Splunk Primer and the Search Processing Language
Author: David Carasso
Publisher: Cito Research
Big data has incredible business value, and Splunk is the best tool for unlocking that value. Exploring Splunk shows you how to pinpoint answers and find patterns obscured by the flood of machinegenerated data. This book uses an engaging, visual presentation style that quickly familiarizes you with how to use Splunk. You'll move from mastering Splunk basics to creatively solving real-world problems, finding the gems hidden in big data.
Author: Vincent Bumgarner
Publisher: Packt Publishing Ltd
Learn to effectively use, configure, deploy and extend Splunk and implement its powerful capabilities.
Deriving Operational Intelligence from Social Media, Machine Data, Existing Data Warehouses, and Other Real-Time Streaming Sources
Author: Peter Zadrozny,Raghu Kodali
A hands-on book showing how to process and derive business value from big data in real time. Examples in the book draw from social media sources such as Twitter (tweets) and Foursquare (check-ins). You also learn to draw from machine data, enabling you to analyze web server log files and patterns of user access in real time, as the access is occurring.
Author: Somesh Soni
Start enjoying complex deployment and administration of Splunk for larger deployments by reading this practical guideAbout This Book* Get this detailed, highly practical guide to help you perform efficient administration with Splunk* This use case rich guide connects your complex administration needs with the best possible solution* Using hands-on examples, you'll get prepared for the Splunk administration examWho This Book Is ForThis book is for Splunk administrators, architects, and support engineers who perform administration in Splunk on day-to-day basis and now want to develop a better understanding of Splunk's administration options for medium to large deployments. This book assumes that you know what Splunk is, have basic knowledge about various Splunk components and capabilities, and have administrator rights for the Splunk Infrastructure.What you will learn* From installation to monitoring, best practices, and configuration details, get to know everything you need to know to become Splunk admin certified* Design an environment to work in and analyze machine generated data with the Splunk base and apps* Evaluate when to cluster a Splunk indexer* Set up and utilize forwarders to retrieve data from your system* Use the Splunk deployment server to host and deploy apps to various components within the infrastructure* Improve your Splunk environment's security by seeing how to limit access and configure various areas of your Splunk infrastructure* Improve your knowledge of search performance methodologyIn DetailWith the increasing focus on machine data, otherwise referred to as big data, Splunk software offers a vast, investigative platform that allows you to get broad business insights and real-time security intelligence. Acquiring and mastering best administration practices from the beginning of your installation and onward will not only empower you by increasing your knowledge, but will also help ensure the time you dedicate to this advantageous software is worthwhile.This book aims to take your limited knowledge of Splunk administration to the next level by teaching you how to fully utilize the power of various components, troubleshoot complex configuration, and manage the overall Splunk environment efficiently. This step-by-step guide will take you through the basics of Splunk administration and beyond into other crucial areas, such as monitoring and securing your Splunk installation.With this book, you will learn how to create, deploy, and manage multisite clusters for high availability. Moreover, you'll delve into the intermediate and advanced functionality of forwarder management, application deployment best practices, and optimizing search options. The combination of instructions and real-world examples throughout this book will ensure your Splunk administration success.
Author: Dmitry Anoshin,Sergey Sheypak
Publisher: Packt Publishing Ltd
Visualize and analyze your Hadoop data using Hunk About This Book Explore your data in Hadoop and NoSQL data stores Create and optimize your reporting experience with advanced data visualizations and data analytics A comprehensive developer's guide that helps you create outstanding analytical solutions efficiently Who This Book Is For If you are Hadoop developers who want to build efficient real-time Operation Intelligence Solutions based on Hadoop deployments or various NoSQL data stores using Hunk, this book is for you. Some familiarity with Splunk is assumed. What You Will Learn Deploy and configure Hunk on top of Cloudera Hadoop Create and configure Virtual Indexes for datasets Make your data presentable using the wide variety of data visualization components and knowledge objects Design a data model using Hunk best practices Add more flexibility to your analytics solution via extended SDK and custom visualizations Discover data using MongoDB as a data source Integrate Hunk with AWS Elastic MapReduce to improve scalability In Detail Hunk is the big data analytics platform that lets you rapidly explore, analyse, and visualize data in Hadoop and NoSQL data stores. It provides a single, fluid user experience, designed to show you insights from your big data without the need for specialized skills, fixed schemas, or months of development. Hunk goes beyond typical data analysis methods and gives you the power to rapidly detect patterns and find anomalies across petabytes of raw data. This book focuses on exploring, analysing, and visualizing big data in Hadoop and NoSQL data stores with this powerful full-featured big data analytics platform. You will begin by learning the Hunk architecture and Hunk Virtual Index before moving on to how to easily analyze and visualize data using Splunk Search Language (SPL). Next you will meet Hunk Apps which can easy integrate with NoSQL data stores such as MongoDB or Sqqrl. You will also discover Hunk knowledge objects, build a semantic layer on top of Hadoop, and explore data using the friendly user-interface of Hunk Pivot. You will connect MongoDB and explore data in the data store. Finally, you will go through report acceleration techniques and analyze data in the AWS Cloud. Style and approach A step-by-step guide starting right from the basics and deep diving into the more advanced and technical aspects of Hunk.
Author: Betsy Page Sigman,Erickson Delgado,Josh Diakun,Paul R Johnson,Derek Mock,Ashish Kumar Tulsiram Yadav
Publisher: Packt Publishing Ltd
Author: Travis Marlette
Publisher: Packt Publishing Ltd
Design, implement, and publish custom Splunk applications by following best practices About This Book This is the most up-to-date guide on the market and will help you finish your tasks faster, easier, and more efficiently. Highly practical guide that addresses common and not-so-common pain points in Splunk. Want to explore shortcuts to perform tasks more efficiently with Splunk? This is the book for you! Who This Book Is For This book is for administrators, developers, and search ninjas who have been using Splunk for some time. A comprehensive coverage makes this book great for Splunk veterans and newbies alike. What You Will Learn Use Splunk effectively to gather, analyze, and report on operational data throughout your environment Expedite your reporting, and be empowered to present data in a meaningful way Create robust searches, reports, and charts using Splunk Modularize your programs for better reusability. Build your own Splunk apps and learn why they are important Learn how to integrate with enterprise systems Summarize data for longer term trending, reporting, and analysis In Detail This book will give you an edge over others through insights that will help you in day-to-day instances. When you're working with data from various sources in Splunk and performing analysis on this data, it can be a bit tricky. With this book, you will learn the best practices of working with Splunk. You'll learn about tools and techniques that will ease your life with Splunk, and will ultimately save you time. In some cases, it will adjust your thinking of what Splunk is, and what it can and cannot do. To start with, you'll get to know the best practices to get data into Splunk, analyze data, and package apps for distribution. Next, you'll discover the best practices in logging, operations, knowledge management, searching, and reporting. To finish off, we will teach you how to troubleshoot Splunk searches, as well as deployment, testing, and development with Splunk. Style and approach If you're stuck or want to find a better way to work with Splunk environment, this book will come handy. This easy-to-follow, insightful book contains step-by-step instructions and examples and scenarios that you will connect to.
Author: Ashish Kumar Tulsiram Yadav
Publisher: Packt Publishing Ltd
Master the art of getting the maximum out of your machine data using Splunk About This Book A practical and comprehensive guide to the advanced functions of Splunk,, including the new features of Splunk 6.3 Develop and manage your own Splunk apps for greater insight from your machine data Full coverage of high-level Splunk techniques including advanced searches, manipulations, and visualization Who This Book Is For This book is for Splunk developers looking to learn advanced strategies to deal with big data from an enterprise architectural perspective. It is expected that readers have a basic understanding and knowledge of using Splunk Enterprise. What You Will Learn Find out how to develop and manage apps in Splunk Work with important search commands to perform data analytics on uploaded data Create visualizations in Splunk Explore tweaking Splunk Integrate Splunk with any pre-existing application to perform data crunching efficiently and in real time Make your big data speak with analytics and visualizations using Splunk Use SDK and Enterprise integration with tools such as R and Tableau In Detail Master the power of Splunk and learn the advanced strategies to get the most out of your machine data with this practical advanced guide. Make sense of the hidden data of your organization – the insight of your servers, devices, logs, traffic and clouds. Advanced Splunk shows you how. Dive deep into Splunk to find the most efficient solution to your data problems. Create the robust Splunk solutions you need to make informed decisions in big data machine analytics. From visualizations to enterprise integration, this well-organized high level guide has everything you need for Splunk mastery. Start with a complete overview of all the new features and advantages of the latest version of Splunk and the Splunk Environment. Go hands on with uploading data, search commands for basic and advanced analytics, advanced visualization techniques, and dashboard customizing. Discover how to tweak Splunk to your needs, and get a complete on Enterprise Integration of Splunk with various analytics and visualization tools. Finally, discover how to set up and use all the new features of the latest version of Splunk. Style and approach This book follows a step by step approach. Every new concept is built on top of its previous chapter, and it is full of examples and practical scenarios to help the reader experiment as they read.
Author: Betsy Page Sigman,Erickson Delgado
Publisher: Packt Publishing Ltd
A fast-paced and practical guide to demystifying big data and transforming it into operational intelligence About This Book Want to get started with Splunk to analyze and visualize machine data? Open this book and step into the world of Splunk. Leverage the exceptional analysis and visualization capabilities to make informed decisions for your business This easy-to-follow, practical book can be used by anyone, even if you have never managed any data before Who This Book Is For This book will be perfect for you if you are a Software engineer or developer or System administrators or Business analyst who seek to correlate machine data with business metrics and provide intuitive real-time and statistical visualizations. Some knowledge or experience of previous versions of Splunk will be helpful but not essential. What You Will Learn Install and configure Splunk Gather data from different sources, isolate them by indexes, classify them into source types, and tag them with the essential fields Be comfortable with the Search Processing Language and get to know the best practices in writing search queries Create stunning and powerful dashboards Be proactive by implementing alerts and scheduled reports Use the Splunk SDK and integrate Splunk data into other applications Implement the best practices in using Splunk. In Detail Splunk is a search, analysis, and reporting platform for machine data, which has a high adoption on the market. More and more organizations want to adopt Splunk to use their data to make informed decisions. This book is for anyone who wants to manage data with Splunk. You'll start with very basics of Splunk— installing Splunk—and then move on to searching machine data with Splunk. You will gather data from different sources, isolate them by indexes, classify them into source types, and tag them with the essential fields. After this, you will learn to create various reports, XML forms, and alerts. You will then continue using the Pivot Model to transform the data models into visualization. You will also explore visualization with D3 in Splunk. Finally you'll be provided with some real-world best practices in using Splunk. Style and approach This fast-paced, example-rich guide will help you analyze and visualize machine data with Splunk through simple, practical instructions.
Author: Jason Goodwin
Publisher: Packt Publishing Ltd
Build fault tolerant concurrent and distributed applications with Akka About This Book Build networked applications that self-heal Scale out your applications to handle more traffic faster An easy-to-follow guide with a number of examples to ensure you get the best start with Akka Who This Book Is For This book is intended for beginner to intermediate Java or Scala developers who want to build applications to serve the high-scale user demands in computing today. If you need your applications to handle the ever-growing user bases and datasets with high performance demands, then this book is for you. Learning Akka will let you do more for your users with less code and less complexity, by building and scaling your networked applications with ease. What You Will Learn Use Akka to overcome the challenges of concurrent programming Resolve the issues faced in distributed computing with the help of Akka Scale applications to serve a high number of concurrent users Make your system fault-tolerant with self-healing applications Provide a timely response to users with easy concurrency Reduce hardware costs by building more efficient multi-user applications Maximise network efficiency by scaling it In Detail Software today has to work with more data, more users, more cores, and more servers than ever. Akka is a distributed computing toolkit that enables developers to build correct concurrent and distributed applications using Java and Scala with ease, applications that scale across servers and respond to failure by self-healing. As well as simplifying development, Akka enables multiple concurrency development patterns with particular support and architecture derived from Erlang's concept of actors (lightweight concurrent entities). Akka is written in Scala, which has become the programming language of choice for development on the Akka platform. Learning Akka aims to be a comprehensive walkthrough of Akka. This book will take you on a journey through all the concepts of Akka that you need in order to get started with concurrent and distributed applications and even build your own. Beginning with the concept of Actors, the book will take you through concurrency in Akka. Moving on to networked applications, this book will explain the common pitfalls in these difficult problem areas while teaching you how to use Akka to overcome these problems with ease. The book is an easy to follow example-based guide that will strengthen your basic knowledge of Akka and aid you in applying the same to real-world scenarios. Style and approach An easy-to-follow, example-based guide that will take you through building several networked-applications that work together while you are learning concurrent and distributed computing concepts. Each topic is explained while showing you how to design with Akka and how it is used to overcome common problems in applications. By showing Akka in context to the problems, it will help you understand what the common problems are in distributed applications and how to overcome them.
Author: Josh Diakun,Paul R Johnson,Derek Mock
Publisher: Packt Publishing Ltd
Author: Rory Bray,Daniel Cid,Andrew Hay
This book is the definitive guide on the OSSEC Host-based Intrusion Detection system and frankly, to really use OSSEC you are going to need a definitive guide. Documentation has been available since the start of the OSSEC project but, due to time constraints, no formal book has been created to outline the various features and functions of the OSSEC product. This has left very important and powerful features of the product undocumented...until now! The book you are holding will show you how to install and configure OSSEC on the operating system of your choice and provide detailed examples to help prevent and mitigate attacks on your systems. -- Stephen Northcutt OSSEC determines if a host has been compromised in this manner by taking the equivalent of a picture of the host machine in its original, unaltered state. This "picture" captures the most relevant information about that machine's configuration. OSSEC saves this "picture" and then constantly compares it to the current state of that machine to identify anything that may have changed from the original configuration. Now, many of these changes are necessary, harmless, and authorized, such as a system administrator installing a new software upgrade, patch, or application. But, then there are the not-so-harmless changes, like the installation of a rootkit, trojan horse, or virus. Differentiating between the harmless and the not-so-harmless changes determines whether the system administrator or security professional is managing a secure, efficient network or a compromised network which might be funneling credit card numbers out to phishing gangs or storing massive amounts of pornography creating significant liability for that organization. Separating the wheat from the chaff is by no means an easy task. Hence the need for this book. The book is co-authored by Daniel Cid, who is the founder and lead developer of the freely available OSSEC host-based IDS. As such, readers can be certain they are reading the most accurate, timely, and insightful information on OSSEC. * Nominee for Best Book Bejtlich read in 2008! * http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html • Get Started with OSSEC Get an overview of the features of OSSEC including commonly used terminology, pre-install preparation, and deployment considerations. • Follow Steb-by-Step Installation Instructions Walk through the installation process for the "local , “agent , and "server" install types on some of the most popular operating systems available. • Master Configuration Learn the basic configuration options for your install type and learn how to monitor log files, receive remote messages, configure email notification, and configure alert levels. • Work With Rules Extract key information from logs using decoders and how you can leverage rules to alert you of strange occurrences on your network. • Understand System Integrity Check and Rootkit Detection Monitor binary executable files, system configuration files, and the Microsoft Windows registry. • Configure Active Response Configure the active response actions you want and bind the actions to specific rules and sequence of events. • Use the OSSEC Web User Interface Install, configure, and use the community-developed, open source web interface available for OSSEC. • Play in the OSSEC VMware Environment Sandbox • Dig Deep into Data Log Mining Take the “high art of log analysis to the next level by breaking the dependence on the lists of strings or patterns to look for in the logs.
