Название: Microsoft Defender for Cloud Автор: Yuri Diogenes, Tom Janetscheck Издательство: Microsoft Press/Pearson Education Год: 2023 Страниц: 510 Язык: английский Формат: epub Размер: 39.9 MB
The definitive practical guide to Microsoft Defender for Cloud covering new components and multi-cloud enhancements!
Microsoft Defender for Cloud offers comprehensive tools for hardening resources, tracking security posture, protecting against attacks, and streamlining security management – all in one natively integrated toolset. Now, leading Microsoft security experts Yuri Diogenes and Tom Janetscheck help you apply its robust protection, detection, and response capabilities throughout your operations, protecting workloads running on all your cloud, hybrid, and on-premises platforms.
This guide shows how to make the most of new components, enhancements, and deployment scenarios, as you address today's latest threat vectors. Sharing best practices, expert tips, and optimizations only available from Microsoft's Defender for Cloud team, the authors walk through improving everything from policies and governance to incident response and risk management. Whatever your role or experience, they'll help you address new security challenges far more effectively—and save hours, days, or even weeks.
As customers’ path toward the cloud and digital transformation continues, we see increased complexity in our cloud environments, moving from traditional VM workloads to cloud-native applications and leveraging an increasing selection of PaaS services. This introduces new challenges to cloud providers, security vendors, and security teams who have to familiarize themselves with dozens—or even hundreds—of PaaS services and ensure each is secured properly, given the correct context.
Securing these cloud workloads starts with reducing the attack surface by maintaining the security posture and defense-in-depth. This can be quite a challenge given the variety and the sheer number of posture misconfigurations and vulnerabilities found on an average cloud workload. This book goes into detail on how Defender for Cloud can be used to fully visualize the customer’s cloud estate. It also helps identify the attack surface across all workload types (prioritizing risks using Secure Score, guiding customers to which threat to address first, and providing the customers with at-scale tooling to build cloud-native applications that are secure from day-1). Lastly, this book helps you enforce the correct set of policies to avoid drift.
Two of Microsoft's leading cloud security experts show how to:
Assess new threat landscapes, the MITRE ATT&CK framework, and the implications of ''assume-breach'' Explore Defender for Cloud architecture, use cases, and adoption considerations including multicloud with AWS and GCP Plan for effective governance, successful onboarding, and maximum value Fully visualize complex cloud estates and systematically reduce their attack surfaces Prioritize risks with Secure Score, and leverage at-scale tools to build secure cloud-native apps Establish consistent policy enforcement to avoid drift Use advanced analytics and machine learning to identify attacks based on signals from all cloud workloads Enhance security posture by integrating with the Microsoft Sentinel SIEM/SOAR, Microsoft Purview, and Microsoft Defender for Endpoint Leverage just-in-time VM access and other enhanced security capabilities
About This Book: For architects, designers, implementers, SecOps professionals, developers, and security specialists working in Microsoft Azure environments. For all IT professionals and decision-makers concerned with securing modern hybrid/multicloud environments, cloud-native apps, and PaaS services.