Secure infrastructure (Auditing and logging for network activity)
Microsoft provides monitoring and logging technologies to give you maximum visibility into the activity on your cloud-based network, applications, and devices, so you can identify potential security gaps. The ability to collect and analyze such information and filter it to fit your criteria is essential for identifying patterns and trends on your network. If security events do happen, you have access to information to assist you in conducting investigations that are an important part of the incident response process. You can use this data to plan and implement better protection for your infrastructure, with the goal of proactively preventing future incidents and improving security for your resources and data.
Detailed security audit trails are also required for compliance with government and industry regulations.
Microsoft provides many options for auditing and logging security events.
Security event logs are customizable to fit your security and reporting needs and can help you keep track of activities that could pose a threat to your virtual machines in the cloud or your systems on-premises.
Audit policies define the types of events and users that will be audited.
Security alerts are communications—sent through dashboards, email, or other means—that notify you when a security-related event is occurring or has occurred.
Export tools can send your data to a third-party SIEM.
Third-party monitoring and alerting tools, available from the Azure Marketplace, can enhance the effectiveness of your auditing and reporting.
Azure Security Center provides a centralized portal from which you can secure your Azure deployments and prevent, detect, and respond to threats with increased visibility into the security of your Azure resources. Azure Security Center provides focused security recommendations and rapid deployment of integrated partner technologies. It uses behavioral analytics and machine learning for effective threat detection and helps you build an attack timeline for faster remediation.