Hello Security universe,
Today I came across an interesting news directly from the Product Group. After quite some time, one of the most-asked/wanted feature request by customers on Azure Security Center (ASC) was completed and finally released. Yes, this feature is now Generally Available or GA.
What am I talking about? The wonderful “Download CSV report” button that, as of February 2020 the 19th, you can see in both Recommendations and Security Alerts pages.
Security Alerts page:
This feature will empower customers to easily export their data and build new capabilities on top of it to better manage their tasks. For instance, customers can use the CSV reports as data source for other systems or to build more dashboards, for instance, using PowerBI.
Releasing this to GA is yet another big step in ASC to simplify customer’s access to their security data. Moreover, it provides additional at-scale consumption channels such as: continuous export to Event Hub and Log Analytics workspace and workflow automation with Logic Apps.
Just to share some internals, the CSV reports are powered by the Azure Resource Graph (ARG). Using Azure Resource Graph allows for a scalable solution to effectively generate a single report for all the subscriptions you (your user account) have access to.
Read more about this feature by looking at Manual one-time export of security alerts. This article is also part of the broader export feature set you can find at Export security alerts and recommendations.
A huge Thank You to the Azure Security Center team to have listened to customer feedback and to have worked hardly to release this nice and helpful feature.
© Microsoft. This article was originally published by Microsoft's Core Infrastructure and Security Blog. You can find the original article here.