Verfügbarkeit: Learn Azure Sentinel :

Learn Azure Sentinel :: integrate Azure security with artificial intelligence to build secure cloud systems /

Azure Sentinel is an intelligent security service from Azure where Microsoft's main focus on developing sentinel is to integrate and bring together cloud security and artificial intelligence into effect. Here readers will gain enough understanding to make the most of Azure services to secure th...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Hauptverfasser:	Diver, Richard (VerfasserIn), Bushey, Gary (VerfasserIn)
Format:	Elektronisch E-Book
Sprache:	English
Veröffentlicht:	Birmingham, UK : Packt Publishing, 2020.
Schlagworte:	Microsoft Azure (Computing platform) Cloud computing > Security measures. Artificial intelligence. Artificial Intelligence Infonuagique > Sécurité > Mesures. Intelligence artificielle. Microsoft Azure (Plateforme informatique) artificial intelligence. Artificial intelligence
Online-Zugang:	Volltext
Zusammenfassung:	Azure Sentinel is an intelligent security service from Azure where Microsoft's main focus on developing sentinel is to integrate and bring together cloud security and artificial intelligence into effect. Here readers will gain enough understanding to make the most of Azure services to secure their environment from modern cybersecurity threats.
Beschreibung:	1 online resource (1 volume) : illustrations
Bibliographie:	Includes bibliographical references.
ISBN:	9781839216633 1839216638

