![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(179.20000000000002, 19%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER2%3C/text%3E%3C/svg%3E)
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,412 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(185.6, 63%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAG%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 32%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
Hi RajivBansal-2486,
Thanks for the detailed response back
Below are some of the in-built securities in Application Insights.
1.Application Insights now supports Microsoft Entra authentication. By using Microsoft Entra ID, you can ensure that only authenticated telemetry is ingested in your Application Insights resources.
Refer: https://zcusa.951200.xyz/en-us/azure/azure-monitor/app/azure-ad-authentication?tabs=net
2.Managing personal data in Azure Monitor Logs and Application Insights
Refer: https://zcusa.951200.xyz/en-us/azure/azure-monitor/logs/personal-data-mgmt
3.Control network traffic Consider private connectivity for accessing Azure services. Private connectivity effectively isolates your traffic from the public internet. Data flows for private networking include both data ingestion and query operations, each targeting distinct endpoints. These endpoints can be managed independently. This approach allows you to configure private ingestion while maintaining public query access, or vice versa. By doing so, you can apply defense-in-depth principles by creating localized network controls at all available network boundaries.
Refer: https://zcusa.951200.xyz/en-us/azure/well-architected/service-guides/application-insights
1.Is security using OWASP rules as provided by Web Application Firewall required?
A) We require WAF to be enabled The WAF uses OWASP rules to protect your Container Apps not your application insights. These rules include protection against attacks such as SQL injection, cross-site scripting attacks, and session hijacks.
Refer: https://zcusa.951200.xyz/en-us/azure/web-application-firewall/ag/ag-overview
2.Is security from malicious IPs or BOTs required?
A) Microsoft's default security measures include blocking malicious IPs, applying OWASP security rules, and defending against bot attacks
let us know if you have any further queries. I’m happy to assist you further.
Please do not forget to "Accept the answer” wherever the information provided helps you, this can be beneficial to other community members.