Category: Monitoring

Azure
0

Responding to Ransomware with Azure’s Security Tools

Best practices for defending against ransomware with Microsoft’s security capabilities
Ransomware isn’t just malware—it’s a breach. And in today’s threat landscape, it’s often human-operated, coordinated, and devastating. Microsoft Azure offers a layered defense strategy that combines proactive detection, rapid response, and resilient recovery. This article explores how to leverage Azure’s native security tools to build a ransomware-ready posture that’s both scalable and auditable.

Posted on 7:00 am
Azure
0

Microsoft Defender for Cloud: Deep Dive

In today’s cloud-first world, security isn’t just a checkbox—it’s a continuous discipline. Microsoft Defender for Cloud is the cornerstone of Azure’s native security posture management and threat protection. Whether you’re running workloads in Azure, AWS, GCP, or on-premises via Azure Arc, Defender for Cloud provides unified visibility, intelligent recommendations, and active threat detection.

Posted on 9:38 am
Azure
0

Part 2: Visualizing DDoS Defense—Workbooks, Mitigation Reports & GitHub Tooling

Today we start the second phase of our DDoS protection journey—where visibility becomes your superpower, and raw telemetry transforms into strategic insight.

You’ve done the hard work: diagnostic logging is enabled, your DDoS protection plan is active, and telemetry is flowing into Log Analytics.  Now it’s time to elevate your defense posture from reactive to predictive.  Because in cloud security, knowing what happened isn’t enough—you need to know what’s happening now, and what’s likely to happen next.

Posted on 7:10 am
Azure
0

Building the Foundations of Azure DDoS Defense

Today we start a journey into the heart of Azure’s DDoS protection capabilities—not just to check a box, but to build a resilient, observable, and defensible cloud perimeter.

DDoS attacks are no longer rare anomalies.  They’re persistent, evolving threats that target everything from public-facing APIs to mission-critical web apps; and while Azure offers built-in protection, the real value comes when you configure it with intention—enabling diagnostics, routing telemetry, and preparing your environment to respond intelligently.

Posted on 7:03 am
Azure
0

Monitoring and Analytics with Azure Monitor

In modern cloud environments, maintaining the health and performance of applications is critical. Azure Monitor provides a full-stack monitoring solution that enables organizations to track metrics, diagnose issues, and gain deep insights into their applications and infrastructure. Whether monitoring virtual machines (VMs), Kubernetes clusters, databases, or application services, Azure Monitor ensures optimal performance with proactive alerts, AI-powered analytics, and advanced telemetry capabilities.
This article explores how to configure and use Azure Monitor for real-time observability, troubleshooting, and optimization.

Posted on 7:10 am
Azure
0
Microsoft Defender for Cloud - A defender pictured as a knight with a shield defending against technology threats and badguys!

Onboard a Single Subscription with Microsoft Defender for Cloud

In today’s post we will look at a targeted way to harness the full potential of your Azure security by integrating Microsoft Defender for Cloud with Microsoft Sentinel. This powerful combination allows for advanced threat detection, seamless monitoring, and a unified view of your security posture. We want to select our Sentinel data connectors while being thoughtful. The Microsoft Defender XDR data connector is the modern connector version that we should all use in most cases; but the legacy connector is useful when we have only specific subscriptions that we want to bring into Sentinel. The older, legacy connector, requires the manual selection of the subscriptions to include in the data ingestion; it is the perfect solution if you have a tenant that you only want 2 of the many subscriptions provisioned.

Posted on 7:15 am
Azure
0
AzureTracks mascot wearing a blindfold hoping that Sentinel health is still under control!

Monitor Sentinel Data Connector Health – Alerting

Join me in taking a look at exploring Sentinel health data and using KQL to create an alert rule that tells our SOC team about data connector issues in Sentinel. This post walks through the KQL queries, exploring your data, and creating an alerting rule. Monitoring is an important part of good governance in Sentinel!

Posted on 6:52 am
Azure
0
AzureTracks mascot wearing a blindfold hoping that Sentinel health is still under control!

Monitor Sentinel Data Connector Health

There is more than one way to monitor most Azure infrastructure and data connectors are no exception. Today we look at creating a way to keep an eye on your data connectors operations in Sentinel, using Sentinel. Join me for a few minutes as we explore one of the important best practices in Microsoft Sentinel – health monitoring.

Posted on 7:05 am
Azure
0
Azure Lighthouse on AzureTracks.com

Azure Lighthouse & Sentinel at Scale – Part 3

In this post we continue our exploration of enabling multitenant management with scalability, higher automation, and enhanced governance across resources. Let’s jump right in this week and learn about the best practices and security baseline of using Azure Lighthouse. This is the last in a mini-series of three posts about Azure Lighthouse and Sentinel at scale; we have looked in detail at delegated permissions, what Azure Lighthouse is all about, and now we look at the best practices and how to deploy!

Posted on 6:55 am
Azure
0
Azure Lighthouse on AzureTracks.com

Azure Lighthouse & Sentinel at Scale – Part 2

In this post we continue our exploration of enabling multitenant management with scalability, higher automation, and enhanced governance across resources. Let’s jump right in this week and learn about delegation using Azure Lighthouse in enterprise scenarios and how an MSP might use delegation to optimize SOC operations. Join me for a good look at delegation & Lighthouse!

Posted on 7:19 am