Microsoft Defender for Cloud

The definitive practical guide to Microsoft Defender for Cloud covering new components and multi-cloud enhancements!Microsoft Defender for Cloud offers comprehensive tools for hardening resources, tracking security posture, protecting against attacks, and streamlining security management all in one natively integrated toolset. Now, leading Microsoft security experts Yuri Diogenes and Tom Janetscheck help you apply its robust protection, detection, and response capabilities throughout your operations, protecting workloads running on all your cloud, hybrid, and on-premises platforms.This guide shows how to make the most of new components, enhancements, and deployment scenarios, as you address today's latest threat vectors. Sharing best practices, expert tips, and optimizations only available from Microsoft's Defender for Cloud team, the authors walk through improving everything from policies and governance to incident response and risk management. Whatever your role or experience, they'll help you address new security challenges far more effectivelyand save hours, days, or even weeks.Two of Microsoft's leading cloud security experts show how to:Assess new threat landscapes, the MITRE ATT&CK framework, and the implications of ''assume-breach''Explore Defender for Cloud architecture, use cases, and adoption considerations including multicloud with AWS and GCPPlan for effective governance, successful onboarding, and maximum valueFully visualize complex cloud estates and systematically reduce their attack surfacesPrioritize risks with Secure Score, and leverage at-scale tools to build secure cloud-native appsEstablish consistent policy enforcement to avoid driftUse advanced analytics and machine learning to identify attacks based on signals from all cloud workloadsEnhance security posture by integrating with the Microsoft Sentinel SIEM/SOAR, Microsoft Purview, and Microsoft Defender for EndpointLeverage just-in-time VM access and other enhanced security capabilities About This BookFor architects, designers, implementers, SecOps professionals, developers, and security specialists working in Microsoft Azure environmentsFor all IT professionals and decision-makers concerned with securing modern hybrid/multicloud environments, cloud-native apps, and PaaS services

YURI DIOGENES is a Senior Content Developer on the CSI Enterprise Mobility and Security Team, focusing on enterprise mobility solutions, Azure Security Center, and OMS Security. Previously, Yuri worked at Microsoft as a writer for the Windows Security team and as a Support Escalation Engineer for the CSS Forefront team. He has a Master of Science degree in Cybersecurity Intelligence and Forensics from Utica College and an MBA from FGF in Brazil, and he holds several industry certifications. He is co-author of Enterprise Mobility Suite–Managing BYOD and Company-Owned Devices (Microsoft Press, 2015), Microsoft Forefront Threat Management Gateway (TMG) Administrator’s Companion (Microsoft Press, 2010), and three other Forefront titles from Microsoft Press.DR. THOMAS SHINDER is a program manager in Azure Security Engineering and a 20-year veteran in IT security. Tom is best known for his work with ISA Server and TMG, publishing nine books on those topics. He was also the leading voice at ISAserver.org. After joining Microsoft in 2009, Tom spent time on the UAG DirectAccess team and then took a 3-year vacation from security to be a cloud infrastructure specialist and architect. He’s now back where he belongs in security, and spends a good deal of time hugging his Azure Security Center console and hiding his secrets in Azure Key Vault.DEBRA LITTLEJOHN SHINDER, MCSE, is a former police officer and police academy instructor who is self-employed as a technol-ogy consultant, trainer, and writer, specializing in network and cloud security. She has authored a number of books, including Scene of the Cybercrime: Computer Forensics Handbook (Syngress Publishing, 2002) and Computer Networking Essentials (Cisco Press, 2001). She has co-authored more than 20 additional books and worked as a tech editor, developmental editor, and contributor to more than 15 books. Deb is a lead author for WindowSecurity.com and WindowsNetworking.com, and a long-time contributor to the GFI Software blog and other technology publications, with more than 1,500 published articles in print magazines and on websites. Deb focuses on Microsoft products, and has been awarded the Microsoft MVP (Most Valuable Professional) award in the field of enterprise security for 14 years in a row. She lives and works in the Dallas-Fort Worth area and has taught law enforcement, computer networking, and security courses at Eastfield College in Mesquite, Texas. She currently sits on the advisory board of the Eastfield Criminal Justice Training Center Police Academy.

CHAPTER 1 The threat landscape CHAPTER 2 Planning Microsoft Defender for Cloud adoption CHAPTER 3 Onboarding Microsoft Defender for Cloud CHAPTER 4 Policy management CHAPTER 5 Strengthening your security posture CHAPTER 6 Threat detection CHAPTER 7 Better together CHAPTER 8 Enhanced security capabilities CHAPTER 9 Accessing Defender for Cloud from APIs CHAPTER 10 Deploying Microsoft Defender for Cloud at scale APPENDIX Microsoft Defender for DevOps