please allow set Sensitivity for all files stored in SharePoint Online.

    At this moment we can only Encrypt Documents library using Information Rights Management in SharePoint Online.

    But as example, we would like to set Sensitivity, for all files saved in our SharePoint Online tenant, in SharePoint Sites/Teams or users OneDrive Document libraries.

    At this moment it is possible if run PowerShell on End-User PC like:
    1. Query default Corporate OneDrive folder location
    2. Run: Get-ChildItem .doc -Recurse -Force | Set-AIPFileClassification -PreserveFileDetails

    But then each file will be downloaded to PC.

    So would be very useful to set Globally…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  5. Monitorin On-prem servers with Threat Protection included

    when we try to add on-prem servers for monitoring using Threat Protection, we get an enormous amount of alerts. We have a scheduled PowerShell script running each day and this triggers an alert, one for each monitored server every day.
    We need a way to whitelist this script. Apparently there is an option of doing this for Azure VM's but this does not work for on-prem servers.
    So the rule could be something like ' if-this-script-is-run-by-this-user-from-this-location do not alert'.
    Or the better way may be to be able to use 'AppLocker' functionality and have that visible to and confirmed by…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  6. Azure security center ARM template enable standard plan for all resources

    I can select the pricing tier in ARM template but that will just set pricing tier as standard and cover VMs. However, I would like have SQL servers and app services covered as well.
    What do I need to add to my my template?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Flag idea as inappropriate…  ·  Admin →
  7. estoy conchrome doncoucegj@ en vez de jcouceg@gmail.com

    Al poner a cero el PC con mac sin el usb la 1ª vez Edge tomo las aplicaciones perdidas en el formateo de Chrome y no sé quien me ha puesto con ustedes y my nombre D.N.I. e identificación fiscal española:30.618.858-letra Q si coucegj@gmail.com, goravic782@outlook.com ó mi cuenta jcouceg@gmail.com

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  8. Make Azure Security Center for IoT deployable to ARM Linux versions

    Many companies use Raspberry Pi's to prototype their future IoT deployments. I see that Azure Security Center for IoT is in public preview (which is awesome!), but it would be very helpful to have this available for testing in the Pi environment to allow vetting of its capabilities.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  9. Integrate JIT with Azure Firewall

    It would be extremely useful to integrate JIT with Azure Firewall. This would allow JIT access to VMs without requiring a PIP for each VM as well as make security teams happier by not having a PIP attached to each VM that needs to be accessed remotely.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  10. Define Actions for Recommendations

    We would like the option to define specific actions that can be triggered in response to recommendations. For instance, trigger a Playbook.

    A use case might be a Recommendation to install anti-malware. We could choose from a list of available actions to run a Playbook that triggers the anti-malware installation.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  11. Support other MFA products

    In ASC access & identity . We found out the account which has enabled third party MFA cannot be detected. The recommendation existed and this affect the secure score. can we plan to support third party solution like antimalware assessment as well?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →

    thanks for your feedback,

    This is feedback we came across in the past. We plan to resolve it using two complementing features -
    1. Enable you to dismiss/request an exception for hte MFA recommendation stating the reason that you installed a 3rd party solution.
    2. Enabling you to push status from your 3rd party security solution into ASC using our new and open partner integration.

    Both are in the works. I can’t share exact ETA at this moment.

    thanks,
    Gilad Elyashar, head of product, Azure Security Center

  12. FISMA or NIST in compliance Dashboard

    Proving compliance to stakeholders is the top barrier to adoption. Get these controls in the dashboard to enable more use of azure by downlevel fed it departments.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  13. Security Center Pin Dashboard

    Security Center cannot be pinned to a Dashboard (for reasons unknown). Usually, if I go to the top-right of a blade, I can select the icon to pin it to my Dashboard. It is available in all of the other resources I have pinned. Security Center is the only one that I can't pin. See attached image . . .

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  14. Azure "One-Click Resource Quarantine"

    Azure "One-Click Resource Quarantine" that pulls keys and locks down RBAC when an Azure App or Resource is thought to be compromised which provides security threat countermeasures and preserves forensic data to root cause and source the origin of threat.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  15. OS security configuration issue for windows 10

    We have couple of instances running with windows 10 and Windows Servers platform. In asc we have recommendation that Remediate vulnerabilities in security configuration on your machines. As per MS this feature supported on windows server platform. In this case it should not show no data available for windows 10 and its impact overall score. Pls fix this

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  16. Create article listing all Azure data sources Azure Security Center supports

    You need to provide an article listing of all the Azure data sources that Azure Security Center can analyse. Unfortunately your existing documentation doesn't make this clear anywhere. I am trying to do a security review for a customer and I'm having to search all over the place to find out what data sources ASC consumes to understand what coverage it provides. This is a pretty obvious thing to need to know and yet the ASC documentation doesn't have this information in a single location. For example in the FAQs you state:

    Which Azure resources are monitored by Azure Security…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  17. Azure Recommendation Enable Network Security Group shows GatewaySubnet

    Azure Security Center shows a recommendation to Enable Network Security Groups on subnets, and it lists ALL subnets, including the ones created as GatewaySubnet but when you try to add a NSG to this GatewaySubnet it says "ssigning a network security group to a gateway subnet is not supported as virtual network gateway management and gateway connectivity may fail".

    If it is not possible why does Microsoft list it in first place? So, can you please remove GatewaySubnet from the list or allow people to dismiss somehow those recommendations?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  18. Hard to find price level dashborad

    If we want to change from "Free" to "Standard" or reverse, need access "Security Policy" menu.
    It's forget everytime to access exists this menu.
    I hope new menu like "Price level".

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Flag idea as inappropriate…  ·  Admin →
  19. Asure Security Center for Windows Client OS

    As the Log Analytics is supported for the Windows Client OS why it is not supported for the Azure Security Center.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  20. Create Service Endpoint for Azure Antimalware

    Azure Antimalware Service is not able to communicate to Azure Update Services when enforced tunneling is configured for the VM on vnet layer. With a service endpoint for Azure Antimalware and forced tunneling all traffic from a VM would be routed to on-premises except communication between Azure Antimalware and the Update Service.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Azure Security Center

Categories

Feedback and Knowledge Base