Azure Security Center previews new threat detections for Linux

added by DotNetKicks
10/31/2017 8:09:32 PM


Azure Security Center recently launched a limited preview of new analytics that leverage auditd records to detect malicious behaviors on cloud and on-premises Linux machines. Similar to Security Center detections for Windows machines, these new capabilities can be used to detect suspicious processes, dubious login attempts, kernel module loading/unloading, and other activities that could indicate that a machine is under attack or have been breached.