Azure Updates: Defender for Azure Cosmos DB; DDoS; Payment Card Industry Data Security Standard; IoT Central

Microsoft Defender for Azure Cosmos DB is now in preview. Senior product manager Inbal Argov shared the news in a Microsoft blog post. Microsoft has designed the new security capabilities as an Azure-native security layer designed to detect potential database exploits and respond based on Microsoft Threat Intelligence, Defender SQL query analysis, and behavioral models. Protection is enabled at the subscription or resource level. Argov noted that SQL injections and key extractions are among the most common attack methods.

To simplify the process of enabling database protection across the different database types in your cloud and hybrid environments, we created a central management experience across SQL databases, MariaDB, and now Azure Cosmos DB. While each database type requires a tailored approach with custom security controls and uniquely optimized threat detection models, we have standardized the security experience in Microsoft Defender for Cloud across them.

Also on the security front, principal program manager Anupam Vij shared a new DDoS threat protection and response guide. Currently, all Microsoft services are protected with platform level DDoS protection for layer 3 and layer 4 attack, using rate limiting, SYN cookies, and connection limits to halt an attack. Vij encouraged customers to protect apps potentially exposed over the public internet, validate assumptions, and configure attack analytics—and know when it’s time to call Microsoft support.