The security of your cloud environment should always be a leading concern. However, it can be challenging to stay on top of all the resources and changes in your environment. Azure provides Microsoft Defender for Cloud (previously Azure Security Center) to help lighten the burden of securing your cloud environment. Take advantage of automatic security audits and recommendations to secure your cloud with Microsoft Defender for Cloud in this lab. You will mitigate security risks identified by Microsoft Defender for Cloud in a pre-created cloud environment.
Lab Objectives
Upon completion of this lab, you will be able to:
- Use Microsoft Defender for Cloud to identify the network, compute, storage, and application security risks in your Azure environment
- Follow Microsoft Defender for Cloud's recommendations to mitigate risks
- Resolve several common security issues
Lab Prerequisites
You should be familiar with:
- Basic Azure resources, such as Subnets, Virtual Machines, and Network Security Groups
Lab Environment
Before completing the Lab instructions, the environment will look as follows:
After completing the Lab instructions, the environment should look similar to:
Updates
May 1st, 2024 - Updated the instructions and screenshots to reflect the latest UI
August 30th, 2023 - Resolved intermittent deployment issue
January 11th, 2022 - Updated screenshots to reflect the latest UI
December 2nd, 2021: Updated lab for Azure Defender/Azure Security Center re-branding to Microsoft Defender for Cloud.
December 2nd, 2021: Updated screenshots and instructions to reflect the latest Microsoft Defender for Cloud experience and capabilities.
September 22nd, 2021: Updated screenshots to reflect the latest Security Center experience and capabilities.
May 3rd, 2021: Updated screenshots to reflect the latest Security Center experience and capabilities.
July 1st, 2020: Added additional instructions to allow validation checks to pass even if Security Center has yet to detect the issues being resolved in the final lab step. Increased time limit as well.
May 22nd, 2020: Updated screenshots to reflect the latest Security Center experience. Also increased time limit to allow more time to wait for Security Center to scan the lab environment (it can take up to 30 minutes)
May 13th, 2020: Updated screenshots and added additional warnings about inherent Security Center delays that can temporarily make the list of recommendations appear empty.
April 12th, 2020: Added validation checks to check the work you perform in the lab
April 12th, 2020: Updated to reflect the latest Security Center experience and capabilities
November 11th, 2018: Updated the text and screenshots to match the latest Security Center experience
September 7th, 2018: Updated text and images to match the latest Azure experience
Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.