Hi, remove public access to VMs and only access them via Azure Bastion or a private jump host with Just-In-Time on 22/3389; on Linux use SSH only with a key (Ed25519), disable password and root (no PasswordAuthentication, no PermitRootLogin, few MaxAuthTries), on Windows RDP with NLA; enable Enter ID login for Windows/Linux to apply MFA and Conditional Access; close everything in NSG and only allow the minimum, if possible put an Azure Firewall in front with egress “deny by default”; no shared accounts: use PIM for JIT admins and LAPS for local admins; update and apply CIS baselines, encrypt disks, backup keys; enable Defender for Servers/EDR, send logs (Sysmon/auditd/NSG flow) to Sentinel with alerts on failed logins/escalations/new ports; keep a single, super-protected cloud-only “break-glass” account; Avoid "miracle" tools that insert drivers/hooks into the kernel: they often break and blind the EDR. If you tell me what the situation is today (Bastion yes/no, NSG, Entra)
Want to make your accounts more secure?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 82%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERG%3C/text%3E%3C/svg%3E)
Roger Gong
0
Reputation points
For Linux and Windows server, if you want to make remote login accounts on them more secure, use ssh server on them, disable all other remote login services, our solution can make them well protected.
And for Linux, our security software can beat any other vendors' security solution make it more secure. as when you run our security commands, they alll will make the whole system more secure, as it will detect and kill not only the strace/debuggers that are used for only targets one process, but also those targeting multiple processes ones: dtrace, systemtap, bcc, bpftrace, uprobe, kprobe, memory snoopers that read from the /dev/[k]mem, /proc/kcore. And when you use our gencert/secrun commands to run 3rd party commands, it can prevent software-based attacks to the 3rd party commands, including Trojan Horse attacks.
Microsoft Security | Microsoft Purview
1 answer
Sort by: Most helpful
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 25%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
Michele Ariis 4,505 Reputation points MVP2025-08-27T07:48:15.31+00:00 -
Roger Gong 0 Reputation points
2025-08-27T22:41:10.72+00:00 just use ssh to remote login is not good enough: the private key if no passphrase protection, then when malicious person get the key, can use it on other machines to attack the account. If it has a passphrase protection, but on Linux, attackers could easily use a script to capture the passphrase the user entered. So it's still not so secure. Check our demos at Youtube you will understand why our software is much better than any other vendors' solutions: https://youtube.com/@WZISSoftware
Sign in to comment -