Mastering Azure Security - Second Edition

By : Mustafa Toroman, Tom Janetscheck

Mastering Azure Security - Second Edition

By: Mustafa Toroman, Tom Janetscheck

Overview of this book

Security is integrated into every cloud, but this makes users put their guard down as they take cloud security for granted. Although the cloud provides higher security, keeping their resources secure is one of the biggest challenges many organizations face as threats are constantly evolving. Microsoft Azure offers a shared responsibility model that can address any challenge with the right approach. Revised to cover product updates up to early 2022, this book will help you explore a variety of services and features from Microsoft Azure that can help you overcome challenges in cloud security. You'll start by learning the most important security concepts in Azure, their implementation, and then advance to understanding how to keep resources secure. The book will guide you through the tools available for monitoring Azure security and enforcing security and governance the right way. You'll also explore tools to detect threats before they can do any real damage and those that use machine learning and AI to analyze your security logs and detect anomalies. By the end of this cloud security book, you'll have understood cybersecurity in the cloud and be able to design secure solutions in Microsoft Azure.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Download the example code files

Conventions used

Get in touch

Share Your Thoughts

Section 1: Identity and Governance

Free Chapter

Chapter 1: An Introduction to Azure Security

Exploring the shared responsibility model

Physical security

Azure network

Azure infrastructure availability

Azure infrastructure integrity

Azure infrastructure monitoring

Understanding Azure security foundations

Summary

Questions

Chapter 2: Governance and Security

Understanding governance in Azure

Using common sense to avoid mistakes

Using management locks

Using management groups for governance

Understanding Azure Policy

Defining Azure blueprints

Azure Resource Graph

Summary

Questions

Chapter 3: Managing Cloud Identities

Exploring passwords and passphrases

Understanding MFA

Introducing security defaults

Using Conditional Access

Introducing Azure AD Identity Protection

Understanding role-based access control

Protecting admin accounts with Azure AD PIM

Hybrid authentication and Single Sign-On

Understanding passwordless authentication

Licensing considerations

Summary

Questions

Section 2: Cloud Infrastructure Security

Chapter 4: Azure Network Security

Understanding Azure Virtual Network

Private endpoints

Considering other VNet security options

Summary

Questions

Chapter 5: Azure Key Vault

Understanding Azure Key Vault

Understanding service-to-service authentication

Using Azure Key Vault in deployment scenarios

Summary

Questions

Chapter 6: Data Security

Technical requirements

Understanding Azure Storage

Understanding Azure virtual machine disks

Working on Azure SQL Database

Summary

Questions

Section 3: Security Management

Chapter 7: Microsoft Defender for Cloud

Introducing Microsoft Defender for Cloud

Cloud Security Posture Management with Defender for Cloud

Custom policies and (regulatory) compliance

Cloud workload protection and multi-cloud capabilities

Automating security

Summary

Questions

Chapter 8: Microsoft Sentinel

Introduction to SIEM

Getting started with Microsoft Sentinel

Microsoft Sentinel automation

Creating workbooks

Summary

Questions

Chapter 9: Security Best Practices

Log Analytics design considerations

Understanding Azure SQL Database security features

Security in Azure App Service

Storage account access keys

Summary

Questions

Assessments

Chapter 1 – An Introduction to Azure Security

Chapter 2 – Governance and Security

Chapter 3 – Managing Cloud Identities

Chapter 4 – Azure Network Security

Chapter 5 – Azure Key Vault

Chapter 6 – Data Security

Chapter 7 – Microsoft Defender for Cloud

Chapter 8 – Microsoft Sentinel

Chapter 9 – Security Best Practices

Why subscribe?

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Conventions used

There are a number of text conventions used throughout this book.

Code in text: Indicates code words in the text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Behind the parameters section, there is a resource section in which the key vault reference is defined."

A block of code is set as follows:

# Grant your user account access rights to Azure Key Vault secrets
Set-AzKeyVaultAccessPolicy '
-VaultName $kvName '
-ResourceGroupName $rgName '
-UserPrincipalName (Get-AzContext).account.id '
-PermissionsToSecrets get, set

Bold: Indicates a new term, an important word, or words that you see on screen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Click on Review + create and after the final validation is passed, click Create."

Tips or Important Notes

Appear like this.

Mastering Azure Security - Second Edition

By : Mustafa Toroman, Tom Janetscheck

Mastering Azure Security - Second Edition

By: Mustafa Toroman, Tom Janetscheck

Overview of this book

Related Content you might be interested in

Current Title:

Mastering Azure Security - Second Edition

Microsoft Defender for Cloud Cookbook

Microsoft Azure Security Technologies Certification and Beyond

Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900

Conventions used