Chapter 7

Reducing the attack surface

Now that you know how to address recommendations to enhance the security posture of your cloud workloads and you understand the importance of threat detection based on the different Azure Defender options, you need to ensure that you also apply security controls to reduce the attack surface. In this chapter, you will learn how to use just-in-time virtual machine (VM) access to harden the access to Azure VMs and to ensure that your VMs are not always exposed to the Internet. You will learn how to track changes to your files and registry hives using file integrity monitoring, and you will also learn how Azure Defender uses machine learning to create a list of applications that are approved to be executed on ...

Get Microsoft Azure Security Center, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.