Azure – New capability added to Azure Security Center: Inventory

As you know Azure comes with a lot of security capability which sometimes get missed or misconfigured.

To help customers stay on top of their security posture, Azure integrates Azure Security Center (ASC) which gives you an overview of your security configuration, not only for Azure resources but also for on-premises ones if you have onboarded your resources.

Well, the Azure Security Center just got a new capability called Inventory.

This new capability is providing a full visibility over all your resources monitored by ASC, providing ways to look in details on specific resources, export report (in CSV) or even use Graph Explorer.

This new capability is now in preview.

To start using it, logon to your Azure portal (https://portal.azure.com/) and access your Security Center

image_thumb

Then look for the Inventory blade available at the top of the left pane

image_thumb[1]

There you will get the complete list of all resources monitored, including Azure subscriptions (either on Azure or on-premises) with their corresponding security state (recommendations)

image_thumb[2]

If you click on one of these resources, you will get details about the security state for this specific resource with associated recommendations

image_thumb[3]   image_thumb[4]

Getting back at the main Inventory blade, you can choose to export in CSV the current state; unfortunately, as of now (maybe this will change later), you can not get the recommendations associated with the resources

image_thumb[5]  image_thumb[6]

You can also use Graph Explorer to run KQL queries if you need to get more details about the resource(s) – like operating system, IP address, tags…

image_thumb[7]  image_thumb[8]

Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies