Home

How Security Center and Log Analytics can be used for Threat Hunting

%3CLINGO-SUB%20id%3D%22lingo-sub-252568%22%20slang%3D%22en-US%22%3EHow%20Security%20Center%20and%20Log%20Analytics%20can%20be%20used%20for%20Threat%20Hunting%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-252568%22%20slang%3D%22en-US%22%3E%3CP%3EOrganizations%20today%20are%20constantly%20under%20attack.%20Azure%20Security%20Center%20(ASC)%20uses%20advanced%20analytics%20and%20global%20threat%20intelligence%20to%20detect%20malicious%20threats%2C%20and%20the%20new%20capabilities%20that%20our%20product%20team%20is%20adding%20everyday%20empower%20our%20customers%20to%20respond%20quickly%20to%20these%20threats.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EHowever%2C%20just%20having%20great%20tools%20that%20alert%20about%20the%20threats%20and%20attacks%20is%20not%20enough.%20The%20reality%20is%20that%20no%20security%20tool%20can%20detect%20100%20percent%20of%20the%20attack.%20In%20addition%2C%20many%20of%20the%20tools%20that%20raise%20alerts%20are%20optimized%20for%20low%20false%20positive%20rates.%20Hence%2C%20they%20might%20miss%20some%20suspicious%20outlier%20activity%20in%20your%20environment%20which%20could%20have%20been%20flagged%20and%20investigated.%20This%20is%20something%20that%20Security%20Center%20and%20the%20Azure%20Log%20Analytics%20team%20understands.%20The%20product%20has%20built-in%20features%20that%20you%20can%20use%20to%20launch%20your%20investigations%20and%20hunting%20campaigns%20in%20addition%20to%20responding%20to%20alerts%20that%20it%20triggers.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F49755iFC463433AA1C0956%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22Slide1.PNG%22%20title%3D%22Slide1.PNG%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ERead%20about%20it%20in%20the%20%3CA%20href%3D%22https%3A%2F%2Fazure.microsoft.com%2Fen-us%2Fblog%2Fways-to-use-azure-security-center-log-analytics-for-threat-hunting%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3EAzure%20blog%3C%2FA%3E.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-252568%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ELog%20Analytics%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity%20Center%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Community Manager

Organizations today are constantly under attack. Azure Security Center (ASC) uses advanced analytics and global threat intelligence to detect malicious threats, and the new capabilities that our product team is adding everyday empower our customers to respond quickly to these threats.

 

However, just having great tools that alert about the threats and attacks is not enough. The reality is that no security tool can detect 100 percent of the attack. In addition, many of the tools that raise alerts are optimized for low false positive rates. Hence, they might miss some suspicious outlier activity in your environment which could have been flagged and investigated. This is something that Security Center and the Azure Log Analytics team understands. The product has built-in features that you can use to launch your investigations and hunting campaigns in addition to responding to alerts that it triggers.

 

Slide1.PNG

 

Read about it in the Azure blog.