Book Image

Mastering Azure Security - Second Edition

By : Mustafa Toroman, Tom Janetscheck
Book Image

Mastering Azure Security - Second Edition

By: Mustafa Toroman, Tom Janetscheck

Overview of this book

Security is integrated into every cloud, but this makes users put their guard down as they take cloud security for granted. Although the cloud provides higher security, keeping their resources secure is one of the biggest challenges many organizations face as threats are constantly evolving. Microsoft Azure offers a shared responsibility model that can address any challenge with the right approach. Revised to cover product updates up to early 2022, this book will help you explore a variety of services and features from Microsoft Azure that can help you overcome challenges in cloud security. You'll start by learning the most important security concepts in Azure, their implementation, and then advance to understanding how to keep resources secure. The book will guide you through the tools available for monitoring Azure security and enforcing security and governance the right way. You'll also explore tools to detect threats before they can do any real damage and those that use machine learning and AI to analyze your security logs and detect anomalies. By the end of this cloud security book, you'll have understood cybersecurity in the cloud and be able to design secure solutions in Microsoft Azure.

Related Content you might be interested in

Current Title:

Small book image
Mastering Azure Security - Second Edition
Mustafa Toroman | Tom Janetscheck
Apr, 2022 | 320 pages
Small book image
Microsoft Defender for Cloud Cookbook
Sasha Kranjac
Jul, 2022 | 314 pages
Small book image
Microsoft Azure Security Technologies Certification and Beyond
David Okeyode
Nov, 2021 | 526 pages
Small book image
Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900
Dwayne Natwick
May, 2022 | 404 pages
Table of Contents (15 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Download the example code files
Conventions used
Get in touch
Share Your Thoughts
1
Section 1: Identity and Governance
Section 1: Identity and Governance
Free Chapter
2
Chapter 1: An Introduction to Azure Security
Chapter 1: An Introduction to Azure Security
Exploring the shared responsibility model
Physical security
Azure network
Azure infrastructure availability
Azure infrastructure integrity
Azure infrastructure monitoring
Understanding Azure security foundations
Summary
Questions
3
Chapter 2: Governance and Security
Chapter 2: Governance and Security
Understanding governance in Azure
Using common sense to avoid mistakes
Using management locks
Using management groups for governance
Understanding Azure Policy
Defining Azure blueprints
Azure Resource Graph
Summary
Questions
4
Chapter 3: Managing Cloud Identities
Chapter 3: Managing Cloud Identities
Exploring passwords and passphrases
Understanding MFA
Introducing security defaults
Using Conditional Access
Introducing Azure AD Identity Protection
Understanding role-based access control
Protecting admin accounts with Azure AD PIM
Hybrid authentication and Single Sign-On
Understanding passwordless authentication
Licensing considerations
Summary
Questions
5
Section 2: Cloud Infrastructure Security
Section 2: Cloud Infrastructure Security
6
Chapter 4: Azure Network Security
Chapter 4: Azure Network Security
Understanding Azure Virtual Network
Private endpoints
Considering other VNet security options
Summary
Questions
7
Chapter 5: Azure Key Vault
Chapter 5: Azure Key Vault
Understanding Azure Key Vault
Understanding service-to-service authentication
Using Azure Key Vault in deployment scenarios
Summary
Questions
8
Chapter 6: Data Security
Chapter 6: Data Security
Technical requirements
Understanding Azure Storage
Understanding Azure virtual machine disks
Working on Azure SQL Database
Summary
Questions
9
Section 3: Security Management
Section 3: Security Management
10
Chapter 7: Microsoft Defender for Cloud
Chapter 7: Microsoft Defender for Cloud
Introducing Microsoft Defender for Cloud
Cloud Security Posture Management with Defender for Cloud
Custom policies and (regulatory) compliance
Cloud workload protection and multi-cloud capabilities
Automating security
Summary
Questions
11
Chapter 8: Microsoft Sentinel
Chapter 8: Microsoft Sentinel
Introduction to SIEM
Getting started with Microsoft Sentinel
Microsoft Sentinel automation
Creating workbooks
Summary
Questions
12
Chapter 9: Security Best Practices
Chapter 9: Security Best Practices
Log Analytics design considerations
Understanding Azure SQL Database security features
Security in Azure App Service
Storage account access keys
Summary
Questions
13
Assessments
Assessments
Chapter 1 – An Introduction to Azure Security
Chapter 2 – Governance and Security
Chapter 3 – Managing Cloud Identities
Chapter 4 – Azure Network Security
Chapter 5 – Azure Key Vault
Chapter 6 – Data Security
Chapter 7 – Microsoft Defender for Cloud
Chapter 8 – Microsoft Sentinel
Chapter 9 – Security Best Practices
Why subscribe?
14
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

What this book covers

Chapter 1, An Introduction to Azure Security, covers how the cloud is changing the concept of IT, and security is not an exception. Cybersecurity requires a different approach in the cloud, and we need to understand what the differences are, new threats, and how to tackle them.

Chapter 2, Governance and Security, goes into how to create policies and rules in Microsoft Azure in order to create standards, enforce these policies and rules, and maintain quality levels.

Chapter 3, Managing Cloud Identities, explains why identity is one of the most important parts of security. With the cloud, identity is even more expressed than ever before. You'll learn how to keep identities secure and safe in Microsoft Azure and how to keep track of access rights and monitor any anomalies in user behavior.

Chapter 4, Azure Network Security, covers how the network is the first line of defense in any environment. Keeping resources safe and unreachable by attackers is a very important part of security. You'll learn how to achieve this in Microsoft Azure with built-in or custom tools.

Chapter 5, Azure Key Vault, explains how to manage secrets and certificates in Azure and deploy resources to Microsoft Azure with Infrastructure as Code in a secure way.

Chapter 6, Data Security, covers how to protect data in the cloud with additional encryption using Microsoft or your own encryption key.

Chapter 7, Microsoft Defender for Cloud, covers how to use Defender for Cloud to detect threats in Microsoft Azure, on-premises and in other clouds, and how to view assessments, reports, and recommendations in order to increase cloud security.

Chapter 8, Microsoft Sentinel, covers how to use Microsoft Sentinel to monitor security for your Azure and on-premise resources, including detecting threats before they happen and using artificial intelligence to analyze and investigate threats. Using Microsoft Sentinel to automate responses to security threats and stop them immediately is also covered.

Chapter 9, Security Best Practices, introduces best practices for Azure security, including how to set up a bulletproof Azure environment, finding the hidden security features that are placed all over Azure, and other tools that may help you increase security in Microsoft Azure.

Previous Section
Next Section