Announcing the Azure Sentinel: Zero Trust (TIC3.0) Workbook
The Azure Sentinel: Zero Trust (TIC3.0) Workbook provides an automated visualization of Zero Trust principles cross walked to the Trusted Internet Connections framework. Compliance isn’t just an annual requirement, and organizations must monitor configurations over time like a muscle. This workbook leverages the full breadth of Microsoft security offerings across Azure, Office 365, Teams, Intune, Windows Virtual Desktop, and many more. This workbook enables Implementers, SecOps Analysts, Assessors, Security & Compliance Decision Makers, and MSSPs to gain situational awareness for cloud workloads' security posture. The workbook features 76+ control cards aligned to the TIC 3.0 security capabilities with selectable GUI buttons for navigation. This workbook is designed to augment staffing through automation, artificial intelligence, machine learning, query/alerting generation, visualizations, tailored recommendations, and respective documentation references.Azure Sentinel Cybersecurity Maturity Model Certification (CMMC) Workbook
The Azure Sentinel CMMC Workbook provides a mechanism for viewing log queries aligned to CMMC controls across the Azure cloud including Microsoft security offerings, Office 365, Teams, Intune, Windows Virtual Desktop and many more. This workbook enables Security Architects, Engineers, SecOps Analysts, Managers, and IT Pros to gain situational awareness for the security posture of cloud workloads. There are also recommendations for selecting, designing, deploying, and configuring Microsoft offerings for alignment with respective CMMC requirements and practices. The workbook features 250+ control cards aligned to the 17 CMMC control families across all 5 maturity levels with selectable GUI buttons for navigation.Azure Security Center and Azure Sentinel: Better Together
This blog post highlights how Azure Security Center and Azure Sentinel create an integrated end-to-end detection, investigation, and response platform for protecting cloud workloads. Watch Better together for US government: Azure Security Center + Azure Sentinel:CMMC Compliance with Azure Sentinel
Often the purpose of a Security Information & Event Management software product (SIEM) like Microsoft's Azure Sentinel can be misunderstood. In this blog, Azure Sentinel will be discussed in terms of capabilities and importance for CMMC compliance and an ideal cloud security strategy. Azure Sentinel became generally available on March 13, 2020, and charges for the service started April 1, 2020. Sentinel can pull log data at no cost for Incident Response from AWS CloudTrail, Azure Activity Logs, Office 365/Microsoft 365 Audit Logs (all SharePoint activity and Exchange admin activity) and alerts from Microsoft Threat Protection products (Azure Security Center, Office 365 ATP, Azure ATP, Microsoft Defender ATP, Microsoft Cloud App Security, Azure Information Protection).
