Microsoft extends security for Azure Storage file shares, data lakes

Microsoft today announced that Advanced Threat Protection (ATP) for Azure Storage now also allows customers to protect data stored in Azure Files file shares and Azure Data Lake Storage Gen2 API data stores.

ATP for Azure Storage is designed as an additional security intelligence layer to help detect malware uploaded to cloud storage accounts, access from suspicious sources (including but not limited to TOR exit nodes), and potentially harmful data exfiltration activities.

"Today we’re excited to announce the preview of extending advanced threat protection for Azure Storage to support Azure Files and Azure Data Lake Storage Gen2 API, helping our customers to protect their data stored in file shares and data stores designed for enterprise big data analytics," Azure Security Center Product Manager Hasan Abo-Shally said.

Tenant-wide Azure Security Center integration

The security alerts issued by ATP for Azure Storage when it detects activity anomalies on a customer's storage account are emailed to admins and are integrated with the Azure Security Center for the entire Azure tenant.

These alerts include suspicious activity details as well as investigation and remediation recommendations to allow customers with no security expertise to properly address detected threats, using 

The alerts detail potential signs of data exfiltration, attempts to gain persistence, data collection, exploitation, probing, or attempts of lateral movement to other Azure cloud services.

ATP for Azure Storage security alert
ATP for Azure Storage security alert (Microsoft)

Available in public and govt clouds

Advanced threat protection for Azure Storage needs to be toggled on for all storage accounts containing file shares and blob containers that need to be protected.

ATP for Azure Storage was released in public preview in October 2018, reaching general availability in March 2019, and it is available for Blob storage, Azure Files, and Azure Data Lake Storage Gen2 with support for general-purpose v2, block blob, and Blob storage accounts.

ATP for Azure Storage is available in all both public clouds and US government clouds, but it cannot be used in other sovereign or Azure Government cloud regions.

A free ATP for Azure Storage 30-day trial and pricing details can be accessed via the Azure Security Center pricing page.

Related Articles:

Train for Microsoft certifications with $350 off this course bundle

Get up to speed on Microsoft Azure with an extra 20% off this bundle

Get started with Microsoft Azure with an extra 20% off this training bundle