Cyber security on Azure : an it professional's guide to Microsoft Azure security /

Prevent destructive attacks to your Azure public cloud infrastructure, remove vulnerabilities, and instantly report cloud security readiness. This book provides comprehensive guidance from a security insider's perspective. Cyber Security on Azure supports cloud security operations and cloud sec...

Full description

Saved in:
Bibliographic Details
Main Authors: Copeland, Marshall., Jacobs, Matthew (Author)
Format: eBook
Language:English
Published: [Place of publication not identified] : Apress, 2021.
Edition:2nd ed.
Subjects:
Online Access:CONNECT
CONNECT
Table of Contents:
  • Intro
  • Table of Contents
  • About the Authors
  • About the Technical Reviewer
  • Acknowledgments
  • Introduction
  • Part I: Zero Trust Cloud Security
  • Chapter 1: Reduce Cyber Security Vulnerabilities: Identity Layer
  • Azure Cloud Relations: Tenant, Subscription, Resources
  • Azure Tenant Security
  • Azure Subscription Security
  • Azure API Security
  • Azure Resource Locks
  • Managing Azure Active Directory: Users and Groups
  • Azure Users
  • Azure Groups
  • Azure Active Directory: OAuth, SAML, AD Connect
  • OAuth
  • SAML
  • AD Connect
  • Federation with ADFS
  • Non-federation
  • Security Measures
  • Azure Application Permission Scopes
  • Configure Multi-Factor Authentication
  • Enabling Security Defaults
  • Self-Service Password Reset
  • Conditional Access Policies
  • Azure AD Privileged Identity Management
  • Summary
  • Chapter 2: Azure Network Security Configuration
  • Virtual Network Overview
  • VNets
  • Network Security Group
  • VNet Security Best Practices
  • Network Peering
  • Application Security Groups
  • TCP/IP Port Vulnerability
  • Azure Front Door Service
  • Remote Access Management
  • Azure Bastion Host
  • Summary
  • Chapter 3: Reduce Cyber Security Vulnerabilities: IaaS and Data
  • Azure Security with IaC
  • ARM Development
  • Harden Azure VMs
  • Patching the VM Directly
  • VM Security and Endpoint Protection
  • Database Security
  • DB Best Practices
  • DB Authentication
  • Database Auditing
  • Storage Accounts
  • Shared Access Signatures
  • Key Management
  • Summary
  • Part II: Azure Cloud Security Operations
  • Chapter 4: Configure Azure Monitoring for Blue Team Hunting
  • Azure Data Platform
  • Azure Logs
  • Azure Metrics
  • Azure Monitor and Log Analytics Enablement
  • Log Analytics Workspace Security Strategy
  • Guest OS Metrics and Logs
  • Connecting Data Sources to Log Analytics Workspace
  • Summary
  • Chapter 5: Azure Security Center and Azure Sentinel
  • Cloud Security Challenges
  • Enable Security
  • Configuration Value
  • Standard Tier Advantages
  • Just-in-Time Access
  • Advanced Threat Detection
  • Anomaly Detection
  • Crash Analysis
  • Threat Intelligence
  • Behavioral Analysis
  • Configure Alerting
  • Using Security Center
  • Compute and Apps
  • Network
  • Data and Storage
  • Azure Sentinel
  • Connect to Data Streams
  • Using Azure Sentinel
  • Logs Pane
  • Analytics Pane
  • Hunting
  • Summary
  • Chapter 6: Azure Kubernetes Services: Container Security
  • Microservices
  • Containers, Docker, and Kubernetes
  • Azure Kubernetes Services and Security
  • Authentication
  • Container Security
  • AKS Security with Security Center and Sentinel
  • Kubernetes Security with Azure Policy
  • Summary
  • Chapter 7: Security Governance Operations
  • Azure Governance Architecture
  • Management Groups
  • Azure Policy
  • Compliance Reporting
  • Assignments
  • Blueprints
  • Role-Based Access Control
  • Azure Cost Management
  • Data Governance