Scribd
Upload
907 views

Microsoft Cybersecurity Reference Architecture (MCRA)

The document provides an overview of Microsoft's security reference architecture and cloud-native security solutions. It includes solutions such as Azure Sentinel for security information and event management (SIEM), Azure Security Center for unified security management and threat protection across hybrid cloud environments, Azure Active Directory for identity and access management, Microsoft Defender ATP for endpoint detection and response, and Azure Information Protection for data classification and protection. The reference architecture aims to provide organizations with guidance and strategies for securing their cloud infrastructure, applications, identities and data through Microsoft's integrated security portfolio.

Uploaded by

EdnaRocioUnivioAmaya
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
907 views

Microsoft Cybersecurity Reference Architecture (MCRA)

The document provides an overview of Microsoft's security reference architecture and cloud-native security solutions. It includes solutions such as Azure Sentinel for security information and event management (SIEM), Azure Security Center for unified security management and threat protection across hybrid cloud environments, Azure Active Directory for identity and access management, Microsoft Defender ATP for endpoint detection and response, and Azure Information Protection for data classification and protection. The reference architecture aims to provide organizations with guidance and strategies for securing their cloud infrastructure, applications, identities and data through Microsoft's integrated security portfolio.

Uploaded by

EdnaRocioUnivioAmaya
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Security Operations Center (SOC) Software as a Service

Cybersecurity Reference Architecture


Microsoft Threat Experts Incident Response, Recovery, & CyberOps Services
April 2019 – https://aka.ms/MCRA | Video Recording | Strategies
Office 365
Azure Sentinel – Cloud Native SIEM and SOAR (Preview) Secure Score

Vuln Cloud App Azure Microsoft Office 365 Azure Customer Lockbox
Security This is interactive! Roadmaps and Guidance
Mgmt Security Center Defender

Advanced Threat Protection (ATP) 1. Present Slide 1. Securing Privileged Access


Dynamics 365
MSSP
2. Hover for Description
2. Office 365 Security
Identity & Access
Graph Security API – 3rd Party Integration 3. Click for more information
3. Rapid Cyberattacks ( Information Protection Azure Active
Wannacrypt/Petya) Directory
Alert & Log Integration

Conditional Access – Identity Perimeter Management


Clients Hybrid Cloud Infrastructure
Cloud App Security Azure AD Identity
Unmanaged & On Premises Datacenter(s) 3rd party IaaS Microsoft Protection
Azure Information Leaked cred protection
Mobile Devices Azure Protection (AIP) Behavioral Analytics
Azure Security Center – Cross Platform Visibility, Protection, and Threat Detection Configuration Hygiene

Classification Labels
Discover
Just in Time VM Access Classify Azure AD PIM
Azure Security Adaptive App Control Protect
NGFW Multi-Factor
Intune MDM/MAM Firewall Appliances Monitor
Extranet

Authentication
Edge DLP Hold Your Own Key (HYOK)
Azure Policy Azure AD B2B
Managed Clients SSL Proxy
AIP Scanner Azure AD B2C
IPS/IDS Azure Key Vault
Express Route Azure WAF Hello for Business
System Center Windows Server 2019 Security Azure Antimalware Office 365 MIM PAM
Configuration Manager
Intranet Servers

Window 10 + Just Enough Admin, Hyper-V Containers, Nano server, and more… • Data Loss Protection
Application & Network • Data Governance
Microsoft Defender ATP Security Groups Azure ATP
Shielded VMs • eDiscovery
VMs
Backup & Site
Azure Stack
Recovery Azure SQL Active Directory
Secure Threat Threat Detection
Privileged Access Workstations (PAWs) Disk & Storage
Score Analytics SQL Encryption & ESAE Admin Forest
Encryption
Data Masking
Confidential
Windows 10 Enterprise Security Included Azure SQL Info
IoT and Operational Technology Computing
with Azure Protection
Network protection App control (VMs/etc.) DDoS attack
Credential protection Isolation
Windows 10 IoT IoT Security Maturity Model Premium Mitigation+Monitor Microsoft Defender ATP
Exploit protection Antivirus
Reputation analysis Behavior monitoring Security
Full Disk Encryption Azure IoT Security Azure Sphere IoT Security Architecture Feature
Attack surface Compliance Manager
reduction
S Mode
Security Development Lifecycle (SDL)
Trust Center Intelligent Security Graph
Security Operations Center (SOC) Software as a Service
Cybersecurity Reference Architecture
Microsoft Threat Experts Incident Response, Recovery, & CyberOps Services
April 2019 – https://aka.ms/MCRA | Video Recording | Strategies
Office 365
Security Information and Event
Azure Sentinel Management
– Cloud (SIEM)
Native SIEM Analytics/Automation
and SOAR (Preview) Secure Score

Vuln Cloud App Azure Microsoft Office 365 Azure Customer Lockbox
Security This is interactive! Roadmaps and Guidance
Mgmt Security Center Defender

Advanced Threat Protection (ATP) 1. Present Slide 1. Securing Privileged Access


Dynamics 365
MSSP
2. Hover for Description
2. Office 365 Security
Identity & Access
Graph Security API – 3rd Party Integration 3. Click for more information
3. Rapid Cyberattacks ( Information Protection Azure Active
Wannacrypt/Petya) Directory
Alert & Log Integration

Conditional Access – Identity Perimeter Management


Clients Hybrid Cloud Infrastructure
Cloud App Security Azure AD Identity
Unmanaged & On Premises Datacenter(s) 3rd party IaaS Microsoft Protection
Azure Information Leaked cred protection
Mobile Devices Azure Protection (AIP) Behavioral Analytics
Azure Security Center – Cross Platform Visibility, Protection, and Threat Detection Configuration Hygiene

Classification Labels
Discover
Just in Time VM Access Classify Azure AD PIM
Azure Security Adaptive App Control Protect
NGFW Multi-Factor
Intune MDM/MAM Firewall Appliances Monitor
Extranet

Authentication
Edge DLP Hold Your Own Key (HYOK)
Azure Policy Azure AD B2B
Managed Clients SSL Proxy
AIP Scanner Azure AD B2C
IPS/IDS Azure Key Vault
Express Route Azure WAF Hello for Business
System Center Windows Server 2019 Security Azure Antimalware Office 365 MIM PAM
Configuration Manager
Intranet Servers

Window 10 + Just Enough Admin, Hyper-V Containers, Nano server, and more… • Data Loss Protection
Application & Network • Data Governance
Microsoft Defender ATP Security Groups Azure ATP
Shielded VMs • eDiscovery
VMs
Backup & Site
Azure Stack
Recovery Azure SQL Active Directory
Secure Threat Threat Detection
Privileged Access Workstations (PAWs) Disk & Storage
Score Analytics SQL Encryption & ESAE Admin Forest
Encryption
Data Masking
Confidential
Windows 10 Enterprise Security Included Azure SQL Info
IoT and Operational Technology Computing
with Azure Protection
Network protection App control (VMs/etc.) DDoS attack
Credential protection Isolation
Windows 10 IoT IoT Security Maturity Model Premium Mitigation+Monitor Endpoint
Microsoft DLP ATP
Defender
Exploit protection Antivirus
Reputation analysis Behavior monitoring Security
Full Disk Encryption Azure IoT Security Azure Sphere IoT Security Architecture Feature
Attack surface Compliance Manager
reduction
S Mode
Security Development Lifecycle (SDL)
Trust Center Intelligent Security Graph

You might also like