How to get Security Alerts for Environments in Azure DevTest Labs
One of the challenges that existed in Azure DevTest Labs previously was that we could not get Azure Security Center Alerts about issues or other security analysis alerts for those environments. Now, Azure has opened up the abilities of Azure Security Center Alerts so that we can actively monitor and respond for events within environments in DevTest Labs.
Azure Security Center automatically collects, analyzes, and integrates log data from your Azure resources, the network, and connected partner solutions, like firewall and endpoint protection solutions, to detect real threats and reduce false positives. A list of prioritized security alerts is shown in Security Center along with the information you need to quickly investigate the problem and recommendations for how to remediate an attack.
To test and use this feature you must have an environment deployed inside your DevTest Labs. See here for more information. This is a prerequisite condition for making Azure Security Center Alerts for DevTest Labs work.
You may want to walk through and create yourself a lab in your free Azure subscription at https://portal.azure.com
Once you have a lab created:
- In Azure at https://portal.azure.com, browse to the home page for your lab.
- Select Security alerts on the left menu. You should see the number of security alerts (high, medium, and low) .
- Right-click on three dots (…) in the last column, and select View security alerts.
- You see more details about the alerts and advisor recommendations.
To learn more on managing and responding to security alerts in Azure Security Center and for more information on Azure Security Center Alerts for DevTest Labs environments see the Microsoft Docs article here: https://docs.microsoft.com/en-us/azure/lab-services/environment-security-alerts