Continuously Export Secure Score for Over-Time Tracking and Reporting (Preview)

by Contributed | Nov 23, 2020 | Technology

This article is contributed. See the original author and article here.

Using continuous export of secure score (preview), you can stream secure score changes in real-time to an Event Hub or a Log Analytics workspace. This will enable you to track secure score over time with dynamic reports, export secure score data to Azure Sentinel or other 3^rd party SIEM solutions, and integrate this data type with any internal processes you might already be using to monitor secure score in your organization.

Implementation

To enable continuous export for secure score, follow the steps below:

1. In the Azure Portal go to ‘Security Center’.


2. Click on Pricing & settings.


3. Select the desired subscription.


4. Click on Continuous export.


5. Enable export of secure score. In the drop-down menu you can choose whether to export both the overall score of the subscription and the score per control, or only one of them.


6. Choose the Resource Group in which the automation resource will be created.


7. Fill in the details of your export destination (Event Hub/Log Analytics workspace).


8. Click Save.

Please note

1. Continuous export exports only updates to the score, and not the baseline. From the moment of enabling continuous export every change to the score will be exported.

2. Update to score is not exported when:

• The number of resources changed but the overall score didn’t.


• The change in the control score is less than 0.01.


• The score of a control with max score of 0 is updated.

Data schemas

For export to Event Hub, the data schemas are in line with the Secure Scores and Secure Score Controls APIs. When exporting the data to Log Analytics workspace the overall secure score will be exported to SecureScores table, and secure score per control to SecureScoreControls table, in the following schemas:

SecureScores

SecureScoreControls

Common queries for Log Analytics workspace

When consuming secure score data from Log Analytics workspace, you might like to further analyze the data. For example, track secure score over time or find what recommendations and resources are lowering your score. Below are common queries for these scenarios, follow the steps below to use them:

1. In Azure Portal, navigate to the Log Analytics workspace to which you enabled continuous export.


2. Click on Logs.


3. Copy and paste a query from the samples described below.


4. Set the desired Time range.


5. Click Run.

Sample queries

Track secure score over time by subscription:

SecureScores

| extend Percent=PercentageScore*100

| summarize avg(Percent) by bin(TimeGenerated,1d), SubscriptionId=_SubscriptionId

| render timechart

Track secure score per control over time by subscription:

SecureScoreControls

| extend Percent=PercentageScore*100

| summarize avg(Percent) by bin(TimeGenerated,1d), ControlName, SubscriptionId=_SubscriptionId

| render timechart

Count unhealthy resources per control and recommendation for each subscription:

SecureScoreControls

| extend SubscriptionId=SecureScoresSubscriptionId

| mv-expand ControlRecommendations

| extend id_ = tostring(parse_json(ControlRecommendations).id)

| extend RecommendationId = extract(@”(.+)/(.+)”, 2, id_)

| join kind=inner (SecurityRecommendation

| extend SubscriptionId=(extract(@”/subscriptions/(.+)/resourceGroups”, 1, AssessedResourceId)

)) on SubscriptionId, RecommendationId

| where RecommendationState == “Unhealthy”

| summarize UnhealthyResources=dcount(AssessedResourceId) by ControlName, RecommendationDisplayName, SubscriptionId

Get all unhealthy resources by control:

SecureScoreControls

| extend SubscriptionId=SecureScoresSubscriptionId

| mv-expand ControlRecommendations

| extend id_ = tostring(parse_json(ControlRecommendations).id)

| extend RecommendationId = extract(@”(.+)/(.+)”, 2, id_)

| join kind=inner (SecurityRecommendation

| extend SubscriptionId=(extract(@”/subscriptions/(.+)/resourceGroups”, 1, AssessedResourceId)

)) on SubscriptionId, RecommendationId

| where RecommendationState == “Unhealthy”

Export to CSV file

You might like to export the results to a CSV file for further offline analysis, sharing with others or for other needs. Follow the steps below to do that:

1. Click on Export.


2. Choose the appropriate export type.

To learn more about Continuous Export, make sure to watch Episode 5 of Azure Security Center in the Field where we give more insights on this feature.

To learn more about Secure Score and how it is calculated, visit secure score documentation.

To learn more about querying Secure Score with Azure Resource Graph visit Querying your Secure Score Across Multiple Subscriptions in Azure Security Center.

