Azure云平台安全与治理指南：Policy、Blueprints、Security Center 和 Sentinel

需积分: 12 79 浏览量更新于2024-07-17 收藏 19.71MB PDF 举报

身份认证购VIP最低享 7 折!

领优惠券(最高得80元）

Azure Governance and Security Comprehensive Guide Azure Governance and Security是Azure平台的重要组件，负责管理和保护Azure资源。以下是Azure Governance and Security的知识点： Azure Policy Azure Policy是Azure平台的策略管理服务，用于定义、分配和实施企业的治理策略。Azure Policy提供了以下功能： * 策略定义：用户可以定义自己的策略，指定资源的配置和行为。 * 策略分配：Azure Policy支持将策略分配到资源组、订阅或管理组。 * 合规性评估：Azure Policy提供了合规性评估功能，帮助用户评估资源的合规性。 Azure Blueprints Azure Blueprints是Azure平台的基础设施即代码（IaC）服务，用于定义和部署Azure资源。Azure Blueprints提供了以下功能： * 基础设施即代码：Azure Blueprints支持使用ARM模板定义Azure资源。 * 版本控制：Azure Blueprints支持版本控制，帮助用户跟踪资源的变化。 * 部署管理：Azure Blueprints提供了部署管理功能，帮助用户自动部署Azure资源。 Azure Security Center Azure Security Center是Azure平台的安全中心，用于保护Azure资源免受攻击和威胁。Azure Security Center提供了以下功能： * 威胁检测：Azure Security Center提供了威胁检测功能，帮助用户检测和响应安全威胁。 * 安全评估：Azure Security Center提供了安全评估功能，帮助用户评估Azure资源的安全状况。 * 安全建议：Azure Security Center提供了安全建议功能，帮助用户改进Azure资源的安全性。 Azure Sentinel Azure Sentinel是Azure平台的安全信息和事件管理（SIEM）系统，用于检测和响应安全威胁。Azure Sentinel提供了以下功能： * 安全信息和事件管理：Azure Sentinel提供了安全信息和事件管理功能，帮助用户检测和响应安全威胁。 * 威胁狩猎：Azure Sentinel提供了威胁狩猎功能，帮助用户检测和响应高级威胁。 * 安全分析：Azure Sentinel提供了安全分析功能，帮助用户分析和改进Azure资源的安全性。 Azure Governance and Security Best Practices 以下是Azure Governance and Security的最佳实践： * 实施Azure Policy：使用Azure Policy来定义和实施企业的治理策略。 * 使用Azure Blueprints：使用Azure Blueprints来定义和部署Azure资源。 * 实施Azure Security Center：使用Azure Security Center来保护Azure资源免受攻击和威胁。 * 实施Azure Sentinel：使用Azure Sentinel来检测和响应安全威胁。 Azure Governance and Security是Azure平台的重要组件，负责管理和保护Azure资源。通过了解Azure Governance and Security的知识点和最佳实践，用户可以更好地管理和保护Azure资源。

资源详情

资源推荐

xix

As the Global Director for the Microsoft Cybersecurity

Solutions Group, Jonathan leads Microsoft’s team of

worldwide security advisors and cloud security architects

who provide strategic direction on the development of

Microsoft security products and services and deliver deep

customer and partner engagements around the globe. He

serves as a member of Microsoft’s Internal Risk Management

Committee and is a principal author of the Microsoft

Security Intelligence Report.

Jonathan joined Microsoft in 2016 as an experienced

information security executive, bringing more than 17 years

of public and private sector experience. He was Vice President and CISO with Optiv,

where he was responsible for developing and executing the company’s information

security strategy and program. Prior to his role at Optiv, he was the Chief Information

Security Officer (CISO) for Qualys where he was responsible for securing infrastructure

and products, bringing security best practices to customers, providing strategic direction

on the development of the QualysGuard Security Platform, achieving FedRAMP

certification of the Qualys cloud platform, researching real-world threats, and providing

guidance on how to address them.

Jonathan has established himself as an innovative security leader and was recently

named by the SANS Institute as one of the “People Who Made a Difference in

Cybersecurity.” He serves as an advisor to several security startups and venture capital

firms, participates in the Cloud Security Alliance Top Threats Working Group, and has

spoken at major security events such as RSA, Black Hat, Gartner, CSO50, and SANS.He is

also the principal author of the Center for Internet Security Azure Security Foundations

Benchmark and several open source security tools. He is a Certified Cloud Security

Professional (CCSP), Certified Information Systems Security Professional (CISSP),

Certified Information Systems Auditor (CISA), and an Offensive Security Certified

Professional (OSCP). He completed the Carnegie Mellon University CISO Executive

Program and earned a master’s degree from the University of North Texas and a

bachelor’s degree from Metropolitan State University of Denver.

foreword

xxi

Introduction

The idea for writing an Azure security-oriented book was on my mind for two years, but

because of other projects, traveling a lot, and continuous changes in the Azure platform,

I decided to put it on the shelf for a while. Until about a year ago, when it became clear

that Microsoft was taking cloud security seriously. Seeing how impressive services like

Azure Security Center and Azure Policy have become, it would be a shame to not expose

that enthusiasm in another book project. But where was I to find time in my already

crazy-busy business life, traveling the world, providing Azure workshops, flying on to the

next location…?

