"Foreword by Bharat Shah, CVP Cloud Security at Microsoft"--Cover. Previous edition: published 2018.
Contents:
The threat landscape -- Introduction to Azure Security Center -- Policy management -- Strengthening your security posture -- Azure Defender -- Azure Defender for IoT -- Reducing the attack surface -- SIEM integration -- Accessing security alerts from API -- Deploying Azure Security Center at scale.
Summary:
"The definitive practical guide to Azure Security Center, 50%+ rewritten for new features, capabilities, and threats. Extensively revised for updates through spring 2021 this guide will help you safeguard cloud and hybrid environments at scale. Two Azure Security Center insiders help you apply Microsoft's powerful new components and capabilities to improve protection, detection, and response in key operational scenarios. You'll learn how to secure any workload, respond to new threat vectors, and address issues ranging from policies to risk management. This edition contains new coverage of all Azure Defender plans for cloud workload protection, security posture management with Secure Score, advanced automation, multi-cloud support, integration with Azure Sentinel, APIs, and more. Throughout, you'll find expert insights, tips, tricks, and optimizations straight from Microsoft's ASC team. They'll help you solve cloud security problems far more effectively--and save hours, days, or even weeks. Two of Microsoft's leading cloud security experts show how to: Understand today's threat landscape, cloud weaponization, cyber kill chains, and the need to "assume breach" ; Integrate Azure Security Center to centralize and improve cloud security, even if you use multiple cloud providers ; Leverage major Azure Policy improvements to deploy, remediate, and protect at scale ; Use Secure Score to prioritize actions for hardening each workload ; Enable Azure Defender plans for different workloads, including Storage, KeyVault, App Service, Kubernetes and more ; Monitor IoT solutions, detect threats, and investigate suspicious activities on IoT devices ; Reduce attack surfaces via just-in-time VM access, file integrity monitoring, and other techniques ; Route Azure Defender alerts to Azure Sentinel or a third-party SIEM for correlation and action ; Access alerts via HTTP, using ASC's REST API and the Microsoft Graph Security API ; Reliably deploy resources at scale, using JSON-based ARM templates." -- Provided by publisher.
This resource is supported by the Institute of Museum and Library Services under the provisions of the Library Services and Technology Act as administered by State Library of Iowa.