Internformat

MARC


LEADER	00000cam a2200000 i 4500
001	ZDB-4-EBA-on1194007473
003	OCoLC
005	20240705115654.0
006	m o d
007	cr unu\|\|\|\|\|\|\|\|
008	200909s2020 enka ob 000 0 eng d
040			\|a UMI \|b eng \|e rda \|e pn \|c UMI \|d YDX \|d N$T \|d OCLCF \|d EBLCP \|d OCLCQ \|d OCLCO \|d OCLCQ \|d OCLCO \|d TMA \|d OCLCQ
019			\|a 1150201513 \|a 1151186813
020			\|a 9781839216633
020			\|a 1839216638
020			\|z 9781838980924
035			\|a (OCoLC)1194007473 \|z (OCoLC)1150201513 \|z (OCoLC)1151186813
037			\|a CL0501000140 \|b Safari Books Online
050		4	\|a QA76.585
082	7		\|a 004.67/82 \|2 23
049			\|a MAIN
100	1		\|a Diver, Richard, \|e author.
245	1	0	\|a Learn Azure Sentinel : \|b integrate Azure security with artificial intelligence to build secure cloud systems / \|c Richard Diver and Gary Bushey ; foreword by Jason S. Rader.
264		1	\|a Birmingham, UK : \|b Packt Publishing, \|c 2020.
300			\|a 1 online resource (1 volume) : \|b illustrations
336			\|a text \|b txt \|2 rdacontent
337			\|a computer \|b c \|2 rdamedia
338			\|a online resource \|b cr \|2 rdacarrier
588	0		\|a Online resource; title from cover (Safari, viewed September 9, 2020).
504			\|a Includes bibliographical references.
505	0		\|a Cover -- Copyright -- Why subscribe? -- Foreword -- Contributors -- About the authors -- About the reviewers -- Packt is searching for authors like you -- Table Of Contents -- Preface -- Who this book is for -- What this book covers -- To get the most out of this book -- Download the color images -- Conventions used -- Get in touch -- Reviews -- Section 1: Design and Implementation -- Chapter 1: Getting Started with Azure Sentinel -- The current cloud security landscape -- Cloud security reference framework -- SOC platform components -- Mapping the SOC architecture
505	8		\|a Log management and data sources -- Operations platforms -- Threat intelligence and threat hunting -- SOC mapping summary -- Security solution integrations -- Cloud platform integrations -- Integrating with AWS -- Integrating with Google Cloud Platform (GCP) -- Integrating with Microsoft Azure -- Private infrastructure integrations -- Service pricing for Azure Sentinel -- Scenario mapping -- Step 1 -- Define the new scenarios -- Step 2 -- Explain the purpose -- Step 3 -- The kill-chain stage -- Step 4 -- Which solution will do detection? -- Step 5 -- What actions will occur instantly?
505	8		\|a Step 6 -- Severity and output -- Step 7 -- What action should the analyst take? -- Summary -- Questions -- Further reading -- Chapter 2: Azure Monitor -- Log Analytics -- Technical requirements -- Introduction to Azure Monitor Log Analytics -- Planning a workspace -- Creating a workspace using the portal -- Creating a workspace using PowerShell or the CLI -- Exploring the Overview page -- Managing the permissions of the workspace -- Enabling Azure Sentinel -- Exploring the Azure Sentinel Overview page -- The header bar -- The summary bar -- The Events and alerts over time section
505	8		\|a The Recent incidents section -- The Data source anomalies section -- The Potential malicious events section -- The Democratize ML for your SecOps section -- Connecting your first data source -- Obtaining information from Azure virtual machines -- Advanced settings for Log Analytics -- Connected Sources -- The Data option -- Computer Groups -- Summary -- Questions -- Further reading -- Section 2: Data Connectors, Management, and Queries -- Chapter 3: Managing and Collecting Data -- Choosing data that matters -- Understanding connectors -- Native connections -- service to service
505	8		\|a Direct connections -- service to service -- API connections -- Agent-based -- Configuring Azure Sentinel connectors -- Configuring Log Analytics storage options -- Calculating the cost of data ingestion and retention -- Reviewing alternative storage options -- Questions -- Further reading -- Chapter 4: Integrating Threat Intelligence -- Introduction to TI -- Understanding STIX and TAXII -- Choosing the right intel feeds for your needs -- Implementing TI connectors -- Enabling the data connector -- Registering an app in Azure AD -- Configuring the MineMeld threat intelligence feed
520			\|a Azure Sentinel is an intelligent security service from Azure where Microsoft's main focus on developing sentinel is to integrate and bring together cloud security and artificial intelligence into effect. Here readers will gain enough understanding to make the most of Azure services to secure their environment from modern cybersecurity threats.
650		0	\|a Microsoft Azure (Computing platform) \|0 http://id.loc.gov/authorities/subjects/sh2016001752
650		0	\|a Cloud computing \|x Security measures.
650		0	\|a Artificial intelligence. \|0 http://id.loc.gov/authorities/subjects/sh85008180
650		2	\|a Artificial Intelligence \|0 https://id.nlm.nih.gov/mesh/D001185
650		6	\|a Infonuagique \|x Sécurité \|x Mesures.
650		6	\|a Intelligence artificielle.
650		6	\|a Microsoft Azure (Plateforme informatique)
650		7	\|a artificial intelligence. \|2 aat
650		7	\|a Artificial intelligence \|2 fast
650		7	\|a Microsoft Azure (Computing platform) \|2 fast
700	1		\|a Bushey, Gary, \|e author.
700	1		\|a Rader, Jason S., \|e writer of foreword.
776	0	8	\|i Print version: \|a Diver, Richard. \|t Learn Azure Sentinel : Integrate Azure Security with Artificial Intelligence to Build Secure Cloud Systems. \|d Birmingham : Packt Publishing, Limited, ©2020
856	1		\|l FWS01 \|p ZDB-4-EBA \|q FWS_PDA_EBA \|u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=2433086 \|3 Volltext
856	1		\|l CBO01 \|p ZDB-4-EBA \|q FWS_PDA_EBA \|u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=2433086 \|3 Volltext
938			\|a ProQuest Ebook Central \|b EBLB \|n EBL6167738
938			\|a EBSCOhost \|b EBSC \|n 2433086
938			\|a YBP Library Services \|b YANK \|n 301211080
994			\|a 92 \|b GEBAY
912			\|a ZDB-4-EBA

Datensatz im Suchindex

DE-BY-FWS_katkey	ZDB-4-EBA-on1194007473
_version_	1813901690212974593
adam_text
any_adam_object
author	Diver, Richard Bushey, Gary
author_facet	Diver, Richard Bushey, Gary
author_role	aut aut
author_sort	Diver, Richard
author_variant	r d rd g b gb
building	Verbundindex
bvnumber	localFWS
callnumber-first	Q - Science
callnumber-label	QA76
callnumber-raw	QA76.585
callnumber-search	QA76.585
callnumber-sort	QA 276.585
callnumber-subject	QA - Mathematics
collection	ZDB-4-EBA
contents	Cover -- Copyright -- Why subscribe? -- Foreword -- Contributors -- About the authors -- About the reviewers -- Packt is searching for authors like you -- Table Of Contents -- Preface -- Who this book is for -- What this book covers -- To get the most out of this book -- Download the color images -- Conventions used -- Get in touch -- Reviews -- Section 1: Design and Implementation -- Chapter 1: Getting Started with Azure Sentinel -- The current cloud security landscape -- Cloud security reference framework -- SOC platform components -- Mapping the SOC architecture Log management and data sources -- Operations platforms -- Threat intelligence and threat hunting -- SOC mapping summary -- Security solution integrations -- Cloud platform integrations -- Integrating with AWS -- Integrating with Google Cloud Platform (GCP) -- Integrating with Microsoft Azure -- Private infrastructure integrations -- Service pricing for Azure Sentinel -- Scenario mapping -- Step 1 -- Define the new scenarios -- Step 2 -- Explain the purpose -- Step 3 -- The kill-chain stage -- Step 4 -- Which solution will do detection? -- Step 5 -- What actions will occur instantly? Step 6 -- Severity and output -- Step 7 -- What action should the analyst take? -- Summary -- Questions -- Further reading -- Chapter 2: Azure Monitor -- Log Analytics -- Technical requirements -- Introduction to Azure Monitor Log Analytics -- Planning a workspace -- Creating a workspace using the portal -- Creating a workspace using PowerShell or the CLI -- Exploring the Overview page -- Managing the permissions of the workspace -- Enabling Azure Sentinel -- Exploring the Azure Sentinel Overview page -- The header bar -- The summary bar -- The Events and alerts over time section The Recent incidents section -- The Data source anomalies section -- The Potential malicious events section -- The Democratize ML for your SecOps section -- Connecting your first data source -- Obtaining information from Azure virtual machines -- Advanced settings for Log Analytics -- Connected Sources -- The Data option -- Computer Groups -- Summary -- Questions -- Further reading -- Section 2: Data Connectors, Management, and Queries -- Chapter 3: Managing and Collecting Data -- Choosing data that matters -- Understanding connectors -- Native connections -- service to service Direct connections -- service to service -- API connections -- Agent-based -- Configuring Azure Sentinel connectors -- Configuring Log Analytics storage options -- Calculating the cost of data ingestion and retention -- Reviewing alternative storage options -- Questions -- Further reading -- Chapter 4: Integrating Threat Intelligence -- Introduction to TI -- Understanding STIX and TAXII -- Choosing the right intel feeds for your needs -- Implementing TI connectors -- Enabling the data connector -- Registering an app in Azure AD -- Configuring the MineMeld threat intelligence feed
ctrlnum	(OCoLC)1194007473
dewey-full	004.67/82
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	004 - Computer science
dewey-raw	004.67/82
dewey-search	004.67/82
dewey-sort	14.67 282
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
format	Electronic eBook
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>05819cam a2200613 i 4500</leader><controlfield tag="001">ZDB-4-EBA-on1194007473</controlfield><controlfield tag="003">OCoLC</controlfield><controlfield tag="005">20240705115654.0</controlfield><controlfield tag="006">m o d </controlfield><controlfield tag="007">cr unu\|\|\|\|\|\|\|\|</controlfield><controlfield tag="008">200909s2020 enka ob 000 0 eng d</controlfield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">UMI</subfield><subfield code="b">eng</subfield><subfield code="e">rda</subfield><subfield code="e">pn</subfield><subfield code="c">UMI</subfield><subfield code="d">YDX</subfield><subfield code="d">N$T</subfield><subfield code="d">OCLCF</subfield><subfield code="d">EBLCP</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">TMA</subfield><subfield code="d">OCLCQ</subfield></datafield><datafield tag="019" ind1=" " ind2=" "><subfield code="a">1150201513</subfield><subfield