Zum Hauptinhalt springen
Dekorationsartikel gehören nicht zum Leistungsumfang.
Microsoft Azure Sentinel
Planning and implementing Microsoft's cloud-native SIEM solution
Taschenbuch von Nicholas Dicola (u. a.)
Sprache: Englisch

40,65 €*

inkl. MwSt.

Versandkostenfrei per Post / DHL

Lieferzeit 1-2 Wochen

Kategorien:
Beschreibung
Build next-generation security operations with Microsoft Sentinel Microsoft Sentinel is the scalable, cloud-native, security information and event management (SIEM) solution for automating and streamlining threat identification and response across your enterprise. Now, three leading experts guide you step-by-step through planning, deployment, and operations, helping you use Microsoft Sentinel to escape the complexity and scalability challenges of traditional solutions. Fully updated for the latest enhancements, this edition introduces new use cases for investigation, hunting, automation, and orchestration across your enterprise and all your clouds. The authors clearly introduce each service, concisely explain all new concepts, and present proven best practices for maximizing Microsoft Sentinel's value throughout security operations. Three of Microsoft's leading security operations experts show how to: Review emerging challenges that make better cyberdefense an urgent prioritySee how Microsoft Sentinel responds by unifying alert detection, threat visibility, proactive hunting, and threat responseExplore components, architecture, design, and initial configurationIngest alerts and raw logs from all sources you need to monitorDefine and validate rules that prevent alert fatigueUse threat intelligence, machine learning, and automation to triage issues and focus on high-value tasksAdd context with User and Entity Behavior Analytics (UEBA) and WatchlistsHunt sophisticated new threats to disrupt cyber kill chains before you're exploitedEnrich incident management and threat hunting with Jupyter notebooksUse Playbooks to automate more incident handling and investigation tasksCreate visualizations to spot trends, clarify relationships, and speed decisionsSimplify integration with point-and-click data connectors that provide normalization, detection rules, queries, and Workbooks About This Book For cybersecurity analysts, security administrators, threat hunters, support professionals, engineers, and other IT professionals concerned with security operationsFor both Microsoft Azure and non-Azure users at all levels of experience
Build next-generation security operations with Microsoft Sentinel Microsoft Sentinel is the scalable, cloud-native, security information and event management (SIEM) solution for automating and streamlining threat identification and response across your enterprise. Now, three leading experts guide you step-by-step through planning, deployment, and operations, helping you use Microsoft Sentinel to escape the complexity and scalability challenges of traditional solutions. Fully updated for the latest enhancements, this edition introduces new use cases for investigation, hunting, automation, and orchestration across your enterprise and all your clouds. The authors clearly introduce each service, concisely explain all new concepts, and present proven best practices for maximizing Microsoft Sentinel's value throughout security operations. Three of Microsoft's leading security operations experts show how to: Review emerging challenges that make better cyberdefense an urgent prioritySee how Microsoft Sentinel responds by unifying alert detection, threat visibility, proactive hunting, and threat responseExplore components, architecture, design, and initial configurationIngest alerts and raw logs from all sources you need to monitorDefine and validate rules that prevent alert fatigueUse threat intelligence, machine learning, and automation to triage issues and focus on high-value tasksAdd context with User and Entity Behavior Analytics (UEBA) and WatchlistsHunt sophisticated new threats to disrupt cyber kill chains before you're exploitedEnrich incident management and threat hunting with Jupyter notebooksUse Playbooks to automate more incident handling and investigation tasksCreate visualizations to spot trends, clarify relationships, and speed decisionsSimplify integration with point-and-click data connectors that provide normalization, detection rules, queries, and Workbooks About This Book For cybersecurity analysts, security administrators, threat hunters, support professionals, engineers, and other IT professionals concerned with security operationsFor both Microsoft Azure and non-Azure users at all levels of experience
Über den Autor

Yuri Diogenes, MsC holds a Master of Science in cybersecurity intelligence and forensics investigation from UTICA College and is currently working on his Ph.D. in cybersecurity leadership from Capitol Technology University. Yuri has been working at Microsoft since 2006 and currently is a principal program manager for the CxE Microsoft Defender for Cloud Team. Yuri has published a total of 26 books, mostly about information security and Microsoft technologies. Yuri is also a professor at EC-Council University, where he teaches in the Bachelor of Cybersecurity Program. Yuri is an MBA and holds many IT/Security industry certifications, such as CISSP, MITRE ATT&CK® Cyber Threat Intelligence Certified, E|CND, E|CEH, E|CSA, E|CHFI, CompTIA Security+, CySA+, Network+, CASP, and CyberSec First Responder. You can follow Yuri on Twitter at [...]

