[Workshop Alert] Mastering Observability with OpenTelemetry Fundamentals - Register Now!

Start Free Trial Get a Demo
Start Free Trial Request Demo

Quick Start Security for Azure Network Watcher

Azure Network Watcher
Azure Network Watcher icon

Coralogix Extension For Azure Network Watcher Includes:

Alerts - 3

Stay on top of Azure Network Watcher key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

Network Watcher for Anomaly Detection

The Network Watcher use case involves the implementation of a comprehensive monitoring and analysis system designed to detect anomalies within a network environment. This use case aims to proactively identify irregularities, potential security threats, and performance issues, allowing for timely remediation to maintain the integrity and reliability of the network. Impact Threat Detection Improved Network Security Posture Mitigation of Performance Issues Automated Remediation Prevention of Insider Threats Integration with Security Infrastructure Mitigation Here are general steps that can be taken for remediating anomalies detected by a Network Watcher for Anomaly Detection: Isolation of Affected Systems Traffic Blocking Patch and Update Systems Credential Changes Network Configuration Adjustments Forensic Analysis Mitre tactic : T1082 Mitre technique : T1036

Network Interface Configuration Changes

The Network Interface Configuration use case is designed to ensure that network interfaces are properly configured to handle messaging actions efficiently, and it involves logging and analyzing relevant audit events to maintain the integrity, security, and performance of the network. Impact An adversary may perform configuration changes to impact users affect the usual operations in their target's environment. Mitigation Verify whether the user identity, user agent, and/or hostname should be making changes in your environment. Network ACL deletions by unfamiliar users or hosts should be investigated. MITRE Tactic: TA0005 MITRE Technique: T1562 "

Network Watcher Log for Deletion Monitoring

The Network Watcher Log for Deletion Monitoring use case is designed to track and analyze activities related to the deletion of network resources, configurations, or data. By maintaining comprehensive audit logs, organizations can enhance visibility into deletion events, ensure accountability, and mitigate risks associated with unauthorized or unintended deletions. Impact An adversary may delete a network access control list in order to impact users affect the usual operations in their target's environment. Mitigation Verify whether the user identity, user agent, and/or hostname should be making changes in your environment. Network ACL deletions by unfamiliar users or hosts should be investigated. MITRE Tactic: TA0005 MITRE Technique: T1562

Integration

Learn more about Coralogix's out-of-the-box integration with Azure Network Watcher in our documentation.

Read More
Schedule Demo

300+ Integrations

View More
Akamai
Akamai
JIRA
JIRA
Logstash
Logstash
Prometheus
Prometheus
Fluent Bit
Fluent Bit
Kubernetes
Kubernetes
Amazon CloudWatch
Amazon CloudWatch
GCP Log Explorer
GCP Log Explorer
CircleCI
CircleCI
Slack
Slack
PagerDuty
PagerDuty
Jenkins
Jenkins
OTel
OTel
CrowdStrike Falcon
CrowdStrike Falcon
Teams
Teams
AWS Lambda
AWS Lambda
GitHub
GitHub
Azure
Azure
Cortex XSOAR
Cortex XSOAR
AWS S3
AWS S3