Cloud Defense Strategies with Azure Sentinel: Hands-On Threat Hunting in Cloud Logs and Services
暫譯: 使用 Azure Sentinel 的雲端防禦策略：雲端日誌與服務中的實作威脅獵捕

Name: Cloud Defense Strategies with Azure Sentinel: Hands-On Threat Hunting in Cloud Logs and Services
Price: 2394 TWD
Availability: OnlineOnly
Author: Copeland, Marshall
ISBN: 1484271319

Copeland, Marshall

出版商: Apress
出版日期: 2021-10-02
售價: $2,520
貴賓價: 9.5 折 $2,394
語言: 英文
頁數: 300
裝訂: Quality Paper - also called trade paper
ISBN: 1484271319
ISBN-13: 9781484271315
相關分類: Microsoft Azure

海外代購書籍(需單獨結帳)

商品描述

Use various defense strategies with Azure Sentinel to enhance your cloud security. This book will help you get hands-on experience, including threat hunting inside Azure cloud logs and metrics from services such as Azure Platform, Azure Active Directory, Azure Monitor, Azure Security Center, and others such as Azure Defender's many security layers.
This book is divided into three parts. Part I helps you gain a clear understanding of Azure Sentinel and its features along with Azure Security Services, including Azure Monitor, Azure Security Center, and Azure Defender. Part II covers integration with third-party security appliances and you learn configuration support, including AWS. You will go through multi-Azure Tenant deployment best practices and its challenges. In Part III you learn how to improve cyber security threat hunting skills while increasing your ability to defend against attacks, stop data loss, prevent business disruption, and expose hidden malware. You will get an overview of the MITRE Attack Matrix and its usage, followed by Azure Sentinel operations and how to continue Azure Sentinel skill improvement.
After reading this book, you will be able to protect Azure resources from cyberattacks and support XDR (Extend, Detect, Respond), an industry threat strategy through Azure Sentinel.

What You Will Learn

Understand Azure Sentinel technical benefits and functionality
Configure to support incident response
Integrate with Azure Security standards
Be aware of challenges and costs for the Azure log analytics workspace

Who This Book Is For

Security consultants, solution architects, cloud security architects, and IT security engineers

商品描述(中文翻譯)

使用各種防禦策略搭配 Azure Sentinel 來增強您的雲端安全性。本書將幫助您獲得實作經驗，包括在 Azure 雲端日誌中進行威脅獵捕，以及來自 Azure 平台、Azure Active Directory、Azure Monitor、Azure Security Center 等服務的指標，還有 Azure Defender 的多層安全防護。

本書分為三個部分。第一部分幫助您清楚了解 Azure Sentinel 及其功能，並介紹 Azure 安全服務，包括 Azure Monitor、Azure Security Center 和 Azure Defender。第二部分涵蓋與第三方安全設備的整合，您將學習配置支援，包括 AWS。您將了解多 Azure 租戶部署的最佳實踐及其挑戰。在第三部分，您將學習如何提升網路安全威脅獵捕技能，同時增強防禦攻擊的能力，防止資料損失、避免業務中斷，並揭露隱藏的惡意軟體。您將獲得 MITRE 攻擊矩陣的概述及其使用，接著是 Azure Sentinel 的操作以及如何持續提升 Azure Sentinel 的技能。

閱讀本書後，您將能夠保護 Azure 資源免受網路攻擊，並透過 Azure Sentinel 支援 XDR（擴展、檢測、回應），這是一種行業威脅策略。

您將學到什麼

了解 Azure Sentinel 的技術優勢和功能

配置以支援事件回應

與 Azure 安全標準整合

了解 Azure 日誌分析工作區的挑戰和成本

本書適合誰

安全顧問、解決方案架構師、雲端安全架構師及 IT 安全工程師

作者簡介

Marshall Copeland is a Senior Consultant focused on Cyber Security in Azure public cloud defensive deployments using Azure cloud native and third-party cyber solutions. His work focuses on security in customers hybrid cloud deployments, Secure DevOps and security partner cloud integrations that enhance "blue team hunting" efficiencies. Marshall currently works at Microsoft Corporation supporting enterprise customers security teams using Azure security services for hybrid network security management and data protection. He previously worked in cloud security roles at Optiv Security, and Salesforce.

作者簡介(中文翻譯)

馬歇爾·科普蘭是一位專注於 Azure 公有雲防禦部署的資深顧問，專注於網路安全，使用 Azure 原生及第三方網路解決方案。他的工作重點在於客戶的混合雲部署中的安全性、Secure DevOps 以及增強「藍隊獵捕」效率的安全合作夥伴雲整合。馬歇爾目前在微軟公司工作，支持企業客戶的安全團隊，使用 Azure 安全服務進行混合網路安全管理和數據保護。他之前在 Optiv Security 和 Salesforce 擔任雲安全相關職位。