The new Ransomware recommendations dashboard is an Azure workbook that provides you visibility into what security recommendations you should prioritize to reduce the likelihood of getting compromised by a Ransomware attack. It leverages Microsoft Defender for Cloud recommendations, and secure score to help you track progress of your security posture enhancement. Since it is based on Defender for Cloud, it also brings built-in automation capabilities to help remediate security recommendations and reduce expose factors.
The diagram below represents a holistic view of how Azure Security Benchmark, which is the security foundation for Azure workloads, mapped to the MITRE ATT&CK Matrix with data visualization for end user experience.
Now you will be able to identify gaps in your security hygiene that are related to Ransomware and prioritize the remediations accordingly. Addressing these will improve the overall security posture of your Azure workloads and help you in your journey to improve your secure score. This dashboard is focused on the following aspects:
In this dashboard you will find tabs that allow you to navigate and explore the security recommendations based on different criteria. Please watch the video below for a full demonstration on how to use this dashboard:
By understand in which stage of the MITRE ATT&CK matrix the recommendation is located, you can prioritize remediations earlier on and reduce the probability of further damage done by the attacker. The Ransomware dashboard can be utilized to prioritize the remediation of recommendations for scenarios such as:
- Ensures up to date VMs with relevant security patches
- Enable anti-malware on your VMs
- Reduce attack surface by enabling just-in-time access to management ports
For more information about Ransomware attacks, make sure to read the following resources:
- Azure Defenses for Ransomware Attack
- Human-operated ransomware
- Maximize Ransomware Resiliency with Azure and Microsoft 365
- 3 steps to prevent and recover from ransomware
Microsoft
