Richard Diver - Learn Azure Sentinel: Integrate Azure security with artificial intelligence to build secure cloud systems

Integrate Azure security with artificial intelligence to build secure cloud systems

Richard Diver

Gary Bushey

BIRMINGHAMMUMBAI

Copyright 2020 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Vijin Boricha

Acquisition Editor: Meeta Rajani

Senior Editor: Arun Nadar

Content Development Editor: Romy Dias

Technical Editor: Mohd Riyan Khan

Copy Editor: Safis Editing

Project Coordinator: Neil Dmello

Proofreader: Safis Editing

Indexer: Rekha Nair

Production Designer: Alishon Mendonca

First published: March 2020

Production reference: 1030420

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham

B3 2PB, UK.

ISBN 978-1-83898-092-4

www.packt.com

Packt.com

Subscribe to our online digital library for full access to over 7,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

• Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals
• Improve your learning with Skill Plans built especially for you
• Get a free eBook or video every month
• Fully searchable for easy access to vital information
• Copy and paste, print, and bookmark content

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at packt.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at customercare@packtpub.com for more details.

At www.packt.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

It is my great pleasure to contribute the foreword to this piece of work by Gary and Richard. We are in exciting times! Not only is the technology of Azure Sentinel exciting, the opportunity that it presents is exciting as well.

Having been in the technology and security consulting business for around 25 years, Ive seen many things that have been called Next Generation and Game Changing before. But I will say that what is happening right now only happens once in a career. Some would say a statement like this is hyperbole but hear me out. I doubt that well have another opportunity in our careers to witness the coming of age of the public cloud, the coming of age of Microsofts security reference architecture, and the coming of age of cyber security in general...all converging at the same time. What I mean by this convergence is that these things have all hit critical mass in a way that each enables the other, so much so that it will be difficult to tell them apart in a few years.

With this convergence will come change, and disruption as well, which can create a certain amount of chaos and uncertainty. Should we be doing so many things so differently than we have been? Can this newly created technology really be as stable and capable as where we came from? Will we even be able to do things in the same way, and if we cant, who will lead us out of the darkness? To be plain, Microsoft has made the right investments in security. They eat their own dog food in that everything they release is vetted on their own global network. Theyve quit developing security products as separate components and now focus on the full platform. They recognize that a multi-platform, hybrid infrastructure exists in most environments and theyve attacked those problems head on.

Azure Sentinel is capable of bringing Microsofts own products together, but it additionally brings the capability of being a central component of an organizations security operations center and that is a game changer.

Gary and Richard have embraced the latest tech from Microsofts security platform and worked with forward-looking clients that have the same vision to assess, architect, and implement this tech even with the (almost weekly) changing capabilities and consoles as Microsoft aggressively integrates and enhances their platform. Whenever there is something new, it takes some brave hearts to invest the time and effort to explore the landscape, make some assumptions, and make it work...and Ive watched these guys do just that.

There is a reward for them and for the consumers of this material. For them, they can plant the flag on this hill, congratulate themselves for the discovery thus far, and make preparations for the next leg of the journey. For you, there is a wealth of knowledge compiled here by folks that earned it the old-fashioned way. And knowing what I do about these guys, they are happy to be the Sherpas for you on your Sentinel journey. Enjoy!

Jason S. Rader,

Director of Network and Cloud Security at Insight

Richard Diver has over 25 years international experience in technology with a deep technical background in cloud security, identity management, and information security. He works at Insight as the lead for Cloud Security Architecture, working with top partners across the industry to deliver comprehensive cloud security solutions. Any spare time he gets is usually spent with his family.

I would like to thank my loving family for allowing me to take time out to write this book, especially encouraging me during those times of procrastination!

Thank you to Gary for taking on this challenge with enthusiasm and passion, I could not have done this without your expertise. Also, to the experts that have helped to improve this book, including Ashwin Patil, Rod Trent, Dean Gross, Casey Tuohey, and Brandon Huckeba.

Gary Bushey is an Azure security expert with over 25 years of IT experience. He got his start early on when he helped his fifth-grade math teacher with their programming homework and worked all one summer to be able to afford his first computer, a Commodore 64. When he sold his first program, an apartment management system, at 14 he was hooked. During his career, he has worked as a developer, consultant, trainer, and architect. When not spending time in front of a computer, you can find him hiking in the woods, taking pictures, or just picking a direction and finding out what is around the next corner.