Op werkdagen voor 23:00 besteld, morgen in huis Gratis verzending vanaf €20
010-4731397
Microsoft Azure Sentinel
Microsoft Azure Sentinel
Yuri Diogenes Yuri Diogenes is a Senior Content Developer on the CSI Enterprise Mobility Team, focusing on BYOD and Azure Security Center. Meer over de auteurs
, ,

Microsoft Azure Sentinel

Planning and implementing Microsoft s cloud-native SIEM solution

 Paperback Engels 2020 9780136485452
Verkooppositie 1602Hoogste positie: 1602
Verwachte levertijd ongeveer 7 werkdagen
42,99
In winkelwagen

Samenvatting

Plan, deploy, and operate Azure Sentinel, Microsoft’s advanced cloud-based SIEM

Microsoft’s cloud-based Azure Sentinel helps you fully leverage advanced AI to automate threat identification and response — without the complexity and scalability challenges of traditional Security Information and Event Management (SIEM) solutions. Now, three of Microsoft’s leading experts review all it can do, and guide you step-by-step through planning, deployment, and daily operations. Leveraging in-the-trenches experience supporting early customers, they cover everything from configuration to data ingestion, rule development to incident management… even proactive threat hunting to disrupt attacks before you’re exploited.

Three of Microsoft’s leading security operations experts show how to:
- Use Azure Sentinel to respond to today’s fast-evolving cybersecurity environment, and leverage the benefits of its cloud-native architecture
- Review threat intelligence essentials: attacker motivations, potential targets, and tactics, techniques, and procedures
- Explore Azure Sentinel components, architecture, design considerations, and initial configuration
- Ingest alert log data from services and endpoints you need to monitor
- Build and validate rules to analyze ingested data and create cases for investigation
- Prevent alert fatigue by projecting how many incidents each rule will generate
- Help Security Operation Centers (SOCs) seamlessly manage each incident’s lifecycle
- Move towards proactive threat hunting: identify sophisticated threat behaviors and disrupt cyber kill chains before you’re exploited
- Do more with data: use programmable Jupyter notebooks and their libraries for machine learning, visualization, and data analysis
- Use Playbooks to perform Security Orchestration, Automation and Response (SOAR)
- Save resources by automating responses to low-level events
- Create visualizations to spot trends, identify or clarify relationships, and speed decisions
- Integrate with partners and other third-parties, including Fortinet, AWS, and Palo Alto

Specificaties

ISBN13:9780136485452
Trefwoorden:Microsoft, Azure, Azure Sentinel
Taal:Engels
Bindwijze:paperback
Aantal pagina's:208
Uitgever:Microsoft Press
Druk:1
Verschijningsdatum:16-7-2020
Hoofdrubriek:IT-management / ICT

Lezersrecensies

Wees de eerste die een lezersrecensie schrijft!

Geef uw waardering

Zeer goed Goed Voldoende Matig Slecht

Over Yuri Diogenes

Yuri Diogenes is a Senior Content Developer on the CSI Enterprise Mobility Team, focusing on BYOD and Azure Security Center. Previously, Yuri has worked as a writer for the Windows Security Team and as a Support Escalation Engineer for the CSS Forefront Team, also at Microsoft. He has a Master of Science degree in Cybersecurity Intelligence and Forensics from UTICA College and an MBA from FGF in Brazil, and he holds several industry certifications. He is co-author of Enterprise Mobility Suite: Managing BYOD and Company-Owned Devices (Microsoft Press, 2015), Microsoft Forefront Threat Management Gateway (TMG) Administrator’s Companion (Microsoft Press, 2010), and three other Forefront titles from Microsoft Press.

Andere boeken door Yuri Diogenes

Over Nicholas DiCola

Nicolas DiCola, an IT Security Jedi, is a Principal PM Manager at Microsoft C+AI Security CxE Team. He works on Azure Security Center, Azure Sentinel, and Azure Network Security. He is also a 20 year Reservist in the US Marine Corps working on Cyber Security.

Andere boeken door Nicholas DiCola

Over Jonathan Trull

Jonathan Trull, a longtime security practitioner and CISO, is Microsoft’s Global Director of Cybersecurity Solution Strategy for the Cybersecurity Solutions Group. In addition to his work at Microsoft, he serves as an advisor to several security startups and venture capital firms and supports the broader security community through his work with the Cloud Security Alliance, Center for Internet Security, and IANS.

Andere boeken door Jonathan Trull

Inhoudsopgave

Chapter 1 – Security Challenges for SecOps
-Current Threat Landscape• Security Challenges for SecOps
-Threat Intelligence
-Cloud-native SIEM

Chapter 2 – Introduction to Azure Sentinel
-Architecture - Adoption Considerations
-Enabling Azure Sentinel
-Data Ingestion
-Accessing ingested data

Chapter 3 – Analytics
-Why Use Analytics for Security?
-Understanding Analytic Rules
-Creating Analytic Rules
-Validating Analytic Rules

Chapter 4 – Incident Management
-Introduction to Incident Management
-Security Incident in Azure Sentinel
-Investigating an Incident

Chapter 5 – Threat Hunting
-Introduction to Threat Hunting
-Hunting threats in Azure Sentinel
-Creating New Hunting Queries and Bookmarks

Chapter 6 – Jupyter Notebooks
-Introduction
-Azure Notebooks and Azure Sentinel
-Connecting to Azure Sentinel
-Notebooks for Hunting and Investigation

Chapter 7 – Automation with Playbooks
-The Importance of SOAR
-Real-time Automation
-Post-incident Automation

Chapter 8 – Data Visualization
-Azure Sentinel Workbooks
-Using Built-in Workbooks
-Creating Custom Workbooks
-Creating Visualization in PowerBI and Excel
-Creating Visualization in PowerBI

Chapter 9 – Integrating with Partners
-Connecting with Fortinet
-Connecting with Amazon Web Services (AWS)
-Connecting with Palo Alto

Appendix A – Introduction to Kusto Query Language

Aanbevolen live events...

Mensen die dit boek kochten, kochten ook...

Managementboek Top 100

Bekijk de volledige Managementboek Top 100

Rubrieken

Uw cookie-instellingen
Deze website maakt gebruik van verschillende soorten cookies. Sommige cookies worden geplaatst door diensten van derden die op onze pagina's worden weergegeven. Om deze externe content te kunnen tonen is nodig dat u toestemming geeft voor het zetten van persoonlijke en marketingcookies. U kunt uw toestemming op elk moment wijzigen of intrekken. In onze cookieverklaring vindt u meer informatie.

Populaire producten

    Personen

      Trefwoorden

        Microsoft Azure Sentinel