Book description
Effectively secure their cloud and hybrid infrastructure, how to centrally manage security, and improve organizational security posture
Key Features
- Implement and optimize security posture in Azure, hybrid, and multi-cloud environments
- Understand Microsoft Defender for Cloud and its features
- Protect workloads using Microsoft Defender for Cloud's threat detection and prevention capabilities
Book Description
Microsoft Defender for Cloud is a multi-cloud and hybrid cloud security posture management solution that enables security administrators to build cyber defense for their Azure and non-Azure resources by providing both recommendations and security protection capabilities.
This book will start with a foundational overview of Microsoft Defender for Cloud and its core capabilities. Then, the reader is taken on a journey from enabling the service, selecting the correct tier, and configuring the data collection, to working on remediation. Next, we will continue with hands-on guidance on how to implement several security features of Microsoft Defender for Cloud, finishing with monitoring and maintenance-related topics, gaining visibility in advanced threat protection in distributed infrastructure and preventing security failures through automation.
By the end of this book, you will know how to get a view of your security posture and where to optimize security protection in your environment as well as the ins and outs of Microsoft Defender for Cloud.
What you will learn
- Understand Microsoft Defender for Cloud features and capabilities
- Understand the fundamentals of building a cloud security posture and defending your cloud and on-premises resources
- Implement and optimize security in Azure, multi-cloud and hybrid environments through the single pane of glass - Microsoft Defender for Cloud
- Harden your security posture, identify, track and remediate vulnerabilities
- Improve and harden your security and services security posture with Microsoft Defender for Cloud benchmarks and best practices
- Detect and fix threats to services and resources
Who this book is for
This book is for Security engineers, systems administrators, security professionals, IT professionals, system architects, and developers. Anyone whose responsibilities include maintaining security posture, identifying, and remediating vulnerabilities, and securing cloud and hybrid infrastructure. Anyone who is willing to learn about security in Azure and to build secure Azure and hybrid infrastructure, to improve their security posture in Azure, hybrid and multi-cloud environments by leveraging all the features within Microsoft Defender for Cloud.
Table of contents
- Microsoft Defender for Cloud Cookbook
- Contributors
- About the author
- About the reviewers
- Preface
-
Chapter 1: Getting Started with Microsoft Defender for Cloud
- Technical requirements
- Enabling Microsoft Defender for Cloud Plans on Azure Subscriptions and Log Analytics Workspaces
- Enabling an Microsoft Defender for Cloud Plans on an Azure Subscription
- Enabling an Microsoft Defender for Cloud Plans on a Log Analytics Workspace
- Enabling an Microsoft Defender for Cloud Plans on multiple Azure Subscriptions and Log Analytics Workspaces
- Configuring data collection in a Log Analytics Workspace
- Configuring provisioning extensions automatically
- Enabling a Log Analytics agent for Azure VMs manually in the Log Analytics Workspace settings
- Enabling a Log Analytics agent for Azure VMs manually in the Virtual Machine settings
- Configuring a Log Analytics agent for Azure VMs extension deployment
- Configuring email notifications
- Assigning Microsoft Defender for Cloud permissions
- Onboarding Microsoft Defender for Cloud using PowerShell
- Enabling Microsoft Defender for Cloud integration with other Microsoft security services
-
Chapter 2: Multi-Cloud Connectivity
- Technical requirements
- Connecting non-Azure virtual machines using Azure Arc
- Connecting non-Azure virtual machines using Microsoft Defender for Cloud portal pages
- Setting up Amazon Web Services Config and Amazon Web Services Security Hub
- Creating an Identity and Access Management AWS role for Microsoft Defender for Cloud
- Connecting Amazon Web Services to Microsoft Defender for Cloud
- Configuring GCP Security Command Center and enabling GCP Security Command Center API
- Creating a GCP service account and connecting GCP to Microsoft Defender for Cloud
-
Chapter 3: Workflow Automation and Continuous Export
- Technical requirements
- Creating logic apps for use in Microsoft Defender for Cloud
- Automating threat detection alert responses
- Automating Microsoft Defender for Cloud recommendation responses
- Automating regulatory compliance standards responses
- Configuring continuous export to Event Hub
- Configuring continuous export to a Log Analytics workspace
-
Chapter 4: Secure Score and Recommendations
- Technical requirements
- Understanding, filtering, and sorting recommendations
- Downloading a recommendation report
- Creating a recommendation exemption rule
- Creating a recommendation enforcement rule
- Preventing creating resources using a Deny rule
- Disabling a recommendation
- Fixing recommendations on affected resources
- Managing a recommendation query in Azure Resource Graph Explorer
- Getting a secure score using Azure Resource Graph
- Chapter 5: Security Alerts
- Chapter 6: Regulatory Compliance and Security Policy
-
Chapter 7: Microsoft Defender for Cloud Workload Protection
- Technical requirements
- Enabling a vulnerability assessment solution
- Enabling and configuring JIT access on a virtual machine
- Requesting access to a JIT-enabled virtual machine
- Configuring the adaptive application control group
- Managing adaptive network hardening
- Remediating vulnerabilities in Azure Container Registry images
- Managing a SQL vulnerability assessment
- Managing file integrity monitoring
- Chapter 8: Firewall Manager
- Chapter 9: Information Protection
- Chapter 10: Workbooks
- Other Books You May Enjoy
Product information
- Title: Microsoft Defender for Cloud Cookbook
- Author(s):
- Release date: July 2022
- Publisher(s): Packt Publishing
- ISBN: 9781801076135
You might also like
book
Microsoft Defender for Cloud
The definitive practical guide to Microsoft Defender for Cloud Fully covers new components and multi-cloud enhancements! …
book
Microsoft Defender for Endpoint in Depth
Gain an in-depth understanding of Microsoft Defender 365, explore its features, and learn successful implementation strategies …
book
Microsoft Azure Security Center, 3rd Edition
The definitive practical guide to Azure Security Center, 50%+ rewritten for new features, capabilities, and threats …
book
Microsoft Security Operations Analyst Exam Ref SC-200 Certification Guide
Remediate active attacks to reduce risk to the organization by investigating, hunting, and responding to threats …