How Azure Security Center detects threats

Security Center has detection algorithms and it is being updated if attackers release new and increasingly sophisticated exploits. This algorithm collects security information to be analyzed. After analyzing the information, algorithm prioritizes the security alert with recommendation.


Security Center uses advanced security analytics, than identify using manual approaches.  These security analytics systems are;


  • Integrated threat intelligence: looks for known bad actors by leveraging global threat intelligence from Microsoft products and services, the Microsoft Digital Crimes Unit (DCU), the Microsoft Security Response Center (MSRC), and external feeds.
  • Behavioral analytics: applies known patterns to discover malicious behavior.
  • Anomaly detection: uses statistical profiling to build a historical baseline. It alerts on deviations from established baselines that conform to a potential attack vector


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

Up ↑

%d bloggers like this: