Learn Azure Sentinel: Integrate Azure security with artificial intelligence to build secure cloud systems

by Richard Diver, Gary Bushey, Jason S. Rader (Foreword)

Understand how to set up, configure, and use Azure Sentinel to provide security incident and event management services for your environment Azure Sentinel is a Security Information and Event Management (SIEM) tool developed by Microsoft to integrate cloud security and artificial intelligence (AI). Azure Sentinel not only helps clients identify security issues in their environment, but also uses automation to help resolve these issues. With this book, you'll implement Azure Sentinel and understand how it can help find security incidents in your environment with integrated artificial intelligence, threat analysis, and built-in and community-driven logic. This book starts with an introduction to Azure Sentinel and Log Analytics. You'll get to grips with data collection and management, before learning how to create effective Azure Sentinel queries to detect anomalous behaviors and patterns of activity. As you make progress, you'll understand how to develop solutions that automate the responses required to handle security incidents. Finally, you'll grasp the latest developments in security, discover techniques to enhance your cloud security architecture, and explore how you can contribute to the security community. By the end of this book, you'll have learned how to implement Azure Sentinel to fit your needs and be able to protect your environment from cyber threats and other security issues. This book is for solution architects and system administrators who are responsible for implementing new solutions in their infrastructure. Security analysts who need to monitor and provide immediate security solutions or threat hunters looking to learn how to use Azure Sentinel to investigate possible security breaches and gather forensic evidence will also benefit from this book. Prior experience with cloud security, particularly Azure, is necessary.

ebook

Published April 7, 2020

Reviews

[Adrien · Rating 4 out of 5]

Excellent introduction to Sentinel and its many features, although the book could delve more into specifics and practical use cases outside of MS documentation.
The style is comprehensive and the precision on pictures and illustrations help complementing the content.
In short, it's a great read if you are about to start with Sentinel, but the added value is limited decreases if you are already using.

[Wayne · Rating 5 out of 5]

I read another book on Azure Sentinel before this and it was terrible. So when I say this book is 5 stars, it covers exactly what you need it to if you're learning Azure Sentinel. It's very straight forward, gives useful examples, and covers the product well. If another edition comes out, I'd like it to go into more specific use cases that are common in SOCs. But the webpages referenced at the end of every chapter help fill that gap.

If you're looking for a book on the topic, this is the best one I've found by far.

[Ahmed Taha · Rating 5 out of 5]

Excellent Book with comprehensive scope of Azure Sentinel fundamentals, it will provide you with a great start.