| Description |
1 online resource |
| Contents |
Intro -- Table of Contents -- About the Authors -- About the Technical Reviewer -- Acknowledgments -- Introduction -- Part I: Zero Trust Cloud Security -- Chapter 1: Reduce Cyber Security Vulnerabilities: Identity Layer -- Azure Cloud Relations: Tenant, Subscription, Resources -- Azure Tenant Security -- Azure Subscription Security -- Azure API Security -- Azure Resource Locks -- Managing Azure Active Directory: Users and Groups -- Azure Users -- Azure Groups -- Azure Active Directory: OAuth, SAML, AD Connect -- OAuth -- SAML -- AD Connect -- Federation with ADFS -- Non-federation |
|
Security Measures -- Azure Application Permission Scopes -- Configure Multi-Factor Authentication -- Enabling Security Defaults -- Self-Service Password Reset -- Conditional Access Policies -- Azure AD Privileged Identity Management -- Summary -- Chapter 2: Azure Network Security Configuration -- Virtual Network Overview -- VNets -- Network Security Group -- VNet Security Best Practices -- Network Peering -- Application Security Groups -- TCP/IP Port Vulnerability -- Azure Front Door Service -- Remote Access Management -- Azure Bastion Host -- Summary |
|
Chapter 3: Reduce Cyber Security Vulnerabilities: IaaS and Data -- Azure Security with IaC -- ARM Development -- Harden Azure VMs -- Patching the VM Directly -- VM Security and Endpoint Protection -- Database Security -- DB Best Practices -- DB Authentication -- Database Auditing -- Storage Accounts -- Shared Access Signatures -- Key Management -- Summary -- Part II: Azure Cloud Security Operations -- Chapter 4: Configure Azure Monitoring for Blue Team Hunting -- Azure Data Platform -- Azure Logs -- Azure Metrics -- Azure Monitor and Log Analytics Enablement |
|
Log Analytics Workspace Security Strategy -- Guest OS Metrics and Logs -- Connecting Data Sources to Log Analytics Workspace -- Summary -- Chapter 5: Azure Security Center and Azure Sentinel -- Cloud Security Challenges -- Enable Security -- Configuration Value -- Standard Tier Advantages -- Just-in-Time Access -- Advanced Threat Detection -- Anomaly Detection -- Crash Analysis -- Threat Intelligence -- Behavioral Analysis -- Configure Alerting -- Using Security Center -- Compute and Apps -- Network -- Data and Storage -- Azure Sentinel -- Connect to Data Streams -- Using Azure Sentinel |
|
Logs Pane -- Analytics Pane -- Hunting -- Summary -- Chapter 6: Azure Kubernetes Services: Container Security -- Microservices -- Containers, Docker, and Kubernetes -- Azure Kubernetes Services and Security -- Authentication -- Container Security -- AKS Security with Security Center and Sentinel -- Kubernetes Security with Azure Policy -- Summary -- Chapter 7: Security Governance Operations -- Azure Governance Architecture -- Management Groups -- Azure Policy -- Compliance Reporting -- Assignments -- Blueprints -- Role-Based Access Control -- Azure Cost Management -- Data Governance |
| Summary |
Prevent destructive attacks to your Azure public cloud infrastructure, remove vulnerabilities, and instantly report cloud security readiness. This book provides comprehensive guidance from a security insider's perspective. Cyber Security on Azure supports cloud security operations and cloud security architects by supplying a path to clearly identify potential vulnerabilities to business assets and reduce security risk in Microsoft Azure subscription. This updated edition explores how to "lean-in" and recognize challenges with IaaS and PaaS for identity, networks, applications, virtual machines, databases, and data encryption to use the variety of Azure security tools. You will dive into Azure Cloud Security to guide cloud operations teams to become more security focused in many areas and laser focused on security configuration. New chapters cover Azure Kubernetes Service and Container security and you will get up and running quickly with an overview of Azure Sentinel SIEM Solution. You will: Understand enterprise privileged identity and security policies "Shift left" with security controls in Microsoft Azure Configure intrusion detection and alerts Reduce security risks using Azure Security Service |
| Notes |
Includes index |
|
Online resource; title from PDF title page (SpringerLink, viewed February 26, 2021) |
| In |
Springer Nature eBook |
| Subject |
Microsoft Azure (Computing platform)
|
|
Computer security.
|
|
Cloud computing -- Security measures
|
|
Computer Security
|
|
Microsoft Azure (Computing platform)
|
|
Computer security
|
|
Microsoft software
|
| Form |
Electronic book
|
| Author |
Jacobs, Matthew, author
|
| ISBN |
9781484265314 |
|
1484265319 |
|
9781484265321 |
|
1484265327 |
|
