Skip to main content
SpringerLink
Log in
Apress
Book cover

Cloud Defense Strategies with Azure Sentinel

Hands-on Threat Hunting in Cloud Logs and Services

  • Book
  • © 2021

Overview

Authors:
  1. Marshall Copeland

    1. New Braunfels, USA

    View author publications

    You can also search for this author in PubMed   Google Scholar

  • Covers best practices to deploy Azure Sentinel in a Single Azure Tenant with multiple subscriptions
  • Discusses cyber skills with Kusto Query Language (KQL)
  • Includes standard security services such as Palo Alto Network, Cisco, Okta, and more

This is a preview of subscription content, log in via an institution to check access.

Access this book

Log in via an institution
eBook USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Other ways to access

Licence this eBook for your library

Institutional subscriptions

Table of contents (9 chapters)

  1. Front Matter

    Pages i-xvi
    Download chapter PDF

  2. Part I

    1. Front Matter

      Pages 1-1
      Download chapter PDF

    2. Azure Sentinel Overview

      • Marshall Copeland
      Pages 3-38

    3. Other Azure Security Services

      • Marshall Copeland
      Pages 39-75

    4. Getting Started with Azure Sentinel and XDR Capabilities

      • Marshall Copeland
      Pages 77-103

  3. Part II

    1. Front Matter

      Pages 105-105
      Download chapter PDF

    2. Sentinel Data Connection

      • Marshall Copeland
      Pages 107-143

    3. Threat Intelligence

      • Marshall Copeland
      Pages 145-161

    4. Multi-tenant Architecture

      • Marshall Copeland
      Pages 163-182

  4. Part III

    1. Front Matter

      Pages 183-183
      Download chapter PDF

    2. Kusto Query Language and Threat Hunting

      • Marshall Copeland
      Pages 185-211

    3. Introduction to the MITRE Matrix

      • Marshall Copeland
      Pages 213-254

    4. Azure Sentinel Operations

      • Marshall Copeland
      Pages 255-279

  5. Back Matter

    Pages 281-285
    Download chapter PDF
Back to top

Keywords

About this book

Use various defense strategies with Azure Sentinel to enhance your cloud security. This book will help you get hands-on experience, including threat hunting inside Azure cloud logs and metrics from services such as Azure Platform, Azure Active Directory, Azure Monitor, Azure Security Center, and others such as Azure Defender's many security layers.

This book is divided into three parts. Part I helps you gain a clear understanding of Azure Sentinel and its features along with Azure Security Services, including Azure Monitor, Azure Security Center, and Azure Defender. Part II covers integration with third-party security appliances and you learn configuration support, including AWS. You will go through multi-Azure Tenant deployment best practices and its challenges. In Part III you learn how to improve cyber security threat hunting skills while increasing your ability to defend against attacks, stop data loss, prevent business disruption, and expose hidden malware. You will get an overview of the MITRE Attack Matrix and its usage, followed by Azure Sentinel operations and how to continue Azure Sentinel skill improvement.

After reading this book, you will be able to protect Azure resources from cyberattacks and support XDR (Extend, Detect, Respond), an industry threat strategy through Azure Sentinel. 




What You Will Learn
  • Understand Azure Sentinel technical benefits and functionality
  • Configure to support incident response
  • Integrate with Azure Security standards
  • Be aware of challenges and costs for the Azure log analytics workspace


Who This Book Is For

Security consultants, solution architects, cloud security architects, and IT security engineers




Authors and Affiliations

  • New Braunfels, USA

    Marshall Copeland

About the author

Marshall Copeland is a Senior Consultant focused on Cyber Security in Azure public cloud defensive deployments using Azure cloud native and third-party cyber solutions. His work focuses on security in customers hybrid cloud deployments, Secure DevOps and security partner cloud integrations that enhance “blue team hunting” efficiencies. Marshall currently works at Microsoft Corporation supporting enterprise customers security teams using Azure security services for hybrid network security management and data protection. He previously worked in cloud security roles at Optiv Security, and Salesforce.

Bibliographic Information

Publish with us

Policies and ethics

Back to top

Search

Navigation