Mastering Azure Security
eBook - ePub

Mastering Azure Security

  1. 320 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Mastering Azure Security

About this book

Get to grips with artificial intelligence and cybersecurity techniques to respond to adversaries and incidentsKey Features• Learn how to secure your Azure cloud workloads across applications and networks• Protect your Azure infrastructure from cyber attacks• Discover tips and techniques for implementing, deploying, and maintaining secure cloud services using best practicesBook DescriptionSecurity is integrated into every cloud, but this makes users put their guard down as they take cloud security for granted. Although the cloud provides higher security, keeping their resources secure is one of the biggest challenges many organizations face as threats are constantly evolving. Microsoft Azure offers a shared responsibility model that can address any challenge with the right approach.Revised to cover product updates up to early 2022, this book will help you explore a variety of services and features from Microsoft Azure that can help you overcome challenges in cloud security. You'll start by learning the most important security concepts in Azure, their implementation, and then advance to understanding how to keep resources secure. The book will guide you through the tools available for monitoring Azure security and enforcing security and governance the right way. You'll also explore tools to detect threats before they can do any real damage and those that use machine learning and AI to analyze your security logs and detect anomalies.By the end of this cloud security book, you'll have understood cybersecurity in the cloud and be able to design secure solutions in Microsoft Azure.What you will learn• Become well-versed with cloud security concepts• Get the hang of managing cloud identities• Understand the zero-trust approach• Adopt the Azure security cloud infrastructure• Protect and encrypt your data• Grasp Azure network security concepts• Discover how to keep cloud resources secure• Implement cloud governance with security policies and rulesWho this book is forThis book is for Azure cloud professionals, Azure architects, and security professionals looking to implement secure cloud services using Azure Security Centre and other Azure security features. A solid understanding of fundamental security concepts and prior exposure to the Azure cloud will help you understand the key concepts covered in the book more effectively.

Tools to learn more effectively

Saving Books

Saving Books

Keyword Search

Keyword Search

Annotating Text

Annotating Text

Listen to it instead

Listen to it instead

Information

Publisher
Packt Publishing
Year
2022
eBook ISBN
9781803242927
Edition
2
Topic
Computer Science
Subtopic
Computer Networking
Index
Computer Science

Chapter 7: Microsoft Defender for Cloud

In Chapter 2, Governance and Security, you have learned that monitoring is essential for an organization to know what happens in their cloud environments. With Microsoft Defender for Cloud, this aspect is taken to the next level as it is meant to be the tool to give organizations a unified view into their hybrid and multi-cloud security configuration as well as inform them about current threats that are occurring in their environments.
In this chapter, you will learn about the following topics:
  • Introducing Microsoft Defender for Cloud
  • Cloud Security Posture Management with Defender for Cloud
  • Custom policies and (regulatory) compliance
  • Cloud workload protection and multi-cloud capabilities
  • Automating security
Let's get started!