Reviewers

Yuri Diogenes, Principal Program Manager (@Yuri Diogenes)

Sulaiman Abu Rashed, Software Engineer

Miri Kreitenberger, Senior Software Engineer Manager

Meital Taran- Gutman, Principal PM Manager (@Meital Taran- Gutman)

The Developer Wish List – #DevDecember

by Contributed | Nov 23, 2020 | Technology

This article is contributed. See the original author and article here.

For many of us around the world, the holiday season is right around the corner!

You may find yourself struggling what gift to get for your friends and family. Chances are that they will want some ideas for you too! My family certainly does, and I have to come up with twice as many ideas since my birthday is also in December! 

This inspired me to reach out to a few of my techy friends to ask what product would be at the top of their wish list if they didn’t already own it. The result? An awesome mix of geeky gadgets and some products that are just for fun.

Please note: This list is not an endorsement of any product nor are we getting compensated for any of this. It’s all just for fun!

1. A copy of GitHub for Dummies that’ll come in handy whether you are looking to learn more about GitHub or want a useful gift to inspire a new developer!

Review: “GitHub is the largest open source community and with the knowledge of how to use GitHub, it opens the doors for folks to contribute to open source projects, collaborate with people on their own projects, and learn from others. I co-wrote this book with Phil Haack because we believe that everyone should have the opportunity to join communities that matter to them. I love that this book not only introduces GitHub features, but also Git on the command line AND how to continue to engage in communities outside of GitHub through conferences and events.” – Dr. Sarah Guthals, @drguthals

2. Whether you are new to coding or a seasoned pro, the Raspberry Pi 400 is bound to bring out your inner geek!

Review: “The Raspberry Pi 400 should be on everyone’s wishlist! It’s a Raspberry Pi in a keyboard similar to the computers I grew up with like the ZX Spectrum. Just plug in a mouse and TV and away you go! Another bonus? It runs VS Code natively!” – Jim Bennett, @jimbobbennett

3. An Instant Pot that essentially cooks your food for you don’t have to order takeout food for the 6^th time this week ;)

Review: “Working from home can be hard. We may find ourselves working weird hours and extra to achieve the same level of productivity, and still wanting to eat healthy and home-cooked food. That’s when an Instant Pot may come handy. It is a pressure-cooker and slow-cooker in one device. I have found it especially useful during those long days when I have lacked motivation to cook. Just put your ingredients in the pot and fire-and-forget. I have enjoyed making vegetables, meat stews and lentils in my Instant Pot.” – Orko Momin, @orktopus

4. The Scott Hanselman recommended ‘Nintendo Switch Travel Pack’ that will get you set up for gaming on the road or on the couch

Review: “I’ve had a Nintendo Switch since launch day and let me tell you, it’s joyful. Joyous. It’s a little joy device. I love 4k Xboxen and raw power as much as the next Jane or Joe Gamer, but the Switch just keeps pumping out happy games. Indie games, Metroidvania games like Axiom Verge, Legend of Zelda: Breath of the Wild (worth the cost of the system) and now, super Mario Odyssey. Even Doom and Wolfenstein 2 are coming to the Switch soon! I’ve travelled already with my Switch all over. Here’s what I’ve come up with for my travels – and my at-home Switch Experience. I owe and use these items personally – and I vouch for their awesomeness and utility.” – Scott Hanselman, @shanselman

5. An Italian chopping knife – aka a Mezzaluna – to cook up something delicious after a long day of coding. Buon appetito!

Review: “For all the lovers of Italian food, this curiously-shaped knife (mezzaluna means half-moon) is perfect for chopping vegetables and making that perfect soffritto for your ragù, meatballs, or my personal favorite, my mom’s famous risotto! Sorry – the recipe is top secret.” – Alessandro Segala, @ItalyPaleAle

6. An Elgato Stream Deck to help you start or step-up your streaming game

Review: “The Stream Deck is a small programmable external keyboard with LCD buttons that comes with an initial configuration to help live-video streamers run their shows without having to change applications, type, or move their mouse. It can help you by automating interactions with Open Broadcaster Software (OBS), play sounds, launch applications, manage media player applications, send key strokes, and interact with services like Twitter, Twitch, and YouTube.  There are built-in tools to run a whole series of these actions with a single button push, and every button can have a custom blog of text or image to represent its functionality. Developers LOVE the stream deck because it is very extensible through a WebSocket API using JavaScript, HTML, or even C# to build plugins that will allow you to create animations, macros, and interactions with your favorite tools.  We’ve seen folks set up buttons to start and stop applications as well as to automate features in their favorite development tools.” – Jeff Fritz, @csharpfritz

7. A good ole’ fashion fountain pen that’ll make you actually want to write out your to-do list

Review: “I love the way a solid, old-school, pen compels me to write things down. Because I like writing with the pen so much, I started evaluating my days in a Self Journal even planning what I want to accomplish the next day. It’s been semi-therapeutic as well during our funky pandemic time where everything seems to roll together oddly: this helps me see progress and helps with purpose.” – Seth Juarez, @sethjuarez

8. A mini handheld fan that is perfect for maker/DIY projects or even just to cool you down during never-ending meetings 

Review: “This fan has been one of my favorite recent purchases! Not only does it keep me cool/give me wind-swept music video hair while on streams/Teams meetings, but I use it around the house, too! I recently put together a maker cabinet (for all my crafts, IoT projects, etc), and this fan has solved the problem of waiting for paint/glue/soldering projects to dry and cool. The wrapping stand also makes it easy to clamp onto whatever surface (computer/desk/DIY station) you need!” – Chloe Condon, @ChloeCondon

9. A heated vest to keep you warm during the cold months of the year or on your next plane ride (whenever that may be)

Review: “Back a long, long, time ago – when I was still traveling by plane on a frequent basis (aka up until January 2020) – I saw a woman wearing a glowing vest while waiting for her luggage, so naturally, I had to ask her about it. I wrote down the brand and ordered one for myself while I waited for my ride. The vest is cute, good quality, and most importantly, warm. It has three different heat levels and the battery lasts for hours on a single charge (the battery can also double as a portable USB charger). The vest comes in men’s and women’s styles and the company makes other heated products too like sweatshirts, parkas, gloves, and yes, even socks. So, if you are perpetually cold like me, or know someone who is, I highly recommend checking these out!” – Morgan Mitchell Bell, @livelovegeek 

So, that’s it! What caught your attention? Is there anything that you’d add to this list? Let us know in the comments below!

Oh, and while you’re here, make sure you follow along with #DevDecember on Twitter. We will be sharing cool content, fun activities, and more throughout the month of December. If you want a sneak peek of some of the fun we are planning, check out our #DevDecember homepage (plus, we’ve already posted some of the digital swag ?).

The Developer Wishlist – #DevDecember

by Contributed | Nov 23, 2020 | Technology

This article is contributed. See the original author and article here.

For many of us around the world, the holiday season is right around the corner!

You may find yourself struggling what gift to get for your friends and family. Chances are that they will want some ideas for you too! My family certainly does, and I have to come up with twice as many ideas since my birthday is also in December! :grinning_face_with_sweat:

This inspired me to reach out to a few of my techy friends to ask what product would be at the top of their wish list if they didn’t already own it. The result? An awesome mix of geeky gadgets and some products that are just for fun.

Please note: This list is not an endorsement of any product nor are we getting compensated for any of this. It’s all just for fun! :smiling_face_with_smiling_eyes:

1. A copy of GitHub for Dummies that’ll come in handy whether you are looking to learn more about GitHub or want a useful gift to inspire a new developer!

Review: “GitHub is the largest open source community and with the knowledge of how to use GitHub, it opens the doors for folks to contribute to open source projects, collaborate with people on their own projects, and learn from others. I co-wrote this book with Phil Haack because we believe that everyone should have the opportunity to join communities that matter to them. I love that this book not only introduces GitHub features, but also Git on the command line AND how to continue to engage in communities outside of GitHub through conferences and events.” – Dr. Sarah Guthals, @drguthals

2. Whether you are new to coding or a seasoned pro, the Raspberry Pi 400 is bound to bring out your inner geek!

Review: “The Raspberry Pi 400 should be on everyone’s wishlist! It’s a Raspberry Pi in a keyboard similar to the computers I grew up with like the ZX Spectrum. Just plug in a mouse and TV and away you go! Another bonus? It runs VS Code natively! :party_popper:” – Jim Bennett, @jimbobbennett

3. An Instant Pot that essentially cooks your food for you don’t have to order takeout food for the 6^th time this week ;)

Review: “Working from home can be hard. We may find ourselves working weird hours and extra to achieve the same level of productivity, and still wanting to eat healthy and home-cooked food. That’s when an Instant Pot may come handy. It is a pressure-cooker and slow-cooker in one device. I have found it especially useful during those long days when I have lacked motivation to cook. Just put your ingredients in the pot and fire-and-forget. I have enjoyed making vegetables, meat stews and lentils in my Instant Pot.” – Orko Momin, @orktopus

4. The Scott Hanselman recommended ‘Nintendo Switch Travel Pack’ that will get you set up for gaming on the road or on the couch

Review: “I’ve had a Nintendo Switch since launch day and let me tell you, it’s joyful. Joyous. It’s a little joy device. I love 4k Xboxen and raw power as much as the next Jane or Joe Gamer, but the Switch just keeps pumping out happy games. Indie games, Metroidvania games like Axiom Verge, Legend of Zelda: Breath of the Wild (worth the cost of the system) and now, super Mario Odyssey. Even Doom and Wolfenstein 2 are coming to the Switch soon! I’ve travelled already with my Switch all over. Here’s what I’ve come up with for my travels – and my at-home Switch Experience. I owe and use these items personally – and I vouch for their awesomeness and utility.” – Scott Hanselman, @shanselman

5. An Italian chopping knife – aka a Mezzaluna – to cook up something delicious after a long day of coding. Buon appetito!

Review: “For all the lovers of Italian food, this curiously-shaped knife (mezzaluna means half-moon) is perfect for chopping vegetables and making that perfect soffritto for your ragù, meatballs, or my personal favorite, my mom’s famous risotto! Sorry – the recipe is top secret :speak_no_evil_monkey:” – Alessandro Segala, @ItalyPaleAle

6. An Elgato Stream Deck to help you start or step-up your streaming game

Review: “The Stream Deck is a small programmable external keyboard with LCD buttons that comes with an initial configuration to help live-video streamers run their shows without having to change applications, type, or move their mouse. It can help you by automating interactions with Open Broadcaster Software (OBS), play sounds, launch applications, manage media player applications, send key strokes, and interact with services like Twitter, Twitch, and YouTube.  There are built-in tools to run a whole series of these actions with a single button push, and every button can have a custom blog of text or image to represent its functionality. Developers LOVE the stream deck because it is very extensible through a WebSocket API using JavaScript, HTML, or even C# to build plugins that will allow you to create animations, macros, and interactions with your favorite tools.  We’ve seen folks set up buttons to start and stop applications as well as to automate features in their favorite development tools.” – Jeff Fritz, @csharpfritz

7. A good ole’ fashion fountain pen that’ll make you actually want to write out your to-do list

Review: “I love the way a solid, old-school, pen compels me to write things down. Because I like writing with the pen so much, I started evaluating my days in a Self Journal even planning what I want to accomplish the next day. It’s been semi-therapeutic as well during our funky pandemic time where everything seems to roll together oddly: this helps me see progress and helps with purpose.” – Seth Juarez, @sethjuarez

8. A mini handheld fan that is perfect for maker/DIY projects or even just to cool you down during never-ending meetings ?‍:female_sign:

Review: “This fan has been one of my favorite recent purchases! Not only does it keep me cool/give me wind-swept music video hair while on streams/Teams meetings, but I use it around the house, too! I recently put together a maker cabinet (for all my crafts, IoT projects, etc), and this fan has solved the problem of waiting for paint/glue/soldering projects to dry and cool. The wrapping stand also makes it easy to clamp onto whatever surface (computer/desk/DIY station) you need!” – Chloe Condon, @ChloeCondon

9. A heated vest to keep you warm during the cold months of the year or on your next plane ride (whenever that may be) :fire:

Review: “Back a long, long, time ago – when I was still traveling by plane on a frequent basis (aka up until January 2020) – I saw a woman wearing a glowing vest while waiting for her luggage, so naturally, I had to ask her about it. I wrote down the brand and ordered one for myself while I waited for my ride. The vest is cute, good quality, and most importantly, warm. It has three different heat levels and the battery lasts for hours on a single charge (the battery can also double as a portable USB charger). The vest comes in men’s and women’s styles and the company makes other heated products too like sweatshirts, parkas, gloves, and yes, even socks. So, if you are perpetually cold like me, or know someone who is, I highly recommend checking these out!” – Morgan Mitchell Bell, @livelovegeek 

So, that’s it! What caught your attention? Is there anything that you’d add to this list? Let us know in the comments below!

Oh, and while you’re here, make sure you follow along with #DevDecember on Twitter. We will be sharing cool content, fun activities, and more throughout the month of December. If you want a sneak peek of some of the fun we are planning, check out our #DevDecember homepage (plus, we’ve already posted some of the digital swag ?).