Η Microsoft announced today that Advanced Threat Protection (ATP) for Azure Storage now enables customers to protect their data stored in shared Azure Files and Azure Data Lake Storage Gen2 API data stores.
Advanced Threat Protection (ATP) for Azure Storage is designed as an additional level of security information, with the aim of detecting any malware uploaded to storage accounts in cloud, access from suspicious sources (including its output nodes TOR) and possible malicious and harmful data removal activities.
Security alerts issued by ATP to Azure Storage when abnormalities are detected in a customer's storage account activity are emailed to administrators and integrated into the Azure Security Center for the Azure tenant. In addition, these alerts include details of any suspicious activity, as well as research and remediation proposals that allow unsuspecting security clients to properly deal with identified threats. Alerts describe, among other things, possible signs of data collection or removal, exploitation, or attempts to move sideways to other clouds services of Azure. ATP for Azure Storage should be enabled for everyone accounts storage containing shared archives and blob containers, which must be protected.
The ATP for Azure Storage was released in a public preview in October 2018, while it became generally available in March 2019, for Blob storage, Azure Files, Azure Data Lake Storage Gen2, block blob and Blob storage accounts.
The ATP for Azure Storage is available on all public clouds as well as their government clouds USA, but can not be used in other sovereign or Azure Government cloud areas.
Finally, you can find a free ATP for a 30-day Azure Storage test and pricing information through Azure Security Center invoice page.