Capability Domains met by Microsoft

System & Information Integrity Principles

Microsoft Azure Government has developed a 10-step process to facilitate system & information integrity with the security principles within CMMC:

  • Remediate Vulnerabilities
  • Monitor System Security Alerts
  • Leverage Threat Intelligence
  • Implement Malicious Code Protections
  • Update Malicious Code Signatures
  • Perform Periodic Scans
  • Detect & Mitigate Malicious Actions
  • Detect Network Attacks
  • Identify Unauthorized Access
  • Monitor Individuals
  • Azure Offerings to Facilitate System & Information Integrity

    Azure DDoS Protection Cover all resources on a virtual network when you enable Azure DDoS Protection via simplified configuration. Always-on traffic monitoring provides near real-time detection of a DDoS attack, with no intervention required.

    Azure Policy: Policy Management

    Azure Policy helps you manage and prevent IT issues with policy definitions that enforce rules and effects for your resources.

    Azure Advanced Threat Protection: Cloud-Based Security Solution

    Azure Advanced Threat Protection is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.

    Azure Security Center: Infrastructure Security Management System

    Azure Security Center is a unified infrastructure security management system that strengthens the security posture of your data centers and provides advanced threat protection across your hybrid workloads in the cloud – whether they’re in Azure or not – as well as on premises.

    Azure Sentinel: Scalable, Cloud-Native Security Information Event Management

    Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution.