Preface
Security is integrated into every cloud, but most users take cloud security for granted. Revised to cover product updates up to early 2022, this book will help you understand Microsoft Azure's shared responsibility model that can address any challenge, cybersecurity in the cloud, and how to design secure solutions in Microsoft Azure.
Who this book is for
This book is for Azure cloud professionals, Azure architects, and security professionals looking to implement safe and secure cloud services using Azure Security Center and other Azure security features. A fundamental understanding of security concepts and prior exposure to the Azure Cloud will assist with understanding the key concepts covered in the book.
What this book covers
Chapter 1, An Introduction to Azure Security, covers how the cloud is changing the concept of IT, and security is not an exception. Cybersecurity requires a different approach in the cloud, and we need to understand what the differences are, new threats, and how to tackle them.
Chapter 2, Governance and Security, goes into how to create policies and rules in Microsoft Azure in order to create standards, enforce these policies and rules, and maintain quality levels.
Chapter 3, Managing Cloud Identities, explains why identity is one of the most important parts of security. With the cloud, identity is even more expressed than ever before. You'll learn how to keep identities secure and safe in Microsoft Azure and how to keep track of access rights and monitor any anomalies in user behavior.
Chapter 4, Azure Network Security, covers how the network is the first line of defense in any environment. Keeping resources safe and unreachable by attackers is a very important part of security. You'll learn how to achieve this in Microsoft Azure with built-in or custom tools.
Chapter 5, Azure Key Vault, explains how to manage secrets and certificates in Azure and deploy resources to Microsoft Azure with Infrastructure as Code in a secure way.
Chapter 6, Data Security, covers how to protect data in the cloud with additional encryption using Microsoft or your own encryption key.
Chapter 7, Microsoft Defender for Cloud, covers how to use Defender for Cloud to detect threats in Microsoft Azure, on-premises and in other clouds, and how to view assessments, reports, and recommendations in order to increase cloud security.
Chapter 8, Microsoft Sentinel, covers how to use Microsoft Sentinel to monitor security for your Azure and on-premise resources, including detecting threats before they happen and using artificial intelligence to analyze and investigate threats. Using Microsoft Sentinel to automate responses to security threats and stop them immediately is also covered.
Chapter 9, Security Best Practices, introduces best practices for Azure security, including how to set up a bulletproof Azure environment, finding the hidden security features that are placed all over Azure, and other tools that may help you increase security in Microsoft Azure.
To get the most out of this book
You will require the following software, which is open source and free to use, except for Microsoft Azure, which is subscription-based and billed based on usage per minute. However, even for Microsoft Azure, a trial subscription can be used.
If you are using the digital version of this book, we advise you to type the code yourself or access the code via the GitHub repository (link available in the next section). Doing so will help you avoid any potential errors related to the copy/pasting of code.
Download the color images
We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://static.packt-cdn.com/downloads/9781803238555_ColorImages.pdf.
Download the example code files
You can download the example code files for this book from GitHub at https://github.com/PacktPublishing/Mastering-Azure-Security-Second-Edition. In case there's an update to the code, it will be updated on the existing GitHub repository.
We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!
Conventions used
There are a number of text conventions used throughout this book.
Code in text: Indicates code words in the text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Behind the parameters section, there is a resource section in which the key vault reference is defined."
A block of code is set as follows:
# Grant your user account access rights to Azure Key Vault secrets
Set-AzKeyVaultAccessPolicy '
-VaultName $kvName '
-ResourceGroupName $rgName '
-UserPrincipalName (Get-AzContext).account.id '
-PermissionsToSecrets get, set
Bold: Indicates a new term, an important word, or words that you see on screen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Click on Review + create and after the final validation is passed, click Create."
Tips or Important Notes
Appear like this.
Get in touch
Feedback from our readers is always welcome.
General feedback: If you have questions about any aspect of this book, mention the book title in the subject of your message and email us at [email protected].
Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/support/errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.
Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.
If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.
Share Your Thoughts
Once you've read Mastering Azure Security, we'd love to hear your thoughts! Please click here to go straight to the Amazon review page for this book and share your feedback.
Your review is important to us and the tech community and will help us make sure we're delivering excellent quality content.