Azure Security Center, as the name suggests, is a one-stop place for all security needs. There are generally two activities related to security—implementing security and monitoring for any threats and breaches. Security Center has been built primarily to help with both these activities. Azure Security Center enables users to define their security policies and get them implemented on Azure resources. Based on the current state of Azure resources, Azure Security Center provides security recommendations to harden the solution and individual Azure resources. The recommendations include almost all Azure security best practices, including the encryption of data and disks, network protection, endpoint protection, access control lists, whitelisting of incoming requests, and blocking of unauthorized requests. The resources range from infrastructure components such as load balancers, network security groups, and virtual networks, to PaaS resources such as Azure SQL and Storage.
Azure Security Center is a rich platform, and provides recommendations for multiple services, as shown in the following screenshot:
