Foreword

Security is—at its’ core—a big data problem. Businesses and government entities are producing terabytes of security relevant log data every day and the volumes continue to increase. This data growth is driven by the digitization of business processes and an explosion in the number of intelligent devices being used to power our physical world. Security teams are charged with making sense of this data and spotting the signs of an active attack so that they can respond appropriately.

Azure Sentinel was purpose-built to help address the challenges faced by our customer’s security operations teams. It was engineered as a cloud service to automatically scale to the data volumes thrown at it. This allows security teams to focus their time on identifying threats as opposed to administering infrastructure. Azure Sentinel also includes capabilities to automate responses to alerts by triggering playbooks. Playbooks can also collect and add context to existing alerts to speed decision making by SOC analysts.

Yuri, Nicholas, and Jonathan have been working with Azure Sentinel from the beginning of the design and engineering process and have successfully deployed Azure Sentinel for customers large and small. They lay out the foundational aspects of architecting and implementing Azure Sentinel, including connecting data sources; writing custom alerts, workbooks, and playbooks; and using the product to proactively hunt for threats. The authors not only cover the full breadth of product capabilities in the book, but they also offer their practical advice to ensure successful deployment.

Microsoft is fulfilling a mission to develop a robust portfolio of security, compliance, and identity products to meet the needs of our enterprise customers. The security, compliance, and identity solutions are fully integrated and leverage Microsoft’s vast threat-intelligence sources to maximize their effectiveness. Azure Sentinel will be a cornerstone of the Microsoft portfolio for years to come and has already been quickly adopted across the globe by customers of all sizes.

Microsoft Azure Sentinel is the authoritative source for implementing Microsoft’s hottest new security solution. It was a pleasure to review for Yuri, Nicholas, and Jonathan. Pick up your copy today!

Ann Johnson
Corporate Vice President
Cybersecurity Solutions Group

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.145.16.23