How Azure Security Center detects threats

Security Center has detection algorithms and it is being updated if attackers release new and increasingly sophisticated exploits. This algorithm collects security information to be analyzed. After analyzing the information, algorithm prioritizes the security alert with recommendation.

security-center-detection-capabilities-fig1.png

Security Center uses advanced security analytics, than identify using manual approaches.  These security analytics systems are;

 

  • Integrated threat intelligence: looks for known bad actors by leveraging global threat intelligence from Microsoft products and services, the Microsoft Digital Crimes Unit (DCU), the Microsoft Security Response Center (MSRC), and external feeds.
  • Behavioral analytics: applies known patterns to discover malicious behavior.
  • Anomaly detection: uses statistical profiling to build a historical baseline. It alerts on deviations from established baselines that conform to a potential attack vector

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: