There are many options when you want to enhance the security of your VMs . Here are a few options that when configured correctly will greatly improve your security posture.
Reduce open network ports:
- Use Just-in-Time to avoid exposure of management ports
- Limit open ports with adaptive network hardening
Protect against malware:
- Block malware with adaptive application controls
- Built-in Microsoft Defender ATP EDR
- Crash dump analysis and fileless attack detection
Use the built-in vulnerability assessment for VMs:
- Automated deployment of the vulnerability scanner
- Continuously scans installed applications to find vulnerabilities
- Visibility to the vulnerability findings in Security Center portal and APIs