code="a">1151186813</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781839216633</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1839216638</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9781838980924</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1194007473</subfield><subfield code="z">(OCoLC)1150201513</subfield><subfield code="z">(OCoLC)1151186813</subfield></datafield><datafield tag="037" ind1=" " ind2=" "><subfield code="a">CL0501000140</subfield><subfield code="b">Safari Books Online</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">QA76.585</subfield></datafield><datafield tag="082" ind1="7" ind2=" "><subfield code="a">004.67/82</subfield><subfield code="2">23</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">MAIN</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Diver, Richard,</subfield><subfield code="e">author.</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Learn Azure Sentinel :</subfield><subfield code="b">integrate Azure security with artificial intelligence to build secure cloud systems /</subfield><subfield code="c">Richard Diver and Gary Bushey ; foreword by Jason S. Rader.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Birmingham, UK :</subfield><subfield code="b">Packt Publishing,</subfield><subfield code="c">2020.</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (1 volume) :</subfield><subfield code="b">illustrations</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="588" ind1="0" ind2=" "><subfield code="a">Online resource; title from cover (Safari, viewed September 9, 2020).</subfield></datafield><datafield tag="504" ind1=" " ind2=" "><subfield code="a">Includes bibliographical references.</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Cover -- Copyright -- Why subscribe? -- Foreword -- Contributors -- About the authors -- About the reviewers -- Packt is searching for authors like you -- Table Of Contents -- Preface -- Who this book is for -- What this book covers -- To get the most out of this book -- Download the color images -- Conventions used -- Get in touch -- Reviews -- Section 1: Design and Implementation -- Chapter 1: Getting Started with Azure Sentinel -- The current cloud security landscape -- Cloud security reference framework -- SOC platform components -- Mapping the SOC architecture</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Log management and data sources -- Operations platforms -- Threat intelligence and threat hunting -- SOC mapping summary -- Security solution integrations -- Cloud platform integrations -- Integrating with AWS -- Integrating with Google Cloud Platform (GCP) -- Integrating with Microsoft Azure -- Private infrastructure integrations -- Service pricing for Azure Sentinel -- Scenario mapping -- Step 1 -- Define the new scenarios -- Step 2 -- Explain the purpose -- Step 3 -- The kill-chain stage -- Step 4 -- Which solution will do detection? -- Step 5 -- What actions will occur instantly?</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Step 6 -- Severity and output -- Step 7 -- What action should the analyst take? -- Summary -- Questions -- Further reading -- Chapter 2: Azure Monitor -- Log Analytics -- Technical requirements -- Introduction to Azure Monitor Log Analytics -- Planning a workspace -- Creating a workspace using the portal -- Creating a workspace using PowerShell or the CLI -- Exploring the Overview page -- Managing the permissions of the workspace -- Enabling Azure Sentinel -- Exploring the Azure Sentinel Overview page -- The header bar -- The summary bar -- The Events and alerts over time section</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">The Recent incidents section -- The Data source anomalies section -- The Potential malicious events section -- The Democratize ML for your SecOps section -- Connecting your first data source -- Obtaining information from Azure virtual machines -- Advanced settings for Log Analytics -- Connected Sources -- The Data option -- Computer Groups -- Summary -- Questions -- Further reading -- Section 2: Data Connectors, Management, and Queries -- Chapter 3: Managing and Collecting Data -- Choosing data that matters -- Understanding connectors -- Native connections -- service to service</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Direct connections -- service to service -- API connections -- Agent-based -- Configuring Azure Sentinel connectors -- Configuring Log Analytics storage options -- Calculating the cost of data ingestion and retention -- Reviewing alternative storage options -- Questions -- Further reading -- Chapter 4: Integrating Threat Intelligence -- Introduction to TI -- Understanding STIX and TAXII -- Choosing the right intel feeds for your needs -- Implementing TI connectors -- Enabling the data connector -- Registering an app in Azure AD -- Configuring the MineMeld threat intelligence feed</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Azure Sentinel is an intelligent security service from Azure where Microsoft's main focus on developing sentinel is to integrate and bring together cloud security and artificial intelligence into effect. Here readers will gain enough understanding to make the most of Azure services to secure their environment from modern cybersecurity threats.