Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Quick Start Security for Azure Network Watcher

Azure Network Watcher
Azure Network Watcher icon

Out-of-the-Box Security For Azure Network Watcher Includes:

Alerts - 3

Stay on top of Azure Network Watcher key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

Network Watcher for Anomaly Detection

The Network Watcher use case involves the implementation of a comprehensive monitoring and analysis system designed to detect anomalies within a network environment. This use case aims to proactively identify irregularities, potential security threats, and performance issues, allowing for timely remediation to maintain the integrity and reliability of the network. Impact Threat Detection Improved Network Security Posture Mitigation of Performance Issues Automated Remediation Prevention of Insider Threats Integration with Security Infrastructure Mitigation Here are general steps that can be taken for remediating anomalies detected by a Network Watcher for Anomaly Detection: Isolation of Affected Systems Traffic Blocking Patch and Update Systems Credential Changes Network Configuration Adjustments Forensic Analysis Mitre tactic : T1082 Mitre technique : T1036

Network Interface Configuration Changes

The Network Interface Configuration use case is designed to ensure that network interfaces are properly configured to handle messaging actions efficiently, and it involves logging and analyzing relevant audit events to maintain the integrity, security, and performance of the network. Impact An adversary may perform configuration changes to impact users affect the usual operations in their target's environment. Mitigation Verify whether the user identity, user agent, and/or hostname should be making changes in your environment. Network ACL deletions by unfamiliar users or hosts should be investigated. MITRE Tactic: TA0005 MITRE Technique: T1562 "

Network Watcher Log for Deletion Monitoring

The Network Watcher Log for Deletion Monitoring use case is designed to track and analyze activities related to the deletion of network resources, configurations, or data. By maintaining comprehensive audit logs, organizations can enhance visibility into deletion events, ensure accountability, and mitigate risks associated with unauthorized or unintended deletions. Impact An adversary may delete a network access control list in order to impact users affect the usual operations in their target's environment. Mitigation Verify whether the user identity, user agent, and/or hostname should be making changes in your environment. Network ACL deletions by unfamiliar users or hosts should be investigated. MITRE Tactic: TA0005 MITRE Technique: T1562

Documentation

Learn more about Coralogix's out-of-the-box integration with Azure Network Watcher in our documentation.

Read More
Schedule Demo