- Published 5/22/2018
- 1st Edition
Discover high-value Azure security insights, tips, and operational optimizations
This book presents comprehensive Azure Security Center techniques for safeguarding cloud and hybrid environments. Leading Microsoft security and cloud experts Yuri Diogenes and Dr. Thomas Shinder show how to apply Azure Security Center’s full spectrum of features and capabilities to address protection, detection, and response in key operational scenarios. You’ll learn how to secure any Azure workload, and optimize virtually all facets of modern security, from policies and identity to incident response and risk management. Whatever your role in Azure security, you’ll learn how to save hours, days, or even weeks by solving problems in most efficient, reliable ways possible.
Two of Microsoft’s leading cloud security experts show how to:
• Assess the impact of cloud and hybrid environments on security, compliance, operations, data protection, and risk management
• Master a new security paradigm for a world without traditional perimeters
• Gain visibility and control to secure compute, network, storage, and application workloads
• Incorporate Azure Security Center into your security operations center
• Integrate Azure Security Center with Azure AD Identity Protection Center and third-party solutions
• Adapt Azure Security Center’s built-in policies and definitions for your organization
• Perform security assessments and implement Azure Security Center recommendations
• Use incident response features to detect, investigate, and address threats
• Create high-fidelity fusion alerts to focus attention on your most urgent security issues
• Implement application whitelisting and just-in-time VM access
• Monitor user behavior and access, and investigate compromised or misused credentials
• Customize and perform operating system security baseline assessments
• Leverage integrated threat intelligence to identify known bad actors
Online Sample Chapter
Using Security Center for incident response
Sample Pages
Download the sample pages (includes Chapter 5)
Table of Contents
Chapter 1: Threat Landscape
Chapter 2: Introduction to Azure Security Center
Chapter 3: Policy Management
Chapter 4: Mitigating Security Issues
Chapter 5: Using Security Center for Incident Response
Chapter 6: Advanced Cloud Defense
Chapter 7: Security incident and event management (SIEM) integration with Splunk
Chapter 8: Monitoring Identity and Access
Chapter 9: Using Threat Intelligence to Identity Security Issues
Appendix A: Using multiple workspaces in Security Center
Appendix B: Customizing your Operating System Security Baseline Assessment