Microsoft Azure Sentinel : 9780136485452

Microsoft Azure Sentinel

 
Edition
 
1
ISBN
 
9780136485452
ISBN 10
 
0136485456
Published
 
30/03/2020
Published by
 
Pearson Higher Ed USA
Pages
 
Format
 
In stock
 
Title type
Book
$59.99
 
 
Title type
 
$41.99
 
 
Description

Using Microsoft’s cloud-based Azure Sentinel, security organizations can leverage the full power of advanced artificial intelligence to automate threat identification and response – without the management complexity and scalability challenges of conventional SIEM solutions. In Microsoft Azure Sentinel, three of Microsoft’s leading Azure Sentinel experts review the problems Azure Sentinel can solve, and guide you step-by-step through planning, deployment, and day-to-day usage. Leveraging unsurpassed expertise helping early customers succeed with Azure Sentinel, they offer the most thorough, practical, and authoritative coverage available. Topics include:

  • Understanding Azure Sentinel’s cloud-native SIEM approach, its advantages, and adoption considerations
  • Configuring workspaces and ingesting data
  • Understanding, creating, and validating Azure Sentinel analytics
  • Managing and investigating cases
  • Hunting threats and creating new queries
  • Working with Jupyter and Community Notebooks
  • Magnifying your capabilities through Playbooks and automation
  • Visualizing data and taking full advantage of Azure Sentinel dashboards
  • Integrating with partners and other third-parties, including Fortinet, AWS, and Palo Alto
Table of contents
Chapter 1 — Security Challenges for SecOps• Current Threat Landscape• Security Challenges for SecOps• Threat Intelligence• Cloud-native SIEMChapter 2 — Azure Sentinel • Architecture• Adoption Considerations• Configuring Workspace• Data Ingestion• Ingesting data from Microsoft solutionsChapter 3 — Analytics • Understanding Analytics• Creating Analytics• Validating AnalyticsChapter 4 — Incident Management• Understanding Incidents• Incident management• InvestigationChapter 5 — Hunting • Introduction to Threat Hunting• Hunting threats in Azure Sentinel• Creating New QueriesChapter 6 — Notebooks• Understanding Jupyter Notebooks• Leveraging Community Notebooks• Analyzing data with NotebooksChapter 7 — Automation with Playbooks • Azure Sentinel SOAR capabilities• Understanding Playbooks• Creating Playbooks• Linking playbooks to analyticsChapter 8 — Data Visualization• Azure Sentinel Dashboards• Installing Dashboards• Using DashboardsChapter 9 — Integrating with Partners • Connecting with Fortinet• Connecting with AWS • Connecting with Palo Alto