Learn Azure Sentinel

5 (1 reviews total)
By Richard Diver , Gary Bushey
  • Instant online access to over 7,500+ books and videos
  • Constantly updated with 100+ new titles each month
  • Breadth and depth in over 1,000+ technologies
  1. Section 1: Design and Implementation

About this book

Azure Sentinel is a Security Information and Event Management (SIEM) tool developed by Microsoft to integrate cloud security and artificial intelligence (AI). Azure Sentinel not only helps clients identify security issues in their environment, but also uses automation to help resolve these issues. With this book, you’ll implement Azure Sentinel and understand how it can help find security incidents in your environment with integrated artificial intelligence, threat analysis, and built-in and community-driven logic.

This book starts with an introduction to Azure Sentinel and Log Analytics. You’ll get to grips with data collection and management, before learning how to create effective Azure Sentinel queries to detect anomalous behaviors and patterns of activity. As you make progress, you’ll understand how to develop solutions that automate the responses required to handle security incidents. Finally, you’ll grasp the latest developments in security, discover techniques to enhance your cloud security architecture, and explore how you can contribute to the security community.

By the end of this book, you’ll have learned how to implement Azure Sentinel to fit your needs and be able to protect your environment from cyber threats and other security issues.

Publication date:
April 2020
Publisher
Packt
Pages
422
ISBN
9781838980924

 

Section 1: Design and Implementation

In this section, you will gain an overview of Azure Sentinel, including the current cloud landscape, the cloud security reference framework, Security Operations Center (SOC) platform components, and how to map the architecture. You will also learn about Azure Monitor Log Analytics, including how to plan your Log Analytics instance, how to create a new instance, and how to attach an instance to Azure Sentinel.

The following chapters are included in this section:

  • Chapter 1, Getting Started with Azure Sentinel
  • Chapter 2, Azure Monitor – Log Analytics

About the Authors

  • Richard Diver

    Richard Diver has over 25 years’ international experience in technology with a deep technical background in cloud security, identity management, and information security. He works at Insight as the lead for Cloud Security Architecture, working with top partners across the industry to deliver comprehensive cloud security solutions. Any spare time he gets is usually spent with his family.

    Browse publications by this author
  • Gary Bushey

    Gary Bushey is an Azure security expert with over 25 years of IT experience. He got his start early on when he helped his fifth-grade math teacher with their programming homework and worked all one summer to be able to afford his first computer, a Commodore 64. When he sold his first program, an apartment management system, at 14 he was hooked. During his career, he has worked as a developer, consultant, trainer, and architect. When not spending time in front of a computer, you can find him hiking in the woods, taking pictures, or just picking a

    Browse publications by this author

Latest Reviews

(1 reviews total)
Great Information, at a great price.

Recommended For You

Book Title
Access this book, plus 7,500 other titles for FREE
Start FREE trial