MS AZURE SENTINEL
en Paperback – 17 mar 2020
Three of MicrosoftGÇÖs leading security operations experts show how to:
- Use Azure Sentinel to respond to todayGÇÖs fast-evolving cybersecurity environment, and leverage the benefits of its cloud-native architecture
- Review threat intelligence essentials: attacker motivations, potential targets, and tactics, techniques, and procedures
- Explore Azure Sentinel components, architecture, design considerations, and initial configuration
- Ingest alert log data from services and endpoints you need to monitor
- Build and validate rules to analyse ingested data and create cases for investigation
- Prevent alert fatigue by projecting how many incidents each rule will generate
- Help Security Operation Centers (SOCs) seamlessly manage each incidentGÇÖs lifecycle
- Move towards proactive threat hunting: identify sophisticated threat behaviors and disrupt cyber kill chains before youGÇÖre exploited
- Do more with data: use programmable Jupyter notebooks and their libraries for machine learning, visualisation, and data analysis
- Use Playbooks to perform Security Orchestration, Automation and Response (SOAR)
- Save resources by automating responses to low-level events
- Create visualisations to spot trends, identify or clarify relationships, and speed decisions
- Integrate with partners and other third-parties, including Fortinet, AWS, and Palo Alto
Preț: 192.01 lei
Puncte Express: 288
Preț estimativ în valută:
36.79€ • 39.85$ • 31.55£
36.79€ • 39.85$ • 31.55£
Comandă specială
Livrare economică 18 aprilie-02 mai
Doresc să fiu notificat când acest titlu va fi disponibil:
Se trimite...
Preluare comenzi: 021 569.72.76
Specificații
ISBN-13: 9780136485452
ISBN-10: 0136485456
Pagini: 208
Ilustrații: Illustrations, unspecified
Dimensiuni: 190 x 224 x 15 mm
Greutate: 0.36 kg
Editura: MICROSOFT PR
ISBN-10: 0136485456
Pagini: 208
Ilustrații: Illustrations, unspecified
Dimensiuni: 190 x 224 x 15 mm
Greutate: 0.36 kg
Editura: MICROSOFT PR
Notă biografică
Yuri Diogenes, Senior Program Manager at Microsoft Cybersecurity Engineering's Cloud and Artificial Intelligence Division, works closely with Azure Sentinel and Azure Security Center. Also a Professor at EC-Council University's MS and BS-level Cybersecurity programs, he holds an MS in Cybersecurity Intelligence & Forensics from Utica College, an MBA from FGF in Brazil, and several industry certifications. He is co-author of Microsoft Azure Security Center, Second Edition; Enterprise Mobility Suite: Managing BYOD and Company-Owned Devices, and other Microsoft Press books.
Nicholas DiCola is Principal Program Manager at Microsoft Cybersecurity Engineering's Cloud and Artificial Intelligence Division, where he assists customers in deploying advanced Microsoft Azure security systems. Before joining Microsoft in 2006, he was IT/Cyber Specialist on Active Duty in the U.S. Marine Corps. He was contributing author of Automating Active Directory Administration with PowerShell.
Jonathan Trull (CSSP, CISSP, CISA, OSCP) is Global Director for the Microsoft Cybersecurity Solutions Group. He leads Microsoft's team of security advisors and cloud security architects in providing strategic direction for Microsoft security offerings and engaging with customers and partners worldwide. His 20 years of information security experience includes stints as VP and CISO for Optiv; as CISO for Qualys; and as CISO for the State of Colorado. As faculty member in Regis University's information assurance graduate program, he develops and teaches courses on network forensics, security architecture and design, malware analysis, and legal concepts in information security.
Cuprins
- Chapter 1 - Security Challenges for SecOps
- Chapter 2 - Azure Sentinel
- Chapter 3 - Analytics
- Chapter 4 - Incident Management
- Chapter 5 - Hunting
- Chapter 6 - Notebooks
- Chapter 7 - Automation with Playbooks
- Chapter 8 - Data Visualization
- Chapter 9 - Integrating with Partners