Threat Detection & Monitoring

Azure Threat Protection and Monitoring

Azure offers built-in threat protection functionality through services such as Azure Active Directory (Azure AD), Azure Monitor logs, and Azure Security Center. This collection of security services and capabilities provides a simple and fast way to understand what is happening within your Azure deployments.

Azure provides a wide array of options to configure and customize security to meet the requirements of your app deployments.

Azure Active Directory Identity Protection

Azure AD Identity Protection is an Azure Active Directory Premium P2 edition feature that provides an overview of the risk detections and potential vulnerabilities that can affect your organisation’s identities. Identity Protection uses existing Azure AD anomaly-detection capabilities that are available through Azure AD Anomalous Activity Reports and introduces new risk detection types that can detect real-time anomalies.

Identity Protection capabilities

Azure Active Directory Identity Protection is more than a monitoring and reporting tool. To protect your company’s identities, you can configure risk-based policies that automatically respond to detected issues when a specified risk level has been reached. These policies, in addition to other Conditional Access controls provided by Azure Active Directory and EMS, can either automatically block or initiate adaptive remediation actions including password resets and multi-factor authentication enforcement.

Azure AD Privileged Identity Management

With Azure Active Directory Privileged Identity Management (PIM), you can manage, control, and monitor access within your organization. This feature includes access to resources in Azure AD and other Microsoft online services, such as Microsoft 365 or Microsoft Intune.

Azure Monitor logs

Azure Monitor logs is a Microsoft cloud-based IT management solution that helps you manage and protect your on-premises and cloud infrastructure. Because Azure Monitor logs are implemented as a cloud-based service, you can have it up and running quickly with minimal investment in infrastructure services. New security features are delivered automatically, saving ongoing maintenance and upgrade costs.

Insight and analytics

At the centre of Azure Monitor logs is the repository, which is hosted by Azure. You collect data into the repository from connected sources by configuring data sources and adding solutions to your subscription.

Automation and control: Alert on security configuration drifts

Azure Automation automates administrative processes with runbooks that are based on PowerShell and run in the cloud. Runbooks can also be executed on a server in your local data centre to manage local resources. Azure Automation provides configuration management with PowerShell Desired State Configuration (DSC).

Examples of some of the ways that Azure Identity Protection can help secure your accounts and identities include:

Detecting risk detections and risky accounts


Detect six risk detection types using machine learning and heuristic rules.


Calculate user risk levels.


Provide custom recommendations to improve overall security posture by highlighting vulnerabilities.

Contact us today to discover how our cloud optimisation solutions can drive efficiency and security for your business.

    This form collects the data you enter into it. By checking the I AGREE box you consent to us collecting and storing your data, as well as contacting you. For more info on how we manage your data please review our Privacy Policy. You can opt out or change your settings at any time.

    Microsoft Azure Training

    Live Instructor LED online Training