Secure Your Cloud with Microsoft Defender for Cloud

Lab Steps

lock
Logging in to the Microsoft Azure Portal
lock
Exploring Azure Security Center
lock
Inspecting the Insecure Lab Resources
lock
Following Microsoft Defender for Cloud Recommendations

The hands-on lab is part of these learning paths

Ready for the real environment experience?

DifficultyBeginner
Time Limit2h
Students2085
Ratings
3.7/5
starstarstarstar-halfstar-border

Description

The security of your cloud environment should always be a leading concern. However, it can be challenging to stay on top of all the resources and changes in your environment. Azure provides Microsoft Defender for Cloud (previously Azure Security Center) to help lighten the burden of securing your cloud environment. Take advantage of automatic security audits and recommendations to secure your cloud with Microsoft Defender for Cloud in this lab. You will mitigate security risks identified by Microsoft Defender for Cloud in a pre-created cloud environment.

Lab Objectives

Upon completion of this lab, you will be able to:

  • Use Microsoft Defender for Cloud to identify the network, compute, storage, and application security risks in your Azure environment
  • Follow Microsoft Defender for Cloud's recommendations to mitigate risks
  • Resolve several common security issues

Lab Prerequisites

You should be familiar with:

  • Basic Azure resources, such as Subnets, Virtual Machines, and Network Security Groups

Lab Environment

Before completing the Lab instructions, the environment will look as follows:

After completing the Lab instructions, the environment should look similar to:

 

Updates

December 2nd, 2021: Updated lab for Azure Defender/Azure Security Center re-branding to Microsoft Defender for Cloud.

December 2nd, 2021: Updated screenshots and instructions to reflect the latest Microsoft Defender for Cloud experience and capabilities.

September 22nd, 2021: Updated screenshots to reflect the latest Security Center experience and capabilities.

May 3rd, 2021: Updated screenshots to reflect the latest Security Center experience and capabilities.

July 1st, 2020: Added additional instructions to allow validation checks to pass even if Security Center has yet to detect the issues being resolved in the final lab step. Increased time limit as well.

May 22nd, 2020: Updated screenshots to reflect the latest Security Center experience. Also increased time limit to allow more time to wait for Security Center to scan the lab environment (it can take up to 30 minutes)

May 13th, 2020: Updated screenshots and added additional warnings about inherent Security Center delays that can temporarily make the list of recommendations appear empty.

April 12th, 2020: Added validation checks to check the work you perform in the lab

April 12th, 2020: Updated to reflect the latest Security Center experience and capabilities

November 11th, 2018: Updated the text and screenshots to match the latest Security Center experience

September 7th, 2018: Updated text and images to match the latest Azure experience

About the Author
Students118049
Labs184
Courses9
Learning paths31

Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.