Cyber security on Azure, an it professional's guide to Microsoft Azure security, Marshall Copeland, Matthew Jacobs
Type
Label
Cyber security on Azure, an it professional's guide to Microsoft Azure security, Marshall Copeland, Matthew Jacobs
Language
eng
Index
index present
Literary Form
non fiction
Main title
Cyber security on Azure
Nature of contents
dictionaries
Oclc number
11227448974
Responsibility statement
Marshall Copeland, Matthew Jacobs
Sub title
an it professional's guide to Microsoft Azure security
Summary
Prevent destructive attacks to your Azure public cloud infrastructure, remove vulnerabilities, and instantly report cloud security readiness. This book provides comprehensive guidance from a security insider's perspective. Cyber Security on Azure supports cloud security operations and cloud security architects by supplying a path to clearly identify potential vulnerabilities to business assets and reduce security risk in Microsoft Azure subscription. This updated edition explores how to "lean-in" and recognize challenges with IaaS and PaaS for identity, networks, applications, virtual machines, databases, and data encryption to use the variety of Azure security tools. You will dive into Azure Cloud Security to guide cloud operations teams to become more security focused in many areas and laser focused on security configuration. New chapters cover Azure Kubernetes Service and Container security and you will get up and running quickly with an overview of Azure Sentinel SIEM Solution. You will: Understand enterprise privileged identity and security policies "Shift left" with security controls in Microsoft Azure Configure intrusion detection and alerts Reduce security risks using Azure Security Service
Table Of Contents
Intro -- Table of Contents -- About the Authors -- About the Technical Reviewer -- Acknowledgments -- Introduction -- Part I: Zero Trust Cloud Security -- Chapter 1: Reduce Cyber Security Vulnerabilities: Identity Layer -- Azure Cloud Relations: Tenant, Subscription, Resources -- Azure Tenant Security -- Azure Subscription Security -- Azure API Security -- Azure Resource Locks -- Managing Azure Active Directory: Users and Groups -- Azure Users -- Azure Groups -- Azure Active Directory: OAuth, SAML, AD Connect -- OAuth -- SAML -- AD Connect -- Federation with ADFS -- Non-federationSecurity Measures -- Azure Application Permission Scopes -- Configure Multi-Factor Authentication -- Enabling Security Defaults -- Self-Service Password Reset -- Conditional Access Policies -- Azure AD Privileged Identity Management -- Summary -- Chapter 2: Azure Network Security Configuration -- Virtual Network Overview -- VNets -- Network Security Group -- VNet Security Best Practices -- Network Peering -- Application Security Groups -- TCP/IP Port Vulnerability -- Azure Front Door Service -- Remote Access Management -- Azure Bastion Host -- SummaryChapter 3: Reduce Cyber Security Vulnerabilities: IaaS and Data -- Azure Security with IaC -- ARM Development -- Harden Azure VMs -- Patching the VM Directly -- VM Security and Endpoint Protection -- Database Security -- DB Best Practices -- DB Authentication -- Database Auditing -- Storage Accounts -- Shared Access Signatures -- Key Management -- Summary -- Part II: Azure Cloud Security Operations -- Chapter 4: Configure Azure Monitoring for Blue Team Hunting -- Azure Data Platform -- Azure Logs -- Azure Metrics -- Azure Monitor and Log Analytics EnablementLog Analytics Workspace Security Strategy -- Guest OS Metrics and Logs -- Connecting Data Sources to Log Analytics Workspace -- Summary -- Chapter 5: Azure Security Center and Azure Sentinel -- Cloud Security Challenges -- Enable Security -- Configuration Value -- Standard Tier Advantages -- Just-in-Time Access -- Advanced Threat Detection -- Anomaly Detection -- Crash Analysis -- Threat Intelligence -- Behavioral Analysis -- Configure Alerting -- Using Security Center -- Compute and Apps -- Network -- Data and Storage -- Azure Sentinel -- Connect to Data Streams -- Using Azure SentinelLogs Pane -- Analytics Pane -- Hunting -- Summary -- Chapter 6: Azure Kubernetes Services: Container Security -- Microservices -- Containers, Docker, and Kubernetes -- Azure Kubernetes Services and Security -- Authentication -- Container Security -- AKS Security with Security Center and Sentinel -- Kubernetes Security with Azure Policy -- Summary -- Chapter 7: Security Governance Operations -- Azure Governance Architecture -- Management Groups -- Azure Policy -- Compliance Reporting -- Assignments -- Blueprints -- Role-Based Access Control -- Azure Cost Management -- Data Governance
Contributor
Creator
Content
Author
Mapped to
Incoming Resources
- Has instance2
Outgoing Resources
- Contributor1
- Creator1
- Subject3
- Content1
- Author1
- Mapped to2