Book Image

Mastering Azure Security - Second Edition

By : Mustafa Toroman, Tom Janetscheck
Book Image

Mastering Azure Security - Second Edition

By: Mustafa Toroman, Tom Janetscheck

Overview of this book

Security is integrated into every cloud, but this makes users put their guard down as they take cloud security for granted. Although the cloud provides higher security, keeping their resources secure is one of the biggest challenges many organizations face as threats are constantly evolving. Microsoft Azure offers a shared responsibility model that can address any challenge with the right approach. Revised to cover product updates up to early 2022, this book will help you explore a variety of services and features from Microsoft Azure that can help you overcome challenges in cloud security. You'll start by learning the most important security concepts in Azure, their implementation, and then advance to understanding how to keep resources secure. The book will guide you through the tools available for monitoring Azure security and enforcing security and governance the right way. You'll also explore tools to detect threats before they can do any real damage and those that use machine learning and AI to analyze your security logs and detect anomalies. By the end of this cloud security book, you'll have understood cybersecurity in the cloud and be able to design secure solutions in Microsoft Azure.

Related Content you might be interested in

Current Title:

Small book image
Mastering Azure Security - Second Edition
Mustafa Toroman | Tom Janetscheck
Apr, 2022 | 320 pages
Small book image
Microsoft Defender for Cloud Cookbook
Sasha Kranjac
Jul, 2022 | 314 pages
Small book image
Microsoft Azure Security Technologies Certification and Beyond
David Okeyode
Nov, 2021 | 526 pages
Small book image
Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900
Dwayne Natwick
May, 2022 | 404 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Download the example code files
Conventions used
Get in touch
Share Your Thoughts
1
Section 1: Identity and Governance
Section 1: Identity and Governance
Free Chapter
2
Chapter 1: An Introduction to Azure Security
Chapter 1: An Introduction to Azure Security
Exploring the shared responsibility model
Physical security
Azure network
Azure infrastructure availability
Azure infrastructure integrity
Azure infrastructure monitoring
Understanding Azure security foundations
Summary
Questions
3
Chapter 2: Governance and Security
Chapter 2: Governance and Security
Understanding governance in Azure
Using common sense to avoid mistakes
Using management locks
Using management groups for governance
Understanding Azure Policy
Defining Azure blueprints
Azure Resource Graph
Summary
Questions
4
Chapter 3: Managing Cloud Identities
Chapter 3: Managing Cloud Identities
Exploring passwords and passphrases
Understanding MFA
Introducing security defaults
Using Conditional Access
Introducing Azure AD Identity Protection
Understanding role-based access control
Protecting admin accounts with Azure AD PIM
Hybrid authentication and Single Sign-On
Understanding passwordless authentication
Licensing considerations
Summary
Questions
5
Section 2: Cloud Infrastructure Security
Section 2: Cloud Infrastructure Security
6
Chapter 4: Azure Network Security
Chapter 4: Azure Network Security
Understanding Azure Virtual Network
Private endpoints
Considering other VNet security options
Summary
Questions
7
Chapter 5: Azure Key Vault
Chapter 5: Azure Key Vault
Understanding Azure Key Vault
Understanding service-to-service authentication
Using Azure Key Vault in deployment scenarios
Summary
Questions
8
Chapter 6: Data Security
Chapter 6: Data Security
Technical requirements
Understanding Azure Storage
Understanding Azure virtual machine disks
Working on Azure SQL Database
Summary
Questions
9
Section 3: Security Management
Section 3: Security Management
10
Chapter 7: Microsoft Defender for Cloud
Chapter 7: Microsoft Defender for Cloud
Introducing Microsoft Defender for Cloud
Cloud Security Posture Management with Defender for Cloud
Custom policies and (regulatory) compliance
Cloud workload protection and multi-cloud capabilities
Automating security
Summary
Questions
11
Chapter 8: Microsoft Sentinel
Chapter 8: Microsoft Sentinel
Introduction to SIEM
Getting started with Microsoft Sentinel
Microsoft Sentinel automation
Creating workbooks
Summary
Questions
12
Chapter 9: Security Best Practices
Chapter 9: Security Best Practices
Log Analytics design considerations
Understanding Azure SQL Database security features
Security in Azure App Service
Storage account access keys
Summary
Questions
13
Assessments
Assessments
Chapter 1 – An Introduction to Azure Security
Chapter 2 – Governance and Security
Chapter 3 – Managing Cloud Identities
Chapter 4 – Azure Network Security
Chapter 5 – Azure Key Vault
Chapter 6 – Data Security
Chapter 7 – Microsoft Defender for Cloud
Chapter 8 – Microsoft Sentinel
Chapter 9 – Security Best Practices
Why subscribe?
14
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Azure infrastructure monitoring

All hardware, software, and network devices in Azure data centers are constantly reviewed and updated. Reviews and updates are performed mandatorily at least once a year, but additional reviews and updates are performed as needed. Any changes (to hardware, software, or the network) must go through the release management process and need to be developed, tested, and approved in development and test environments prior to release to production. In this process, all changes must be reviewed and approved by the Azure security and compliance team.

All Azure data centers use integrated deployment systems for the distribution and installation of security updates for all software provided by Microsoft. If third-party software is used, the customer or software manufacturer is responsible for security updates, depending on how the software is provided and used. For example, if third-party software is installed using Azure Marketplace, the manufacturer is responsible for providing updates. If the software is manually installed, then it depends on the specific software. For Microsoft software, a special team within Microsoft, named Microsoft Security Response Center, is responsible for monitoring and identifying any security incident 24/7/365. Furthermore, any incident must be resolved in the shortest possible time frame.

Vulnerability scanning is performed across the Azure infrastructure (servers, databases, and network) at least once every quarter. If there is a specific issue or incident, vulnerability scanning is performed more often. Microsoft performs penetration tests, but also hires independent consultants to perform penetration tests. This ensures that nothing goes undetected. Any security issues are addressed immediately in order to increase security and stop any exploit when the issue is detected.

In case of any security issue, Microsoft has incident management in place. In the event that Microsoft is aware of a security issue, it takes the following action:

  1. The customer is notified of the incident.
  2. An immediate investigation is started to provide detailed information regarding the security incident.
  3. Steps are taken to mitigate the effects and minimize the damage of the security incident.

Incident management is clearly defined in order to manage, escalate, and resolve all security incidents promptly.

Previous Section
End of Section 7
Next Section