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Microsoft Azure (Computing platform)</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh2016001752</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Cloud computing</subfield><subfield code="x">Security measures.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Artificial intelligence.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh85008180</subfield></datafield><datafield tag="650" ind1=" " ind2="2"><subfield code="a">Artificial Intelligence</subfield><subfield code="0">https://id.nlm.nih.gov/mesh/D001185</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Infonuagique</subfield><subfield code="x">Sécurité</subfield><subfield code="x">Mesures.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Intelligence artificielle.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Microsoft Azure (Plateforme informatique)</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">artificial intelligence.</subfield><subfield code="2">aat</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Artificial intelligence</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Microsoft Azure (Computing platform)</subfield><subfield code="2">fast</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Bushey, Gary,</subfield><subfield code="e">author.</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Rader, Jason S.,</subfield><subfield code="e">writer of foreword.</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Print version:</subfield><subfield code="a">Diver, Richard.</subfield><subfield code="t">Learn Azure Sentinel : Integrate Azure Security with Artificial Intelligence to Build Secure Cloud Systems.</subfield><subfield code="d">Birmingham : Packt Publishing, Limited, ©2020</subfield></datafield><datafield tag="856" ind1="1" ind2=" "><subfield code="l">FWS01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=2433086</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="856" ind1="1" ind2=" "><subfield code="l">CBO01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=2433086</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">ProQuest Ebook Central</subfield><subfield code="b">EBLB</subfield><subfield code="n">EBL6167738</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">EBSCOhost</subfield><subfield code="b">EBSC</subfield><subfield code="n">2433086</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">YBP Library Services</subfield><subfield code="b">YANK</subfield><subfield code="n">301211080</subfield></datafield><datafield tag="994" ind1=" " ind2=" "><subfield code="a">92</subfield><subfield code="b">GEBAY</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield></datafield></record></collection>
id	ZDB-4-EBA-on1194007473
illustrated	Illustrated
indexdate	2024-10-25T15:50:52Z
institution	BVB
isbn	9781839216633 1839216638
language	English
oclc_num	1194007473
open_access_boolean
owner	MAIN
owner_facet	MAIN
physical	1 online resource (1 volume) : illustrations
psigel	ZDB-4-EBA
publishDate	2020
publishDateSearch	2020
publishDateSort	2020
publisher	Packt Publishing,
record_format	marc
spelling	Diver, Richard, author. Learn Azure Sentinel : integrate Azure security with artificial intelligence to build secure cloud systems / Richard Diver and Gary Bushey ; foreword by Jason S. Rader. Birmingham, UK : Packt Publishing, 2020. 1 online resource (1 volume) : illustrations text txt rdacontent computer c rdamedia online resource cr rdacarrier Online resource; title from cover (Safari, viewed September 9, 2020). Includes bibliographical references. Cover -- Copyright -- Why subscribe? -- Foreword -- Contributors -- About the authors -- About the reviewers -- Packt is searching for authors like you -- Table Of Contents -- Preface -- Who this book is for -- What this book covers -- To get the most out of this book -- Download the color images -- Conventions used -- Get in touch -- Reviews -- Section 1: Design and Implementation -- Chapter 1: Getting Started with Azure Sentinel -- The current cloud security landscape -- Cloud security reference framework -- SOC platform components -- Mapping the SOC architecture Log management and data sources -- Operations platforms -- Threat intelligence and threat hunting -- SOC mapping summary -- Security solution integrations -- Cloud platform integrations -- Integrating with AWS -- Integrating with Google Cloud Platform (GCP) -- Integrating with Microsoft Azure -- Private infrastructure integrations -- Service pricing for Azure Sentinel -- Scenario mapping -- Step 1 -- Define the new scenarios -- Step 2 -- Explain the purpose -- Step 3 -- The kill-chain stage -- Step 4 -- Which solution will do detection? -- Step 5 -- What actions will occur instantly? Step 6 -- Severity and output -- Step 7 -- What action should the analyst take? -- Summary -- Questions -- Further reading -- Chapter 2: Azure Monitor -- Log Analytics -- Technical requirements -- Introduction to Azure Monitor Log Analytics -- Planning a workspace -- Creating a workspace using the portal -- Creating a workspace using PowerShell or the CLI -- Exploring the Overview page -- Managing the permissions of the workspace -- Enabling Azure Sentinel -- Exploring the Azure Sentinel Overview page -- The header bar -- The summary bar -- The Events and alerts over time section The Recent incidents section -- The Data source anomalies section -- The Potential malicious events section -- The Democratize ML for your SecOps section -- Connecting your first data source -- Obtaining information from Azure virtual machines -- Advanced settings for Log Analytics -- Connected Sources -- The Data option -- Computer Groups -- Summary -- Questions -- Further reading -- Section 2: Data Connectors, Management, and Queries -- Chapter 3: Managing and Collecting Data -- Choosing data that matters -- Understanding connectors -- Native connections -- service to service Direct connections -- service to service -- API connections -- Agent-based -- Configuring Azure Sentinel connectors -- Configuring Log Analytics storage options -- Calculating the cost of data ingestion and retention -- Reviewing alternative storage options -- Questions -- Further reading -- Chapter 4: Integrating Threat Intelligence -- Introduction to TI -- Understanding STIX and TAXII -- Choosing the right intel feeds for your needs -- Implementing TI connectors -- Enabling the data connector -- Registering an app in Azure AD -- Configuring the MineMeld threat intelligence feed Azure Sentinel is an intelligent security service from Azure where Microsoft's main focus on developing sentinel is to integrate and bring together cloud security and artificial intelligence into effect. Here readers will gain enough understanding to make the most of Azure services to secure their environment from modern cybersecurity threats. Microsoft Azure (Computing platform) http://id.loc.gov/authorities/subjects/sh2016001752 Cloud computing Security measures. Artificial intelligence. http://id.loc.gov/authorities/subjects/sh85008180 Artificial Intelligence https://id.nlm.nih.gov/mesh/D001185 Infonuagique Sécurité Mesures. Intelligence artificielle. Microsoft Azure (Plateforme informatique) artificial intelligence. aat Artificial intelligence fast Microsoft Azure (Computing platform) fast Bushey, Gary, author. Rader, Jason S., writer of foreword. Print version: Diver, Richard. Learn Azure Sentinel : Integrate Azure Security with Artificial Intelligence to Build Secure Cloud Systems. Birmingham : Packt Publishing, Limited, ©2020 FWS01 ZDB-4-EBA FWS_PDA_EBA https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=2433086 Volltext CBO01 ZDB-4-EBA FWS_PDA_EBA https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=2433086 Volltext
spellingShingle	Diver, Richard Bushey, Gary Learn Azure Sentinel : integrate Azure security with artificial intelligence to build secure cloud systems / Cover -- Copyright -- Why subscribe? -- Foreword -- Contributors -- About the authors -- About the reviewers -- Packt is searching for authors like you -- Table Of Contents -- Preface -- Who this book is for -- What this book covers -- To get the most out of this book -- Download the color images -- Conventions used -- Get in touch -- Reviews -- Section 1: Design and Implementation -- Chapter 1: Getting Started with Azure Sentinel -- The current cloud security landscape -- Cloud security reference framework -- SOC platform components -- Mapping the SOC architecture Log management and data sources -- Operations platforms -- Threat intelligence and threat hunting -- SOC mapping summary -- Security solution integrations -- Cloud platform integrations -- Integrating with AWS -- Integrating with Google Cloud Platform (GCP) -- Integrating with Microsoft Azure -- Private infrastructure integrations -- Service pricing for Azure Sentinel -- Scenario mapping -- Step 1 -- Define the new scenarios -- Step 2 -- Explain the purpose -- Step 3 -- The kill-chain stage -- Step 4 -- Which solution will do detection? -- Step 5 -- What actions will occur instantly? Step 6 -- Severity and output -- Step 7 -- What action should the analyst take? -- Summary -- Questions -- Further