In December, Microsoft announced news regarding Azure management services. Thanks to the release of this summary, which occurs on a monthly basis, we want to provide an overall overview of the main news of the month, in order to stay up to date on these topics and have the necessary references to conduct further exploration.
The following diagram shows the different areas related to management, which are covered in this series of articles, in order to stay up to date on these topics and to better deploy and maintain applications and resources.
Audit Logs for Azure Monitor queries
Azure Monitor allows you to collect data from the entire ecosystem, including telemetry data at the application and operating system level, security log, network log, diagnostic logs from Azure resources and custom logs. All these data can be queried with the powerful KQL language, useful for obtaining detailed information and making correlations. Microsoft has included the ability to control Azure Monitor queries. In fact, by enabling this functionality through the Azure diagnostic mechanism, you can collect telemetry data about who ran a query, when it was performed, which tool was used to run the query, the text of the query and performance statistics relating to the execution of the query. This telemetry, like any other Azure Diagnostic-based telemetry, can be sent to an Azure Storage Blob, to an Azure Event Hub, or in the Azure Monitor logs.
Azure Cost Management
Updates related toAzure Cost Management and Billing
Microsoft is constantly looking for new methodologies to improve Azure Cost Management and Billing, the solution to provide greater visibility into where costs are accumulating in the cloud, identify and prevent erroneous spending patterns and optimize costs . Inthis article some of the latest improvements and updates regarding this solution are reported.
Microsoft Defender for Cloud
Microsoft Defender for Containers adds new features for Kubernetes (preview)
Microsoft Defender for Containers, is a new offering that combines the functionality of Azure Defender for Kubernetes and Azure Defender for Container registries, adding several new features related to Kubernetes on Azure:
- AKS Profile: onboarding and maintenance as an AKS profile, so as to no longer have a dependency on the Log Analytics agent.
- Multi cloud support: multi cloud support for AKS, Amazon EKS, Kubernetes on-prem / IaaS (GCP will be added in the future).
- Visibility of vulnerabilities: a new recommendation monitors Kubernetes clusters and shows a list of running images with any vulnerabilities, based on evaluation scans provided by Qualys. This allows you to focus on the most critical vulnerabilities that expose runtime environments to security threats and attacks.
- Advanced Threat Protection: Kubernetes compatible AI analysis and anomaly detection.
- Improved ACR vulnerability assessment: the Azure Container Registry Vulnerability Assessment Recommendation (ACR) has been improved by adding runtime information to image scan results. This allows for the assignment of priorities and to apply filters based on the distribution status of the image.
- Continuous scanning of images: in addition to periodic scanning of Azure Container Registry images (ACR) over the past 30 days, continuous image scanning periodically scans ACR images running on Kubernetes clusters.
New features, bug fixes and deprecated features of Microsoft Defender for Cloud
Microsoft Defender for Cloud development is constantly evolving and improvements are being made on an ongoing basis. To stay up to date on the latest developments, Microsoft updates this page, this provides information about new features, bug fixes and deprecated features. In particular, this month the main news concern:
- New alerts for Microsoft Defender for Storage
- Improved alerts for Microsoft Defender for Storage
- Alert ‘PortSweeping’ has been removed from network-related alerts
New Azure Migrate releases and features
Azure Migrate is the service in Azure that includes a large portfolio of tools that you can use, through a guided experience, to address effectively the most common migration scenarios. To stay up-to-date on the latest developments in the solution, please consult the this page, that provides information about new releases and features.
Evaluation of Azure
To test for free and evaluate the services provided by Azure you can access this page.