Chapter 5

Azure Defender

Up to now, you’ve learned how to reduce the attack surface by addressing security recommendations using Azure Security Center, which is part of the overall enhancement of your security posture. However, protection is just one of the pillars of your security posture. You also need to enhance your detection and response, and for that you need to use Azure Defender.

On the detection front, Azure Defender constantly monitors your assets. When it identifies suspicious activities, it raises an alert and it does that while reducing the false positives, which is very important for your security operations.

In this chapter, you will learn how to use Azure Defender to detect threats against your environment, and how to investigate ...

Get Microsoft Azure Security Center, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.