Nicholas DiCola is the Vice President of Customers at Zero Networks, where he leads the customer engineering team that helps customers with pilots and deployments of Zero Networks products. He has a Master of Business Administration with a concentration in information systems. He holds various industry certifications, such as CISSP and CEH. You can follow Nicholas on Twitter at [...]

Tiander Turpijn is a principal program manager for Microsoft Sentinel. He joined Microsoft in 1998 and fulfilled multiple roles, from senior escalation support engineer, senior management & security consultant, and architect to a datacenter architecture role. Tiander has a computer science degree and various industry certifications, such as CISSP and CEH. You can follow Tiander on Twitter at [...]

Inhaltsverzeichnis

CHAPTER 1: Security challenges for SecOps

CHAPTER 2: Introduction to Microsoft Sentinel

CHAPTER 3: Analytics

CHAPTER 4: Incident management

CHAPTER 5: Hunting

CHAPTER 6: Notebooks

CHAPTER 7: Automating response

CHAPTER 8: Data visualization

CHAPTER 9: Data connectors

APPENDIX A: Introduction to Kusto Query Language

APPENDIX B: Microsoft Sentinel for managed security service providers

Details
Erscheinungsjahr: 2022
Fachbereich: Betriebssysteme & Benutzeroberflächen
Genre: Importe, Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
Inhalt: Kartoniert / Broschiert
ISBN-13: 9780137900930
ISBN-10: 0137900937
Sprache: Englisch
Einband: Kartoniert / Broschiert
Autor: Dicola, Nicholas
Turpijn, Tiander
Diogenes, Yuri
Hersteller: Pearson Education (US)
Verantwortliche Person für die EU: preigu, Ansas Meyer, Lengericher Landstr. 19, D-49078 Osnabrück, mail@preigu.de
Maße: 229 x 183 x 13 mm
Von/Mit: Nicholas Dicola (u. a.)
Erscheinungsdatum: 30.08.2022
Gewicht: 0,4 kg
Artikel-ID: 122044461
Über den Autor

Yuri Diogenes, MsC holds a Master of Science in cybersecurity intelligence and forensics investigation from UTICA College and is currently working on his Ph.D. in cybersecurity leadership from Capitol Technology University. Yuri has been working at Microsoft since 2006 and currently is a principal program manager for the CxE Microsoft Defender for Cloud Team. Yuri has published a total of 26 books, mostly about information security and Microsoft technologies. Yuri is also a professor at EC-Council University, where he teaches in the Bachelor of Cybersecurity Program. Yuri is an MBA and holds many IT/Security industry certifications, such as CISSP, MITRE ATT&CK® Cyber Threat Intelligence Certified, E|CND, E|CEH, E|CSA, E|CHFI, CompTIA Security+, CySA+, Network+, CASP, and CyberSec First Responder. You can follow Yuri on Twitter at [...]

Nicholas DiCola is the Vice President of Customers at Zero Networks, where he leads the customer engineering team that helps customers with pilots and deployments of Zero Networks products. He has a Master of Business Administration with a concentration in information systems. He holds various industry certifications, such as CISSP and CEH. You can follow Nicholas on Twitter at [...]

Tiander Turpijn is a principal program manager for Microsoft Sentinel. He joined Microsoft in 1998 and fulfilled multiple roles, from senior escalation support engineer, senior management & security consultant, and architect to a datacenter architecture role. Tiander has a computer science degree and various industry certifications, such as CISSP and CEH. You can follow Tiander on Twitter at [...]

Inhaltsverzeichnis

CHAPTER 1: Security challenges for SecOps

CHAPTER 2: Introduction to Microsoft Sentinel

CHAPTER 3: Analytics

CHAPTER 4: Incident management

CHAPTER 5: Hunting

CHAPTER 6: Notebooks

CHAPTER 7: Automating response

CHAPTER 8: Data visualization

CHAPTER 9: Data connectors

APPENDIX A: Introduction to Kusto Query Language

APPENDIX B: Microsoft Sentinel for managed security service providers

Details
Erscheinungsjahr: 2022
Fachbereich: Betriebssysteme & Benutzeroberflächen
Genre: Importe, Informatik
Rubrik: Naturwissenschaften & Technik
Medium: Taschenbuch
Inhalt: Kartoniert / Broschiert
ISBN-13: 9780137900930
ISBN-10: 0137900937
Sprache: Englisch
Einband: Kartoniert / Broschiert
Autor: Dicola, Nicholas
Turpijn, Tiander
Diogenes, Yuri
Hersteller: Pearson Education (US)
Verantwortliche Person für die EU: preigu, Ansas Meyer, Lengericher Landstr. 19, D-49078 Osnabrück, mail@preigu.de
Maße: 229 x 183 x 13 mm
Von/Mit: Nicholas Dicola (u. a.)
Erscheinungsdatum: 30.08.2022
Gewicht: 0,4 kg
Artikel-ID: 122044461
Sicherheitshinweis