Harnessing the Power of the Web
Author: Glenn Block,Pablo Cibraro,Pedro Felix,Howard Dierking,Darrel Miller
Publisher: "O'Reilly Media, Inc."
Design and build Web APIs for a broad range of clients—including browsers and mobile devices—that can adapt to change over time. This practical, hands-on guide takes you through the theory and tools you need to build evolvable HTTP services with Microsoft’s ASP.NET Web API framework. In the process, you’ll learn how design and implement a real-world Web API. Ideal for experienced .NET developers, this book’s sections on basic Web API theory and design also apply to developers who work with other development stacks such as Java, Ruby, PHP, and Node. Dig into HTTP essentials, as well as API development concepts and styles Learn ASP.NET Web API fundamentals, including the lifecycle of a request as it travels through the framework Design the Issue Tracker API example, exploring topics such as hypermedia support with collection+json Use behavioral-driven development with ASP.NET Web API to implement and enhance the application Explore techniques for building clients that are resilient to change, and make it easy to consume hypermedia APIs Get a comprehensive reference on how ASP.NET Web API works under the hood, including security and testability
Effective operational intelligence to transform machine-generated data into valuable business insight, 3rd Edition
Author: James D. Miller
Publisher: Packt Publishing Ltd
A comprehensive guide to making machine data accessible across the organization using advanced dashboards Key Features Enrich machine-generated data and transform it into useful, meaningful insights Perform search operations and configurations, build dashboards, and manage logs Extend Splunk services with scripts and advanced configurations to process optimal results Book Description Splunk is the leading platform that fosters an efficient methodology and delivers ways to search, monitor, and analyze growing amounts of big data. This book will allow you to implement new services and utilize them to quickly and efficiently process machine-generated big data. We introduce you to all the new features, improvements, and offerings of Splunk 7. We cover the new modules of Splunk: Splunk Cloud and the Machine Learning Toolkit to ease data usage. Furthermore, you will learn to use search terms effectively with Boolean and grouping operators. You will learn not only how to modify your search to make your searches fast but also how to use wildcards efficiently. Later you will learn how to use stats to aggregate values, a chart to turn data, and a time chart to show values over time; you'll also work with fields and chart enhancements and learn how to create a data model with faster data model acceleration. Once this is done, you will learn about XML Dashboards, working with apps, building advanced dashboards, configuring and extending Splunk, advanced deployments, and more. Finally, we teach you how to use the Machine Learning Toolkit and best practices and tips to help you implement Splunk services effectively and efficiently. By the end of this book, you will have learned about the Splunk software as a whole and implemented Splunk services in your tasks at projects What you will learn Focus on the new features of the latest version of Splunk Enterprise 7 Master the new offerings in Splunk: Splunk Cloud and the Machine Learning Toolkit Create efficient and effective searches within the organization Master the use of Splunk tables, charts, and graph enhancements Use Splunk data models and pivots with faster data model acceleration Master all aspects of Splunk XML dashboards with hands-on applications Create and deploy advanced Splunk dashboards to share valuable business insights with peers Who this book is for This book is intended for data analysts, business analysts, and IT administrators who want to make the best use of big data, operational intelligence, log management, and monitoring within their organization. Some knowledge of Splunk services will help you get the most out of the book
Security Monitoring and Incident Response Master Plan
Author: Jeff Bollinger,Brandon Enright,Matthew Valites
Publisher: "O'Reilly Media, Inc."
Any good attacker will tell you that expensive security monitoring and prevention tools aren’t enough to keep you secure. This practical book demonstrates a data-centric approach to distilling complex security monitoring, incident response, and threat analysis ideas into their most basic elements. You’ll learn how to develop your own threat intelligence and incident detection strategy, rather than depend on security tools alone. Written by members of Cisco’s Computer Security Incident Response Team, this book shows IT and information security professionals how to create an InfoSec playbook by developing strategy, technique, and architecture. Learn incident response fundamentals—and the importance of getting back to basics Understand threats you face and what you should be protecting Collect, mine, organize, and analyze as many relevant data sources as possible Build your own playbook of repeatable methods for security monitoring and response Learn how to put your plan into action and keep it running smoothly Select the right monitoring and detection tools for your environment Develop queries to help you sort through data and create valuable reports Know what actions to take during the incident response phase
Author: Judith Hurwitz,Alan Nugent,Fern Halper,Marcia Kaufman
Publisher: John Wiley & Sons
Find the right big data solution for your business or organization Big data management is one of the major challenges facing business, industry, and not-for-profit organizations. Data sets such as customer transactions for a mega-retailer, weather patterns monitored by meteorologists, or social network activity can quickly outpace the capacity of traditional data management tools. If you need to develop or manage big data solutions, you'll appreciate how these four experts define, explain, and guide you through this new and often confusing concept. You'll learn what it is, why it matters, and how to choose and implement solutions that work. Effectively managing big data is an issue of growing importance to businesses, not-for-profit organizations, government, and IT professionals Authors are experts in information management, big data, and a variety of solutions Explains big data in detail and discusses how to select and implement a solution, security concerns to consider, data storage and presentation issues, analytics, and much more Provides essential information in a no-nonsense, easy-to-understand style that is empowering Big Data For Dummies cuts through the confusion and helps you take charge of big data solutions for your organization.
Author: Steven Anson,Steve Bunting,Ryan Johnson,Scott Pearson
Publisher: John Wiley & Sons
An authoritative guide to investigating high-technology crimes Internet crime is seemingly ever on the rise, making the need for a comprehensive resource on how to investigate these crimes even more dire. This professional-level book--aimed at law enforcement personnel, prosecutors, and corporate investigators--provides you with the training you need in order to acquire the sophisticated skills and software solutions to stay one step ahead of computer criminals. Specifies the techniques needed to investigate, analyze, and document a criminal act on a Windows computer or network Places a special emphasis on how to thoroughly investigate criminal activity and now just perform the initial response Walks you through ways to present technically complicated material in simple terms that will hold up in court Features content fully updated for Windows Server 2008 R2 and Windows 7 Covers the emerging field of Windows Mobile forensics Also included is a classroom support package to ensure academic adoption, Mastering Windows Network Forensics and Investigation, 2nd Edition offers help for investigating high-technology crimes.
Author: Antun Peicevic
Publisher: Createspace Independent Publishing Platform
This book teaches you how to work with Splunk, a popular application for searching, monitoring, and analyzing machine-generated data. This product can index structured or unstructured textual machine-generated data and enables you to perform real-time and historical search, as well as reports and statistical analysis.You will learn how to download and install Splunk on your Windows or Linux system. You will learn how to collect logs from a local or remote computers, and how to search them using a web-based interface. You will also find out how to create alerts and reports based on the Splunk searches. Here is a list of topics covered in this book: Chapter 1 - Introduction - we will describe what Splunk is and what are some of its common features. We will describe how you can install Splunk on Windows and Linux. Chapter 2 - First steps - we will show you how you can acccess Splunk Web using your web browser. We will describe some common Splunk's data sources, what an index in Splunk is, and how to add data to Splunk. Chapter 3 - Searching overview - we will describe how you can search the data Splunk indexed. We will explain the basic search rules and how to work with Splunk search commands. Chapter 4 - Windows logs - we will explain how you can add Windows logs to Splunk from a local machine. We will describe how you can collect host information, such as CPU and memory usage. Chapter 5 - Universal forwarders - we will describe universal forwarders, which are dedicated, lightweight version of Splunk that contain only the essential components needed to send data. We will describe how to install and set up forwarders on remote Linux and Windows hosts and send data to Splunk. Chapter 6 - Alerting and reporting - we will describe how you can create Splunk alerts. We will also describe how to create and share Splunk reports.
Author: Ranjit Singh Thakurratan
Publisher: Packt Publishing Ltd
Virtualize your network with this step-by-step configuration guide to installing, configuring, and managing VMware NSX About This Book Understand VMware NSX's foundational components and architecture and discover best practices to help you manage VMware NSX Learn about the important aspects of VMware NSX 6.2 including installation, managing, monitoring, and configuring Learn to manage VMware NSX using best practices to elevate your skills in deploying VMware NSX in your environment Who This Book Is For This book is for those who want to learn to install, manage, and configure the VMware NSX Network Virtualization platform. If you want to explore, understand, or deploy VMware NSX in your environment, this book is for you. Also, this book can assist you to prepare for VMware NSX certification. Knowledge of basic networking concepts and VMware components such as vCenter and vSphere is required. What You Will Learn Explore the foundational components of VMware NSX Install and configure NSX manager and its components using best practices Deploy and configure VXLAN-enabled logical switches Secure your environment using Distributed Firewall and Data Security Configure third-party services in NSX Manage, configure, and deploy edge gateway services Understand software-defined networks In Detail VMware NSX is the network virtualization and security platform that emerged from VMware. It is a platform for the software-defined data center. This software networking platform allows complex networking topologies to be deployed programmatically in seconds. SDNs allow ease of deployment, management, and automation in deploying and maintaining new networks while reducing and in some cases completely eliminating the need to deploy traditional networks. In Learning VMware NSX, you will see some of these features of SDN and explore VMware NSX, starting with network virtualization. We'll then walk you through the components of NSX and provide step-by-step instructions to help you install and configure NSX. We also cover all the functional services of NSX, edge services gateway, service composer, and data security. In addition, we'll teach you to integrate partner solutions with NSX. Finally, we show you how to manage your NSX deployment and monitor NSX. Style and approach This is an easy-to-follow guide with tested configuration steps to get you up and running quickly. This book covers the nitty-gritty of installing, configuring, managing, and monitoring VMware NSX.
Author: Yuri Diogenes,Tom Shinder
Publisher: Microsoft Press
Discover high-value Azure security insights, tips, and operational optimizations This book presents comprehensive Azure Security Center techniques for safeguarding cloud and hybrid environments. Leading Microsoft security and cloud experts Yuri Diogenes and Dr. Thomas Shinder show how to apply Azure Security Center’s full spectrum of features and capabilities to address protection, detection, and response in key operational scenarios. You’ll learn how to secure any Azure workload, and optimize virtually all facets of modern security, from policies and identity to incident response and risk management. Whatever your role in Azure security, you’ll learn how to save hours, days, or even weeks by solving problems in most efficient, reliable ways possible. Two of Microsoft’s leading cloud security experts show how to: • Assess the impact of cloud and hybrid environments on security, compliance, operations, data protection, and risk management • Master a new security paradigm for a world without traditional perimeters • Gain visibility and control to secure compute, network, storage, and application workloads • Incorporate Azure Security Center into your security operations center • Integrate Azure Security Center with Azure AD Identity Protection Center and third-party solutions • Adapt Azure Security Center’s built-in policies and definitions for your organization • Perform security assessments and implement Azure Security Center recommendations • Use incident response features to detect, investigate, and address threats • Create high-fidelity fusion alerts to focus attention on your most urgent security issues • Implement application whitelisting and just-in-time VM access • Monitor user behavior and access, and investigate compromised or misused credentials • Customize and perform operating system security baseline assessments • Leverage integrated threat intelligence to identify known bad actors