Microsoft Azure Sentinel eBook : 9780136485421

Microsoft Azure Sentinel eBook

Diogenes,Y et al
Published by
Pearson Higher Ed USA
Title type
NZ/Pacific customers only
This eText can only be purchased by people residing in New Zealand, Fiji, Samoa, Tonga or Cook Islands with a credit card from the same country. Click here to find the Pearson website for your region.
Microsoft’s cloud-based Azure Sentinel helps you fully leverage advanced AI to automate threat identification and response – without the complexity and scalability challenges of traditional Security Information and Event Management (SIEM) solutions. Now, three of Microsoft’s leading experts review all it can do, and guide you step by step through planning, deployment, and daily operations. Leveraging in-the-trenches experience supporting early customers, they cover everything from configuration to data ingestion, rule development to incident management.

Three of Microsoft’s leading security operations experts show how to:
  • Use Azure Sentinel to respond to today’s fast-evolving cybersecurity environment, and leverage the benefits of its cloud-native architecture
  • Review threat intelligence essentials: attacker motivations, potential targets, and tactics, techniques, and procedures
  • Explore Azure Sentinel components, architecture, design considerations, and initial configuration
  • Ingest alert log data from services and endpoints you need to monitor
  • Build and validate rules to analyse ingested data and create cases for investigation
  • Prevent alert fatigue by projecting how many incidents each rule will generate
  • Help Security Operation Centers (SOCs) seamlessly manage each incident’s lifecycle
  • Move towards proactive threat hunting: identify sophisticated threat behaviors and disrupt cyber kill chains before you’re exploited
  • Do more with data: use programmable Jupyter notebooks and their libraries for machine learning, visualisation, and data analysis
  • Use Playbooks to perform Security Orchestration, Automation and Response (SOAR)
  • Save resources by automating responses to low-level events
  • Create visualisations to spot trends, identify or clarify relationships, and speed decisions
  • Integrate with partners and other third-parties, including Fortinet, AWS, and Palo Alto

The full text downloaded to your computer

With eBooks you can:

  • search for key concepts, words and phrases
  • make highlights and notes as you study
  • share your notes with friends

eBooks are downloaded to your computer and accessible either offline through the Bookshelf (available as a free download), available online and also via the iPad and Android apps.

Upon purchase, you will receive via email the code and instructions on how to access this product. Please note: Digital products are available for immediate download and cannot be returned once purchased.

Time limit

The eBooks products do not have an expiry date. You will continue to access your digital ebook products whilst you have your Bookshelf installed.

Table of contents
  • Chapter 1 — Security Challenges for SecOps
  • Chapter 2 — Azure Sentinel
  • Chapter 3 — Analytics
  • Chapter 4 — Incident Management
  • Chapter 5 — Hunting
  • Chapter 6 — Notebooks
  • Chapter 7 — Automation with Playbooks
  • Chapter 8 — Data Visualization
  • Chapter 9 — Integrating with Partners
Access Code info.

To get the most out of your eBook you need to download the VitalSource Bookshelf software. This software is free to download and use. View the VitalSource Bookshelf system requirements here.

Download Information: Once purchased, you can view and/or download your eBook instantly, either via the download link which you will receive as soon as you complete your online order or by viewing the download link against the order in the My Account area of this website.

Please note: eBooks are available for download immediately and cannot be returned once purchased.

Sample Pages