Azure Security white papers

Introduction to Azure Security Explains the collection of security controls implemented in Azure from both the customer's and Microsoft operations' perspectives. Provides a comprehensive look at the customer-facing security controls available with Azure.
Advanced threat detection Guides you through the Azure approaches towards threat vulnerability assessments, diagnostics, and analysis. Explains how Microsoft uses advanced threat detection mechanisms to secure the platform. Also explains how Microsoft includes these mechanisms in public facing features and services.
Azure data encryption-at-rest Focuses on how data is protected at rest across Azure and the various components taking part in the data protection implementation. Reviews the pros and cons of the different key management protection approaches.
Azure logging and auditing Provides an introduction for generating, collecting, and analyzing security logs from services hosted on Azure. These logs can help you gain security insights into your Azure deployments.
Azure network security Introduces you to the wide range of network controls you can configure to enhance the security of the solutions you deploy in Azure. The focus is customer-facing network security controls.
Azure Functions and serverless platform security This downloadable white paper covers the benefits of serverless computing while providing security considerations and mitigations in the context of Azure.
Azure operational security Provides a comprehensive look at the customer-facing operational security technologies and services available with Azure.
Azure security technical capabilities Focuses on the security features and functionality supporting Azure Storage, Azure SQL Databases, the Azure virtual machine model, and the tools and infrastructure that manage it all.
Azure Storage security guide Provides an overview of each of the security features that can be used with Azure Storage. Covers management plane security, data plane security, encryption at rest, encryption in flight, and storage analytics.
Data classification for cloud readiness This downloadable paper introduces the fundamentals of data classification and its value in the context of cloud computing. Organizations assessing cloud computing for future use or organizations currently using cloud services and seeking ways to optimize data management will benefit most from this paper.
Governance in Azure Explains the security and governance features built into Azure. The main governance issues discussed are: policies, processes, and procedures implementation for your organization goals; security and continuous compliance with organization standards; alerting and monitoring.
Isolation in the Azure public cloud Outlines how Azure provides isolation against both malicious and non-malicious users. Serves as a guide for architecting cloud solutions by offering various isolation choices to architects. Primary focus is on the customer-facing security controls, and does not attempt to address SLAs, pricing models, and DevOps practice considerations.
Overview of Azure compliance This downloadable paper discusses Azure compliance offerings, including formal certifications, attestations, validations, authorizations, and assessments produced by independent third-party auditing firms, as well as contractual amendments, self-assessments, and customer guidance documents produced by Microsoft.
Each offering description states which Azure customer-facing services are in scope for the assessment, and provides links to downloadable resources to assist customers with their own compliance obligations.
Security management in Azure Discusses issues in the remote access of Azure resources. The nature of the cloud demands remote access administration and, therefore, security is paramount. Covers general security guidelines, client configuration, best practices, and operational principles and procedures.