Chapter 7

Reducing the attack surface

Now that you know how to address recommendations to enhance the security posture of your cloud workloads and you understand the importance of threat detection based on the different Azure Defender options, you need to ensure that you also apply security controls to reduce the attack surface. In this chapter, you will learn how to use just-in-time virtual machine (VM) access to harden the access to Azure VMs and to ensure that your VMs are not always exposed to the Internet. You will learn how to track changes to your files and registry hives using file integrity monitoring, and you will also learn how Azure Defender uses machine learning to create a list of applications that are approved to be executed on ...

Get Microsoft Azure Security Center, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.