Yuri Diogenes - Microsoft Azure Security Center

Yuri Diogenes
Dr. Thomas W. Shinder

Microsoft Azure Security Center

Published with the authorization of Microsoft Corporation by: Pearson Education, Inc.

Copyright 2018 by Pearson Education, Inc.

All rights reserved. This publication is protected by copyright, and permission must be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any means, electronic, mechanical, photocopying, recording, or likewise. For information regarding permissions, request forms, and the appropriate contacts within the Pearson Education Global Rights & Permissions Department, please visit www.pearsoned.com/permissions/. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions. Nor is any liability assumed for damages resulting from the use of the information contained herein.

ISBN-13: 978-1-5093-0703-6

ISBN-10: 1-5093-0703-6

Library of Congress Control Number: 2018938489

1 18

TRADEMARKS

Microsoft and the trademarks listed at http://www.microsoft.com on the Trademarks webpage are trademarks of the Microsoft group of companies. All other marks are property of their respective owners.

WARNING AND DISCLAIMER

Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information provided is on an as is basis. The authors, the publisher, and Microsoft Corporation shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the CD or programs accompanying it.

SPECIAL SALES

For information about buying this title in bulk quantities, or for special sales opportunities (which may include electronic versions; custom cover designs; and content particular to your business, training goals, marketing focus, or branding interests), please contact our corporate sales department at or (800) 382-3419.

For government sales inquiries, please contact .

For questions about sales outside the U.S., please contact .

CREDITS

EDITOR-IN-CHIEF
Greg Wiegand

EXECUTIVE EDITOR
Laura Norman

DEVELOPMENT EDITOR
Kate Shoup/Polymath Publishing

MANAGING EDITOR
Sandra Schroder

SENIOR PROJECT EDITOR
Tracey Croom

COPY EDITOR
Scout Festa

INDEXER
Valerie Perry

PROOFREADER
Elizabeth Welch

TECHNICAL EDITOR
Mike Martin

EDITORIAL ASSISTANT
Cindy J. Teeters

COVER DESIGNER
Twist Creative, Seattle

COMPOSITOR
Jeff Lytle, Happenstance Type-O-Rama

GRAPHICS
Vived Graphics

The authors would like to thank Laura Norman and the entire Microsoft Press team for their support in this project, Hayden Hainsworth for writing the foreword of this book, and also other Microsoft colleagues that contributed by writing a sidebar for this book: Laura Hunter, Nicholas DiCola, Koby Koren, Sarah Fender, Tomer Teller, Miri Landau, Ben Kliger, Ajeet Prakash, and John Kemnetz. We would also like to thank Mike Martin (Microsoft MVP) for reviewing this book.

Yuri would also like to thank: my wife and daughters for their endless support and understanding; my great God for giving me strength and guiding my path on each step of the way; my great friend and co-author Tom Shinder for another awesome partnership; and Adwait Joshi (AJ) and the entire Azure Security Center Team, especially all the Security Center PMs at Microsoft Israel for their ongoing collaboration and contribution. Thanks to my manager, Nicholas DiCola, and my coworkers Laura Hunter, Ty Balascio, Andrew Harris, Marie Groove, Gershon Levitz, and Yoann Mallet for inspiring me to do more. Last but not least, thanks to my parents for working hard to give me an education, which is the foundation I use every day to keep moving forward in my career.

Tom would also like to thank: so many people that its very difficult to name them all in the space allocated. Probably most important is Yuri Diogenes, who motivated me to partner up on another book with him. I dont know why he asks me, because I know I drive him crazy each time we write a book together. Nevertheless, Yuri is a blessing to me and all those around him, and he keeps me from resting on my prodigious laurels. I want to thank David Cross, who brought me into Azure Security Engineering and all the fascinating opportunities its offered; while David is now with Google, hes still an inspiration. I also want to give major props to Avi Ben-Menahem and Ramesh Chinta, both of whom have always been supportive of my efforts, and who are models of the best that Microsoft has to offer. And of course, the entire Azure Security Engineering PM teamthe dedication, diligence, intelligence, and number of hours worked per week by this team is unmatched, and the results of these attributes show in the fact that Azure is the most secure public cloud service platform in the industry. Finally, eternal thanks to my wifemy lifetime love, partner, and confidantand to God, who has given me much more in life than I deserve.

Yuri Diogenes, MsC

With a master of science in cybersecurity intelligence and forensics investigation (UTICA College), Yuri is senior program manager in Microsoft CxP Security Team, where he primarily helps customers onboard and incorporate Azure Security Center as part of their security operations/incident response. Yuri has been working for Microsoft since 2006 in different positions, including five years as senior support escalation engineer in CSS Forefront Edge Team, and from 2011 to 2017 in the content development team, where he also helped create the Azure Security Center content experience since its launch in 2016. Yuri has published a total of 20 books, mostly around information security and Microsoft technologies. Yuri also holds an MBA and many IT/Security industry certifications, such as CISSP, E|CND, E|CEH, E|CSA, E|CHFI, CompTIA Security+, CySA+, Cloud Essentials Certified, Mobility+, Network+, CASP, CyberSec First Responder, MCSE, and MCTS. You can follow Yuri on Twitter at @yuridiogenes or read his articles at his personal blog: http://aka.ms/yuridio.

Tom Shinder

Tom Shinder is a cloud security program manager in Azure Security Engineering. He is responsible for security technical content and education, customer engagements, and competitive analysis. He has presented at many of the largest security industry conferences on topics related to both on-premises and public cloud security and architecture. Tom earned a bachelors degree in neuropsychobiology from the University of California, Berkeley, and an MD from the University of Illinois, Chicago. He was a practicing neurologist prior to changing careers in the 1990s. He has written over 30 books on OS, network, and cloud security, including Microsoft Azure Security Infrastructure and Microsoft Azure Security Center (IT Best Practices series, Microsoft Press). Tom can be found hugging his Azure console when hes not busy hiding his keys and secrets in Azure Key Vault.

I was so pleased to hear that Yuri and Tom were teaming up to write another book on security. I found their first book about Azure core security,