As the service owner, I am super excited to share that Azure Defender for Key Vault is now generally available!
It is really One Microsoft experience to work closely with Azure Security Center and Azure Key Vault team to launch this service. Also personally, I grew up a lot after going through the Machine Learning algorithm improvement, infrastructure refactoring, BCDR and privacy policy compliance, cost reduce, monthly business review(MBR), customer feedback investigation.
It is indeed a challenging and inspiring work to wake me up every day.
What is Azure Defender for Key Vault
https://docs.microsoft.com/en-us/azure/security-center/defender-for-key-vault-introduction
Customers are using Azure Key Vault to store the most sensitive information in their Azure environment: keys, passwords, secrets and certificates for all of their Azure resources. By achieving this data, attackers may be able to perform lateral movement and breach other resources in the customers Azure environment.
Azure Defender for Key Vault is a cloud-native, breadth threat protection suite – gives customers additional layer of protection for the precious secretes stored in the Key Vault by helping the SOC team to detect suspicious activities in their Key Vaults and protect the entire Azure environment.
How to Enable Azure Defender for Key Vault
Enable it from Azure Key Vault
In Key Vault’s Security page, click “try it for the first 30 days”
Enable it from Azure Security Center
https://docs.microsoft.com/en-us/azure/security-center/security-center-pricing#enable-azure-defender
- From Security Center’s main menu, select Pricing & settings.
- Select the subscription that you want to upgrade.
- Select Azure Defender on to upgrade.
- Select Save.
Below is the pricing page for an example subscription. You’ll notice that each plan in Azure Defender is priced separately and can be individually set to on or off. Make sure it is on for Azure Key Vault.
Azure Defender for Key Vault Alerts
Current Status
We just releasing to GA and we already have:
- 30G Azure Key Vault logs processed per month
- 1.2M Azure Key Vaults protected
- 63K Azure subscriptions protected
And expecting these numbers to raise dramatically in the current months.
General Availability Announcement at Ignite 2020
Azure Defender for Key Vault is generally available: https://docs.microsoft.com/en-us/azure/security-center/release-notes#azure-defender-for-key-vault-is-generally-available
What’s new in Azure Key Vault: https://techcommunity.microsoft.com/t5/video-hub/azure-key-vault-what-s-new/m-p/1698834
Introducing Azure Defender: https://myignite.microsoft.com/sessions/764ff397-97ff-4841-ad62-493f1da51d40
What’s new in Azure Security Center: https://myignite.microsoft.com/sessions/d40bd0a5-485e-455d-ac28-882b85de8dfb