Dissecting a Cloud Attack: Securing Azure with AzLog
Just because data, applications, and systems exist in Azure doesn’t mean your commitment to security, ability to monitor, and need to achieve compliance are any less. First, you need to collect security events, configuration changes, and access logs. Then you must centralize this data within a security information and event management (SIEM) platform to achieve visibility and maintain security.
To help you better understand what’s necessary and possible regarding logging and visibility of your Azure environment, we’ll take a look at an example of how a typical attack takes place, how to identify progression through the Cyber Attack Lifecycle using Azure’s AzLog functionality, and how to detect attackers moving laterally between the cloud and your on-premise network.