Introducing Microsoft Defender for Cloud

With cloud computing being the main paradigm in the modern IT world, many benefits are associated with this new way of working. IT is no longer an end in itself and employees are way more productive than they were back in the day. But there are also new challenges when it comes to protecting modern IT environments.
In Chapter 3, Managing Cloud Identities, we covered advanced identity protection and that it is no longer enough to protect network boundaries; however, some other key security challenges come with cloud computing. How can you make sure you protect your ever-changing cloud services and applications? This is one of the value propositions of cloud computing and, in fact, probably the main benefit is that you can easily change and adapt in cloud environments. Be it continuous integration/continuous delivery (CI/CD), Virtual Machine (VM) upscaling, or service decommissioning, cloud environments are dynamic. But, at the same time, one of the main challenges is to keep track of these changes and to make sure that a company's services always adhere to its security baseline.
The threat landscape is evolving, and attacks are becoming increasingly sophisticated. Bad actors are using attack automation and evasion techniques, and at the same time, they are leveraging tools that help them to conduct attacks across the cyber kill chain. So, they no longer need to be highly trained technology experts, which results in an increasing number of sophisticated attacks, some of which are spearphishing and credential theft attacks. Also, attackers are using hijacked computers, tied to bot networks, to conduct widely spread password spray attacks, which can be hard to recognize.
We need human expertise, creativity, and adaptability to combat human threat actors. The downside is that security skills are in short supply. Currently (in 2021), there are 3.5 million open positions in the cybersecurity sector out there worldwide, with a prediction that this number will stay the same for the next 5 years. This includes not only cyber threat hunters but also security engineers and administrators with a focus on managing internal IT systems.
Tip
To learn more about the number of open positions in the cybersecurity sector, visit https://cybersecurityventures.com/jobs/.
Microsoft Defender for Cloud is a service that helps organizations fill the gap by helping them focus on two main pillars of protecting cloud environments:
  1. As a Cloud Security Posture Management (CSPM) solution, Microsoft Defender for Cloud constantly provides information about the current configuration status of all cloud resources in an organization to avoid misconfiguration with regard to security. Defender for Cloud's CSPM capabilities include secure score, recommendations, auto-remediation, and more.
  2. As a Cloud Workload Protection Platform (CWPP), Microsoft Defender for Cloud provides protection against cyber threats aimed at a company's infrastructure, no matter whether it is running in Microsoft Azure, on-premises, or in another cloud platform.
Microsoft Defender for Cloud's main dashboard provides a unified view of the most important aspects of security coverage, as shown in Figure 7.1:
Figure 7.1 – Microsoft Defender for Cloud overview dashboard
Figure 7.1 – Microsoft Defender for Cloud overview dashboard
On top of the screen, Defender for Cloud provides a high-level overview of Azure subscriptions, AWS accounts, and GCP projects that are connected. It also shows the number of assessed resources, active recommendations, and active security alerts that have been raised during the last 30 days:
Figure 7.2 – High-level resource overview
Figure 7.2 – High-level resource overview
The tiles in the section underneath provide a more detailed representation of several aspects, including overviews of the secure score and regulatory compliance, but also an alert graph, an inventory view, and information about the integration with Azure Firewall Manager and Azure Purview.
Figure 7.3 – Main tiles in Microsoft Defender for Cloud
Figure 7.3 – Main tiles in Microsoft Defender for Cloud
Here's a brief description of each of these tiles:
  • The Secure score tile is an overall representation of all subscriptions in your organization, providing an indication of how good (or badly) your resources are protected. Secure score is calculated based on the Azure Security Benchmark, which we will cover later in this chapter.
  • In the Regulatory compliance tile, a view on regulatory standards, such as ISO 27001, NIST SP 800 53 R5, or Azure Security Benchmark, is presented for all resources and subscriptions in an organization.
  • The Workload protections tile shows an alerts graph, sorted by severity.
  • Firewall Manager is an integrated tile that links to Azure Firewall Manager, a service that is covered in Chapter 4, Azure Network Security.
  • Inventory is a resource-focused representation on open recommendations, based on Azure Resource Graph.
  • Last but not least, the Information protection tile is an integration with Azure Purview, Microsoft's data classification service. The tile shows the number of recommendations and alerts for classified resources. It's a predefined inventory view (based on Azure Resource Graph) that shows all resources with open recommendations and an information protection label, according to Purview.
The right side of the main dashboard provides different views of mi...

Table of contents

  1. B18050_FM_ePub
  2. B18050_TOC_ePub
  3. B18050_Preface_ePub
  4. B18050_Section1_ePub
  5. B18050_01_ePub
  6. B18050_02_ePub
  7. B18050_03_ePub
  8. B18050_Section2_ePub
  9. B18050_04_ePub
  10. B18050_05_ePub
  11. B18050_06_ePub
  12. B18050_Section3_ePub
  13. B18050_07_ePub
  14. B18050_08_ePub
  15. B18050_09_ePub
  16. B18050_Assessments_ePub
  17. B18050_Backmatter_ePub

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 990+ topics, we’ve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Mastering Azure Security by Mustafa Toroman, Tom Janetscheck in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Networking. We have over one million books available in our catalogue for you to explore.