You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
title: Managing security recommendations in Azure Security Center | Microsoft Docs
2
+
title: Security recommendations in Azure Security Center | Microsoft Docs
3
3
description: This document walks you through how recommendations in Azure Security Center help you protect your Azure resources and stay in compliance with security policies.
4
4
services: security-center
5
5
documentationcenter: na
6
-
author: rkarlin
6
+
author: monhaber
7
7
manager: barbkess
8
8
editor: ''
9
9
@@ -13,17 +13,16 @@ ms.devlang: na
13
13
ms.topic: conceptual
14
14
ms.tgt_pltfrm: na
15
15
ms.workload: na
16
-
ms.date: 12/13/2018
17
-
ms.author: rkarlin
16
+
ms.date: 06/04/2019
17
+
ms.author: v-mohabe
18
18
19
19
---
20
-
# Managing security recommendations in Azure Security Center
21
-
This document walks you through how to use recommendations in Azure Security Center to help you protect your Azure resources.
20
+
# Security recommendations in Azure Security Center
21
+
This topic explains how to view and understand the recommendations in Azure Security Center to help you protect your Azure resources.
22
22
23
23
> [!NOTE]
24
24
> This document introduces the service by using an example deployment. This document is not a step-by-step guide.
25
25
>
26
-
>
27
26
28
27
## What are security recommendations?
29
28
Security Center periodically analyzes the security state of your Azure resources. When Security Center identifies potential security vulnerabilities, it creates recommendations. The recommendations guide you through the process of configuring the needed controls.
@@ -39,48 +38,44 @@ In [Setting security policies in Azure Security Center](tutorial-security-policy
39
38
Current policy recommendations center around system updates, baseline rules, anti-malware programs, [network security groups](../virtual-network/security-overview.md) on subnets and network interfaces, SQL database auditing, SQL database transparent data encryption, and web application firewalls. [Setting security policies](tutorial-security-policy.md) provides a description of each recommendation option.
40
39
41
40
### Monitor recommendations
42
-
After setting a security policy, Security Center analyzes the security state of your resources to identify potential vulnerabilities. The **Recommendations** tile under **Overview** lets you know the total number of recommendations identified by Security Center.
43
-
44
-
![Recommendations tile][1]
41
+
After setting a security policy, Security Center analyzes the security state of your resources to identify potential vulnerabilities. The **Recommendations** tile under **Overview** shows the total number of recommendations identified by Security Center.
45
42
46
-
To see the details of each recommendation, select the **Recommendations tile** under **Overview**. **Recommendations** opens.
43
+
47
44
48
-
![Filter recommendations][2]
45
+
1. Select the **Recommendations tile** under **Overview**. The **Recommendations** list opens.
You can filter recommendations. To filter the recommendations, select **Filter** on the **Recommendations** blade. The **Filter** blade opens and you select the severity and state values you wish to see.
48
+
You can filter recommendations. To filter the recommendations, select **Filter** on the **Recommendations** blade. The **Filter** blade opens and you select the severity and state values you wish to see.
51
49
50
+
***RECOMMENDATIONS**: The recommendation.
51
+
***SECURE SCORE IMPACT**: A score generated by Security Center using your security recommendations, and applying advanced algorithms to determine how crucial each recommendation is. For more information, see [Secure score calculation](security-center-secure-score.md#secure-score-calculation).
52
+
***RESOURCE**: Lists the resources to which this recommendation applies.
53
+
***STATUS BARS**: Describes the severity of that particular recommendation:
54
+
***High (Red)**: A vulnerability exists with a meaningful resource (such as an application, a VM, or a network security group) and requires attention.
55
+
***Medium (Orange)**: A vulnerability exists and non-critical or additional steps are required to eliminate it or to complete a process.
56
+
***Low (Blue)**: A vulnerability exists that should be addressed but does not require immediate attention. (By default, low recommendations aren't presented, but you can filter on low recommendations if you want to see them.)
57
+
***Healthy (Green)**:
58
+
***Not Available (Grey)**:
52
59
53
-
***RECOMMENDATIONS**: The recommendation.
54
-
***SECURE SCORE IMPACT**:
55
-
***RESOURCE**: Lists the resources to which this recommendation applies.
56
-
***STATUS BARS**: Describes the severity of that particular recommendation:
57
-
***High (Red)**: A vulnerability exists with a meaningful resource (such as an application, a VM, or a network security group) and requires attention.
58
-
***Medium (Orange)**: A vulnerability exists and non-critical or additional steps are required to eliminate it or to complete a process.
59
-
***Low (Blue)**: A vulnerability exists that should be addressed but does not require immediate attention. (By default, low recommendations aren't presented, but you can filter on low recommendations if you want to see them.)
60
-
***Healthy (Green)**:
61
-
***Not Available (Grey)**:
62
-
60
+
1. To view each recommendation's details, click on the recommendation.
> You will want to understand the [classic and Resource Manager deployment models](../azure-classic-rm.md) for Azure resources.
67
-
>
68
-
>
69
-
> ### Apply recommendations
70
-
> After reviewing all recommendations, decide which one you should apply first. We recommend that you use the severity rating as the main parameter to evaluate which recommendations should be applied first.
71
-
64
+
>[!NOTE]
65
+
See [classic and Resource Manager deployment models](../azure-classic-rm.md) for Azure resources.
66
+
67
+
### Apply recommendations
68
+
> After reviewing all recommendations, decide which one to apply first. We recommend that you use the secure score impact to evaluate which recommendations should be applied first.
72
69
70
+
1. From the list, click on the recommendation.
71
+
1. Follow the instructions in the *Remediation steps* section.
73
72
74
73
## Next steps
75
-
In this document, you were introduced to security recommendations in Security Center. To learn more about Security Center, see the following:
74
+
In this document, you were introduced to security recommendations in Security Center. To learn more about Security Center, see the following topics:
76
75
77
76
*[Setting security policies in Azure Security Center](tutorial-security-policy.md) — Learn how to configure security policies for your Azure subscriptions and resource groups.
78
77
*[Security health monitoring in Azure Security Center](security-center-monitoring.md) — Learn how to monitor the health of your Azure resources.
79
78
*[Managing and responding to security alerts in Azure Security Center](security-center-managing-and-responding-alerts.md) — Learn how to manage and respond to security alerts.
80
79
*[Monitoring partner solutions with Azure Security Center](security-center-partner-solutions.md) — Learn how to monitor the health status of your partner solutions.
81
80
*[Azure Security Center FAQ](security-center-faq.md) — Find frequently asked questions about using the service.
82
81
*[Azure Security blog](https://blogs.msdn.com/b/azuresecurity/) — Find blog posts about Azure security and compliance.
0 commit comments