reading -- Chapter 2: Azure Monitor -- Log Analytics -- Technical requirements -- Introduction to Azure Monitor Log Analytics -- Planning a workspace -- Creating a workspace using the portal -- Creating a workspace using PowerShell or the CLI -- Exploring the Overview page -- Managing the permissions of the workspace -- Enabling Azure Sentinel -- Exploring the Azure Sentinel Overview page -- The header bar -- The summary bar -- The Events and alerts over time section The Recent incidents section -- The Data source anomalies section -- The Potential malicious events section -- The Democratize ML for your SecOps section -- Connecting your first data source -- Obtaining information from Azure virtual machines -- Advanced settings for Log Analytics -- Connected Sources -- The Data option -- Computer Groups -- Summary -- Questions -- Further reading -- Section 2: Data Connectors, Management, and Queries -- Chapter 3: Managing and Collecting Data -- Choosing data that matters -- Understanding connectors -- Native connections -- service to service Direct connections -- service to service -- API connections -- Agent-based -- Configuring Azure Sentinel connectors -- Configuring Log Analytics storage options -- Calculating the cost of data ingestion and retention -- Reviewing alternative storage options -- Questions -- Further reading -- Chapter 4: Integrating Threat Intelligence -- Introduction to TI -- Understanding STIX and TAXII -- Choosing the right intel feeds for your needs -- Implementing TI connectors -- Enabling the data connector -- Registering an app in Azure AD -- Configuring the MineMeld threat intelligence feed Microsoft Azure (Computing platform) http://id.loc.gov/authorities/subjects/sh2016001752 Cloud computing Security measures. Artificial intelligence. http://id.loc.gov/authorities/subjects/sh85008180 Artificial Intelligence https://id.nlm.nih.gov/mesh/D001185 Infonuagique Sécurité Mesures. Intelligence artificielle. Microsoft Azure (Plateforme informatique) artificial intelligence. aat Artificial intelligence fast Microsoft Azure (Computing platform) fast
subject_GND	http://id.loc.gov/authorities/subjects/sh2016001752 http://id.loc.gov/authorities/subjects/sh85008180 https://id.nlm.nih.gov/mesh/D001185
title	Learn Azure Sentinel : integrate Azure security with artificial intelligence to build secure cloud systems /
title_auth	Learn Azure Sentinel : integrate Azure security with artificial intelligence to build secure cloud systems /
title_exact_search	Learn Azure Sentinel : integrate Azure security with artificial intelligence to build secure cloud systems /
title_full	Learn Azure Sentinel : integrate Azure security with artificial intelligence to build secure cloud systems / Richard Diver and Gary Bushey ; foreword by Jason S. Rader.
title_fullStr	Learn Azure Sentinel : integrate Azure security with artificial intelligence to build secure cloud systems / Richard Diver and Gary Bushey ; foreword by Jason S. Rader.
title_full_unstemmed	Learn Azure Sentinel : integrate Azure security with artificial intelligence to build secure cloud systems / Richard Diver and Gary Bushey ; foreword by Jason S. Rader.
title_short	Learn Azure Sentinel :
title_sort	learn azure sentinel integrate azure security with artificial intelligence to build secure cloud systems
title_sub	integrate Azure security with artificial intelligence to build secure cloud systems /
topic	Microsoft Azure (Computing platform) http://id.loc.gov/authorities/subjects/sh2016001752 Cloud computing Security measures. Artificial intelligence. http://id.loc.gov/authorities/subjects/sh85008180 Artificial Intelligence https://id.nlm.nih.gov/mesh/D001185 Infonuagique Sécurité Mesures. Intelligence artificielle. Microsoft Azure (Plateforme informatique) artificial intelligence. aat Artificial intelligence fast Microsoft Azure (Computing platform) fast
topic_facet	Microsoft Azure (Computing platform) Cloud computing Security measures. Artificial intelligence. Artificial Intelligence Infonuagique Sécurité Mesures. Intelligence artificielle. Microsoft Azure (Plateforme informatique) artificial intelligence. Artificial intelligence
url	https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=2433086
work_keys_str_mv	AT diverrichard learnazuresentinelintegrateazuresecuritywithartificialintelligencetobuildsecurecloudsystems AT busheygary learnazuresentinelintegrateazuresecuritywithartificialintelligencetobuildsecurecloudsystems AT raderjasons learnazuresentinelintegrateazuresecuritywithartificialintelligencetobuildsecurecloudsystems

Verfügbarkeit

Es ist kein Print-Exemplar vorhanden.

Fernleihe Bestellen Achtung: Nicht im THWS-Bestand! Volltext öffnen

MARC

Datensatz im Suchindex

Es ist kein Print-Exemplar vorhanden.

Ähnliche Einträge