# Azure Security Tools

| Tool                                              | Purpose                             | Key Capabilities                                                       | How to Gain Practical Experience                                   |
| ------------------------------------------------- | ----------------------------------- | ---------------------------------------------------------------------- | ------------------------------------------------------------------ |
| **Azure AD**                                      | Identity & Access Management        | Users, Groups, Roles, Conditional Access, MFA, PIM                     | Create users, roles, policies, enable MFA, enforce least privilege |
| **Azure RBAC**                                    | Role-Based Access Control           | Granular permissions on resources                                      | Assign roles, audit access, use custom roles                       |
| **Azure Key Vault**                               | Secret & key management             | Store/rotate secrets, certificates, keys, integrate with apps          | Encrypt storage, manage secrets, rotate keys                       |
| **Azure Defender (Microsoft Defender for Cloud)** | Threat detection & posture          | Monitor resources, alerts on anomalies, integrate with Security Center | Enable policies, investigate alerts, automate remediation          |
| **Azure Security Center**                         | Posture management                  | Secure score, recommendations, regulatory compliance                   | Track resource compliance, implement recommended controls          |
| **Azure Sentinel**                                | SIEM & SOC platform                 | Centralized logging, analytics, threat detection, SOAR                 | Connect data sources, create alert rules, respond to incidents     |
| **Azure Policy**                                  | Governance & compliance             | Enforce rules on resource creation, audit configurations               | Apply policies for encryption, tagging, allowed locations          |
| **Azure Monitor**                                 | Monitoring & alerting               | Metrics, logs, alerts, Application Insights                            | Set alerts on security events, monitor anomalies                   |
| **Azure Firewall**                                | Network security                    | Fully managed, rules, FQDN filtering, threat intelligence              | Secure network segments, log traffic, integrate with SIEM          |
| **Azure DDoS Protection**                         | DDoS mitigation                     | Standard & basic protection, monitoring attacks                        | Enable on critical resources, monitor metrics                      |
| **Azure WAF**                                     | Web Application Firewall            | OWASP protection, custom rules, integration with Front Door/APIM       | Protect web apps, configure rule sets, log alerts                  |
| **Azure Storage Security**                        | Data protection                     | Encryption, SAS tokens, firewall, soft delete                          | Enforce encryption, audit access, manage secure sharing            |
| **Azure Information Protection (AIP)**            | Data classification & protection    | Label documents/emails, enforce policies, track usage                  | Classify sensitive data, configure protection policies             |
| **Azure Blueprints**                              | Environment deployment & compliance | Pre-configured governance, resource setup                              | Deploy secure environments, ensure compliance                      |