New Azure Network Security and Azure Sentinel Blog Posts | Integrating Azure Sentinel/Azure Firewall
We’re excited to announce a seamless integration betweenAzure FirewallandAzure Sentinel. Now, you can get both detection, prevention and response automation in the form of an easy-to-deploy Azure Firewall solution for Azure Sentinel. Combining these capabilities allow you to ensure that you both prevent sophisticated threats when you can, while also maintaining an “assume breach mentality” to detect and quickly/automatically respond to cyberattacks. The Azure Firewall Solution for Azure Sentinel is now available. Please see the security community blog to learn about the new threat detections, hunting queries and automation for Azure Firewall that are included in this new solution <Optimize security with Azure Firewall solution for Azure Sentinel - Microsoft Security>. The automation capability for Azure Firewall withAzure Sentinel is provided with the new Logic App Connector and Playbook Templates.With this integration, you can automate response to Azure Sentinel incidents which contains IP addresses (IP entity), in Azure Firewall. Thenew Connector and Playbook templates allowsecurity teams togetthreat detection alertsdirectly in a Microsoft Teams Channel when one of the Playbooks attached to an Automation Rule triggers based on a Sentinel detection rule. Securityincidentresponseteams canthentriage, performone click response andremediation in Azure Firewall to block or allow IP address sources and destinations based on these alerts. To learn more about deploying, configuring and using the automation for Azure Firewall with the new Custom Logic App connector and Playbooks, please review the instructions in the blog here <Automated Detection and Response for Azure Firewall with the New Logic App Connector and Playbooks (microsoft.com)>. Original Post: New Azure Network Security and Azure Sentinel Blog Posts | Integrating Azure Sentinel/Azure Firewall - Microsoft Tech CommunityAzure WAF Security Protection and Detection Lab now Available
Azure Web Application Firewall Security Protection and Detection Lab is now available. The intent of this lab is to allow customers to easily test and validate the security capabilities of Azure WAF against common web application vulnerabilities/attacks. A significant amount of work has been put into developing the lab environment and the playbooks for our customers, and we are incredibly proud of the teamwork, collaboration, and support throughout the various stages of the process. The lab is now available on Azure Tech Community blog space and is organized in 5 sections. The step by step instructions in the lab allows anyone to rapidly deploy the lab environment and test Azure WAF’s protection capabilities against common web application attacks such as Reconnaissance, Cross-Site Scripting, and SQL Injection with no or minimal know-how of offensive security testing methodology. The lab also demonstrates how to use Azure WAF Workbook to understand how WAF handles malicious traffic and payloads. Click here for aTutorial Overview an introduction to the testing framework used in the lab, and the four-part instructions one the lab setup.
New Blog | Best Practices for Upgrading Azure WAF Ruleset
In today’s digital landscape, web applications are the lifeblood of businesses. They enable seamless communication, transactions, and interactions with customers. However, this increased reliance on web apps also makes them prime targets for cyberattacks. To safeguard your applications and protect sensitive data, implementing a robust Web Application Firewall (WAF) is essential. Read the full blog here:Best Practices for Upgrading Azure WAF Ruleset - Microsoft Community HubNew Blog | Enhancing Cybersecurity: Geomatch Custom Rules in Azure WAF
This blog post will introduce you to the geomatch custom rules feature of Azure Web Application Firewall and show you how to create and manage them using the Azure portal, Bicep and PowerShell. Read the full blog post here:Enhancing Cybersecurity: Geomatch Custom Rules in Azure WAF - Microsoft Community HubNew Blog Post | DRS 2.1 for Azure FrontDoor WAF General Availability
Full Blog:DRS 2.1 for Azure FrontDoor WAF General Availability - Microsoft Community Hub The Default Rule Set 2.1 (DRS 2.1) on Azure's global Web Application Firewall (WAF) with updated rules against new attack signatures is now available to Web Application Firewall customers. This ruleset is available on the Azure Front Door Premium tier. DRS 2.1is baselined off the Open Web Application Security Project (OWASP) Core Rule Set (CRS) 3.3.2 andincludes the Microsoft Threat Intelligence (MSTIC) rules that are written in partnership with the Microsoft Intelligence team. As with the previous DRS 2.0, the MSTIC team analyzes Common Vulnerabilities and Exposures (CVEs) and adapts the CRS ruleset to provide increased coverage, patches for specific vulnerabilities, and better false positive reduction. Also, Azure Front Door WAF with DRS 2.1 usesanomaly scoring mode, hence rule matches are not considered independently. Original Post:New Blog Post | DRS 2.1 for Azure FrontDoor WAF General Availability - Microsoft Community Hub
