Microsoft Azure Security Center

Description

Reflecting updates through fall 2020, this book presents comprehensive Azure Security Center techniques for safeguarding cloud and hybrid environments. Leading Microsoft Azure experts Yuri Diogenes and TomJanetscheck help students apply Azure Security Center’s robust protection,detection, and response capabilities in key operational scenarios. Studentswill learn how to take full advantage of recently introduced ASC components,feature enhancements, and deployment scenarios, as students address today’slatest threat vectors. Diogenes and Janetscheck walk students through securingany Azure workload, and strengthening security in everything from policies andidentity to incident response and risk management.

• Insider insights, tips, tricks and operationaloptimizations only available from full-time members of Microsoft’s AzureSecurity Center team
• New and revised coverage of using Azure SecurityCenter with Azure Virtual Machines and Virtual Networks, Azure SQL, Azure Websites and apps, logging, auditing, and storage
• Covers Cloud Security Posture Management,Microsoft’s Cloud Workload Protection Platform, integration with the AzureSentinel SIEM/SOAR, advanced security automation, deployment at scale,third-party security tool integration, and much more

Yuri Diogenes, MsC

Yuri has a Master of Science in cybersecurity intelligence and forensics investigation (Utica College) and is the principal program manager for the Microsoft CxE ASC Team, where he primarily helps customers onboard and deploy Azure Security Center and Azure Defender as part of their security operations/incident responses. Yuri has been working in different positions for Microsoft since 2006, including five years as senior support escalation engineer in CSS Forefront Edge Team, and from 2011 to 2017 in the content development team, where he also helped create the Azure Security Center content experience since its GA launch in 2016. Yuri has published a total of 24 books, mostly about information security and Microsoft technologies. Yuri also holds an MBA and many IT/Security industry certifications such as CISSP, E|CND, E|CEH, E|CSA, E|CHFI, CompTIA Security+, CySA+, Cloud Essentials Certified, Mobility+, Network+, CASP, CyberSec First Responder, MCSE, and MCTS. You can follow Yuri on Twitter at @yuridiogenes.

Tom Janetscheck

Tom is a senior program manager for Microsoft’s Azure Security Center CxE Team, where he works with his friend Yuri helping customers onboard and deploy Azure Security Center and Azure Defender. As a former Microsoft MVP, Tom joined the team during COVID-19 in Spring 2020, and he deeply misses in-person conferences because he loves to speak to audiences all over the world. With almost 20 years of experience in various IT admin and consulting roles, Tom has a deep background in IT infrastructure and security, and he holds various certifications, including MCSE and MCTS. When Tom is not writing a book, preparing a conference or user group session, or helping his customers onboard ASC, he is an enthusiastic motorcyclist and musician; he plays guitar, bass, and drums. He also volunteers as a firefighter at the local fire department and can usually be met attending rock concerts all over the place. You can follow Tom on Twitter at @azureandbeyond.

• 50%+ rewritten: fully reflects new Azure Security Center components announced in September 2020, new threat vectors, and new deployment scenarios
• Covers Cloud Security Posture Management, the Cloud Workload Protection Platform, Azure Sentinel integration, security automation, and more
• Shows how to use today’s Azure Security Center with Azure Virtual Machines and Virtual Networks, Azure SQL, Azure Web sites and apps, logging and auditing, storage, and more
• Intuitive, step-by-step walkthroughs help students make the most of Azure Security Center in real-world environments
• Helps students integrate third-party solutions to create their ultimate hybrid security system

The definitive practical guide to Azure Security Center, 50%+ rewritten for new features, capabilities, and threats

Extensively revised for updates through spring 2021 this guide will help you safeguard cloud and hybrid environments at scale. Two Azure Security Center insiders help you apply Microsoft’s powerful new components and capabilities to improve protection, detection, and response in key operational scenarios. You’ll learn how to secure any workload, respond to new threat vectors, and address issues ranging from policies to risk management.

This edition contains new coverage of all Azure Defender plans for cloud workload protection, security posture management with Secure Score, advanced automation, multi-cloud support, integration with Azure Sentinel, APIs, and more. Throughout, you’ll find expert insights, tips, tricks, and optimizations straight from Microsoft’s ASC team. They’ll help you solve cloud security problems far more effectively—and save hours, days, or even weeks.

Two of Microsoft’s leading cloud security experts show how to:

• Understand today’s threat landscape, cloud weaponization, cyber kill chains, and the need to “assume breach”
• Integrate Azure Security Center to centralize and improve cloud security, even if you use multiple cloud providers
• Leverage major Azure Policy improvements to deploy, remediate, and protect at scale
• Use Secure Score to prioritize actions for hardening each workload
• Enable Azure Defender plans for different workloads, including Storage, KeyVault, App Service, Kubernetes and more
• Monitor IoT solutions, detect threats, and investigate suspicious activities on IoT devices
• Reduce attack surfaces via just-in-time VM access, file integrity monitoring, and other techniques
• Route Azure Defender alerts to Azure Sentinel or a third-party SIEM for correlation and action
• Access alerts via HTTP, using ASC’s REST API and the Microsoft Graph Security API
• Reliably deploy resources at scale, using JSON-based ARM templates

About This Book

For architects, designers, implementers, operations professionals, developers, and security specialists working in Microsoft Azure cloud or hybrid environments

For all IT professionals and decisionmakers concerned with the security of Azure environments

Introduction 1. The threat landscape 2. Introduction to Azure Security Center 3. Policy management 4. Strengthening your security posture 5. Azure Defender 6. Azure Defender for IoT 7. Reducing the attack surface 8. SIEM integration 9. Accessing security alerts from API 10. Deploying Azure Security Center at scale

Additional information