The new Adaptive Application Controls in Azure Security Center use artificial intelligence to automatically create and implement whitelists that help keep Windows instances secure.
Businesses that host applications on Azure instances now have at their disposal a new tool that improves security.
Microsoft launched a public beta of its new Adaptive Application Controls for Windows virtual machines running on the company’s Azure cloud-computing platform on Dec. 21. The service allows users to apply whitelisting techniques to their server instances, blocking unauthorized or potentially malware-ridden software.
This approach is particularly effective on virtual machines that run a fixed set of applications. It lowers an instance’s attack surface by blocking all applications except the ones that are known to be safe, allowing organizations to spend less time on the lookout for exploits and cyber-security threats, noted Microsoft Senior Product Manager Ben Kliger in a blog post.
Reflecting Microsoft’s efforts to imbue practically all parts of its software and cloud services ecosystem with artificial intelligence (AI), the new capabilities also use the technology to relieve some of the IT administration burdens involved in keeping cloud instances safe.
“Adaptive Application Controls leverages machine learning to analyze the behavior of your Azure virtual machines, create a baseline of applications, group the virtual machines, and recommend and automatically apply the appropriate whitelisting rules. You can view, modify, and receive alerts for these rules in Azure Security Center,” stated Kliger.
Adaptive Application Controls are available in standard Azure Security Center subscriptions. A brief walkthrough is available here.
In another security-enhancing move, Azure Backup now has improved support for virtual machines that are protected by Bitlocker Encryption Key. The cloud-based data protection service can now be used to both back up and restore virtual machines that use the encryption scheme on either managed (by Microsoft) or unmanaged (managed by users) disks. In a previous release, the service only supported backups.
Elsewhere on Microsoft’s cloud, the company announced a new Alerts interface in the Azure Monitor service, also in beta, along with new capabilities.
Upon logging into the new Alerts section in Azure Monitor, users will be greeted with a consolidated view of the alerts that were triggered by the metrics monitoring and log analysis solution. “Given how integral it is to the monitoring experience, we are excited to announce the preview of a new re-imagined user interface to create and manage alerts for any resource from a single location in the Azure Monitor blade in the Azure portal,” commented Shankar Sivadasan, senior product marketing manager of Cloud Platform at Microsoft, in a blog post.
The Alerts interface can also be used to gather all the alert rules used across multiple subscriptions into a single destination for easy access. Finally, the interface now features authoring tools that streamline the process of creating alert rules that involve multiple Azure resources, said Sivadasan.
Other new additions to Azure Monitor include a new log search function and the ability to configure query-based alert rules for logs.