How Azure Security Center helps detect attacks against your Linux machines

added by DotNetKicks
4/24/2018 5:09:19 PM

1 Kicks, 226 Views

Azure Security Center (ASC) is now extending its Linux threat detection preview program, both on cloud and on-premise. New capabilities include detection of suspicious processes, suspect login attempts, and anomalous kernel module loads. Security Center is using auditd for collecting machines' events, which is one of the most common frameworks for auditing on Linux.