When talking about the book idea with my close friends and fellow Azure experts,

Sam and Dave, during that initial call in June, the enthusiasm was so amazing that we

decided to go for it. Honestly, if we mapped the initial outline of topics with the result

that you have here in front of you, about 70% would be changed. This includes scrapping

chapters and writing new ones.

Azure is a moving target, especially the security services and features it offers.

Every few weeks during the writing process, new updates came out, new features were

introduced, portal layouts changed, which obviously was a challenge at times. But seeing

the beauty and technical completeness of all of these tools, which really help optimize any

Azure customer’s security posture, put a big smile on our faces. And I’m pretty sure we

are only seeing the beginning of the broader potential. In the last few weeks of writing, we

were amazed by Azure Sentinel, a first attempt by Microsoft to offer a SIEM as a Service, so

we decided to dedicate a chapter to it. And while in the early preview stage for now, it looks

rather impressive. But enough of all that. Turn the pages, learn Azure, dive into the security

features, and I’m sure this book will bring the same big smile to your face as it did to ours.

In the first chapter, we introduce you to the challenges and advantages an organization

has by using public cloud services like Azure, mainly from a governance perspective.

In Chapter 2, we emphasize the importance of building out your Azure tenant and

subscription(s) in the correct way, depending on organization structure, complexity, and

technical and non-technical requirements.

In Chapter 3, we share our experiences from the field, together with best practices

and guidance from the Microsoft Azure product group, on how to name your Azure

xxii

resources. Although a resource name might look like just a name, there are certain

guidelines to follow—especially if you want to be prepared for failure.

Chapter 4 brings you to the technical details of Azure Policy, a service that allows you

to govern what can be deployed in Azure. Think of having an Azure administrative role,

where you want to lock down the Azure region resources that can be deployed or define

which Azure virtual machines sizes cannot be deployed—or pretty much anything else

in your Azure environment that you want to streamline. The most technical instrument

in Azure today allows you to define settings and validate if /how your active Azure

environment is compliant.

In Chapter 5, we guide you through the capabilities and features of Azure Security

Center, an end-to-end dashboard and reporting service, focused on all-things security in

your Azure and hybrid platform. Starting with the overall options available in the (free)

Basic tier, we also discuss the other services that you can use by switching to the (paid)

Standard tier. We highlight the importance of Azure Security Center.

Running a security team and managing security in the Azure cloud environment

would not be complete without describing the operations and monitoring aspects of the

platform, which is exactly what we cover in Chapter 6. Starting with Azure Monitor as the

new replacement for OMS, we dive into log analytics and walk you through several other

built-in Azure monitoring tools and services.

In Chapter 7, we take it one step further by describing what it takes to enable and

implement Azure security in a larger enterprise environment. Topics like automation

and self-service are obviously present, but we also provide a helicopter view on how to

manage multiple subscriptions by using management groups.

Lastly, in Chapter 8, we introduce you to the (preview) of Azure Sentinel, which is

described as a SIEM as a Service. Relying on machine learning, taking information from

your Azure subscription, and mixing with input from Microsoft Security Graph, it allows

organizations to manage security incidents with a more proactive approach than the

typical reactive one.

We hope that you enjoy reading this book and that it helps you learn and understand

Azure security by going through the step-by-step instructions that we provide as a

walkthrough in each chapter. And finally, we hope that the book helps you optimize

your Azure security overall. Do not hesitate to reach out to us when you have questions,

doubts, find any mistakes that we made, or if you want to share your enthusiasm.

Happy Azure-ing,

Peter, Dave, and Sam

InTroduCTIon

剩余331页未读，继续阅读

weixin_38290023

粉丝: 4
资源: 224

Azure云平台安全与治理指南：Policy、Blueprints、Security Center 和 Sentinel

Microsoft.Azure.Security.Infrastructure

Microsoft Azure Security Center

Azure purview

AWS Lambda、Google Cloud Functions、Microsoft Azure Functions

如何布置Azure AVD

azure blob和file

微软azure本地使用

Azure devops 面试题

azure kinect dk windows

azure认证中文考试

azure自动化测试

azure column怎么使用

适用于Azure扩展

externally-managed-environment

azure ai-900

SQL Azure怎样支持大数据

github学生包azure

python azure

Azure Functions哪里可以下

最新资源