Monitoring
Regularly monitoring resources is crucial to maintaining a strong security posture and detecting vulnerabilities. This detection can occur in the form of proactively searching for anomalous events within enterprise activity logs or reacting to alerts of suspicious activity. It is important to respond to any anomalies or alerts in a prompt and vigilant manner in order to prevent any reduction in security assurance. Additionally, employing defense-in-depth and least privilege strategies are key to designing a strong and secure system.
The following checklist should be used for monitoring security-related events in this workload:
- Use Azure Monitor to monitor workloads deployed on Azure
- As part of the incident response plan, invest in building a Security Operations Center (SOC) or SecOps team
- Traffic from or to applications, access requests, and application communication should be monitored
- Leverage the secure score in Microsoft Defender for Cloud to review...
