Chapter 5 Using Security Center for incident response

In the previous chapter, you learned how to address security recommendations using Azure Security Center, which is part of the overall enhancement of your security posture. However, protection is just one of the pillars of your security posture. You also need to enhance your detection and response.

On the detection front, Security Center constantly monitors your assets. When it identifies suspicious activities, it raises an alert. Importantly, it also reduces false positives, which is very important for your security operations.

In this chapter, you will learn how to use Security Center to detect threats against your environment, and how to investigate security issues as part of your incident-response ...

Get Microsoft Azure Security Center, First Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.