Secure your Azure applications the right way. The expert DevSecOps techniques you'll learn in this essential handbook make it easy to keep your data safe.
As a Program Manager at Microsoft, Bojan Magusic has helped numerous Fortune 500 companies improve their security posture in Azure. Now, in Azure Security he brings his experience from the cyber security frontline to ensure your Azure cloud-based systems are safe and secure.
In Azure Security you’ll learn vital security skills, including how to:
- Set up secure access through Conditional Access policiesImplement Azure WAF on Application Gateway and Front Door
- Deploy Azure Firewall Premium for monitoring network activities
- Enable Microsoft Defender for Cloud to assess workload configurations
- Utilize Microsoft Sentinel for threat detection and analytics
- Establish Azure Policy for compliance with business rules
Correctly set up out-of-the-box Azure services to protect your web apps against both common and sophisticated threats, learn to continuously assess your systems for vulnerabilities, and discover cutting-edge operations for security hygiene, monitoring, and DevSecOps. Each stage is made clear and easy to follow with step-by-step instructions, complemented by helpful screenshots and diagrams.
Purchase of the print book includes a free eBook in PDF and ePub formats from Manning Publications.
About the technology
Securing cloud-hosted applications requires a mix of tools, techniques, and platform-specific services. The Azure platform provides built-in security tools to keep your systems safe, but proper implementation requires a foundational strategy and tactical guidance.
About the book
Azure Security details best practices for configuring and deploying Azure’s native security services—from a zero-trust foundation to defense in depth (DiD). Learn from a Microsoft security insider how to establish a DevSecOps program using Microsoft Defender for Cloud. Realistic scenarios and hands-on examples help demystify tricky security concepts, while clever exercises help reinforce what you’ve learned.
What's inside
- Set up secure access policies
- Implement a Web Application Firewall
- Deploy MS Sentinel for monitoring and threat detection
- Establish compliance with business rules
About the reader
For software and security engineers building and securing Azure applications.
About the author
Bojan Magusic is a Product Manager with Microsoft on the Security Customer Experience Engineering Team.
Table of Contents
PART 1 FIRST STEPS
1 About Azure security
2 Securing identities in Azure: The four pillars of identity and Azure Active Directory
PART 2 SECURING AZURE RESOURCES
3 Implementing network security in Azure: Firewall, WAF, and DDoS protection
4 Securing compute resources in Azure: Azure Bastion, Kubernetes, and Azure App Service
5 Securing data in Azure Storage accounts: Azure Key Vault
6 Implementing good security hygiene: Microsoft Defender for Cloud and Defender CSPM
7 Security monitoring for Azure resources: Microsoft Defender for Cloud plans
PART 3 GOING FURTHER
8 Security operations and response: Microsoft Sentinel
9 Audit and log data: Azure Monitor
10 Importance of governance: Azure Policy and Azure Blueprints
11 DevSecOps: Microsoft Defender for DevOps
Ebook License
End-User Warranty And License Agreement
1. Grant Of License
Manning Has Authorized The Download By You Of An Unrestricted Number Of Copies Of The Electronic Book (Ebook) In Any Of The Available Formats. Manning Grants You A Nonexclusive, Nontransferable License To Use The Ebook According To The Terms And Conditions Herein. This License Agreement Permits You To Install The Ebook On Any And All Your Devices For Your Personal Use Only.
2. Restrictions
You Shall Not: (1) Share, Resell, Rent, Assign, Timeshare, Distribute, Or Transfer All Or Part Of The Ebook Or Any Rights Granted Hereunder To Any Other Person; (2) Duplicate The Ebook, Except For A Single Backup Or Archival Copy; (3) Remove Any Proprietary Notices, Labels, Or Marks From The Ebook; (4) Transfer Or Sublicense Title To The Ebook To Any Other Party.
3. Intellectual Property Protection
The Ebook Is Owned By Manning And Is Protected By United States And International Copyright And Other Intellectual Property Laws. Manning Reserves All Rights In The Ebook Not Expressly Granted Herein. This License And Your Right To Use The Ebook Terminate Automatically If You Violate Any Part Of This Agreement. In The Event Of Termination, You Must Remove The Original And Any Copies Of The Ebook From All Your Devices.
4. Source Code Supplementary Material
Any Source Code Files Provided As A Supplement To The Book Are Freely Available To The Public For Download. Reuse Of The Code Is Permitted, In Whole Or In Part, Including The Creation Of Derivative Works, Provided That You Acknowledge That You Are Using It And Identify The Source: Title, Publisher And Year.
5. Limited Warranty
Manning Warrants That The Ebook Files, A Copy Of Which You Are Authorized To Download, Are Free From Defects In The Operational Sense That They Can Be Read By A Pdf Reader Or Epub Reader, Or Other. Except For This Express Limited Warranty, Manning Makes And You Receive No Warranties, Express, Implied, Statutory Or In Any Communication With You, And Manning Specifically Disclaims Any Other Warranty Including The Implied Warranty Of Merchantability Or Fitness Or A Particular Purpose. Manning Does Not Warrant That The Operation Of The Ebook Will Be Uninterrupted Or Error Free. If The Ebook Was Purchased In The United States, The Above Exclusions May Not Apply To You As Some States Do Not Allow The Exclusion Of Implied Warranties. In Addition To The Above Warranty Rights, You May Also Have Other Rights That Vary From State To State.
6. Limitation Of Liability
In No Event Will Manning Be Liable For Any Damages, Whether Arising For Tort Or Contract, Including Loss Of Data, Lost Profits, Or Other Special, Incidental, Consequential, Or Indirect Damages Arising Out Of The Use Or Inability To Use The Ebook.
7. General
This Agreement Constitutes The Entire Agreement Between You And Manning And Supersedes Any Prior Agreement Concerning The Ebook. This Agreement Is Governed By The Laws Of The State Of New York
