Supported features available in Azure Security Center


Some features are only available with the Standard tier. If you have not already signed up for Security Center's Standard tier, a free trial period is available. For more information, see the Security Center pricing page.

The following sections show Security Center features that are available for their supported platforms.

Virtual machine / server supported features

Azure Virtual Machines Azure Virtual Machine Scale Sets Non-Azure Machines Pricing
Microsoft Defender ATP integration ✔ (on supported versions) ✔ (on supported versions) Standard
Virtual Machine Behavioral Analytics threat detection alerts Recommendations (Free) Threat Detection (Standard)
Fileless threat detection alerts Standard
Network-based threat detection alerts - Standard
Just-In-Time VM access - - Standard
Native vulnerability assessment - - Standard
File Integrity Monitoring Standard
Adaptive application controls - Standard
Network map - Standard
Adaptive network hardening - - Standard
Adaptive network controls - Standard
Regulatory Compliance dashboard & reports Standard
Recommendations and threat detection on Docker-hosted IaaS containers - - - Standard
Missing OS patches assessment Free
Security misconfigurations assessment Free
Endpoint protection assessment Free
Disk encryption assessment - Free
Third-party vulnerability assessment - - Free
Network security assessment - Free

Supported endpoint protection solutions

The following table provides a matrix of:

  • Whether you can use Azure Security Center to install each solution for you.
  • Which endpoint protection solutions Security Center can discover. If an endpoint protection solution from this list is discovered, Security Center won't recommend installing one.

For information about when recommendations are generated for each of these protections, see Endpoint Protection Assessment and Recommendations.

Endpoint Protection Platforms Security Center Installation Security Center Discovery
Windows Defender (Microsoft Antimalware) Windows Server 2016 No, Built in to OS Yes
System Center Endpoint Protection (Microsoft Antimalware) Windows Server 2012 R2, 2012, 2008 R2 (see note below) Via Extension Yes
Trend Micro – All versions* Windows Server Family No Yes
Symantec v12.1.1100+ Windows Server Family No Yes
McAfee v10+ Windows Server Family No Yes
McAfee v10+ Linux Server Family No Yes *
Sophos V9+ Linux Server Family No Yes *

* The coverage state and supporting data is currently only available in the Log Analytics workspace associated to your protected subscriptions. It isn't reflected in the Azure Security Center portal.


  • Detection of System Center Endpoint Protection (SCEP) on a Windows Server 2008 R2 virtual machine requires SCEP to be installed after PowerShell 3.0 (or an upper version).
  • Detection of Trend Micro protection is supported for Deep Security agents. OfficeScan agents are not supported.

PaaS services supported features

The following PaaS resources are supported by Azure Security Center:

Service Recommendations (Free) Threat detection alerts (Standard) Vulnerability assessment (Standard)
SQL Databases
Azure Container Registry - -
Azure Kubernetes Service -
Azure Database for PostgreSQL* -
Azure Database for MySQL* -
Azure CosmosDB* - -
Storage Accounts - -
Blob Storage -
App Service -
Function app - -
Cloud Services - -
Virtual Network - -
Subnet - -
NIC - -
Network Security Groups - -
Subscription ✔ ** -
Batch account - -
Service Fabric account - -
Automation account - -
Load Balancer - -
Cognitive Search - -
Service Bus namespace - -
Stream analytics - -
Event hub namespace - -
Logic apps - -
Cache for Redis - -
Data Lake Analytics - -
Azure Data Lake Storage - -
Key Vault ✔ * -

* These features are currently supported in preview.

** Azure Active Directory (Azure AD) recommendations are available only for Standard subscriptions.

Next steps