You're reading from Mastering Azure Security Keeping your Microsoft Azure workloads safe

Product type Paperback

Published in Apr 2022

Publisher Packt

ISBN-13 9781803238555

Length 320 pages

Edition 2nd Edition

Tools

Azure

Concepts

Cloud Security

Authors (2):

Mustafa Toroman

Tom Janetscheck

View More author details

Table of Contents (15) Chapters

Preface

1. Section 1: Identity and Governance

2. Chapter 1: An Introduction to Azure Security FREE CHAPTER

3. Chapter 2: Governance and Security

4. Chapter 3: Managing Cloud Identities

5. Section 2: Cloud Infrastructure Security

6. Chapter 4: Azure Network Security

7. Chapter 5: Azure Key Vault

8. Chapter 6: Data Security

9. Section 3: Security Management

10. Chapter 7: Microsoft Defender for Cloud

11. Chapter 8: Microsoft Sentinel

12. Chapter 9: Security Best Practices

13. Assessments

14. Other Books You May Enjoy

Azure infrastructure monitoring

All hardware, software, and network devices in Azure data centers are constantly reviewed and updated. Reviews and updates are performed mandatorily at least once a year, but additional reviews and updates are performed as needed. Any changes (to hardware, software, or the network) must go through the release management process and need to be developed, tested, and approved in development and test environments prior to release to production. In this process, all changes must be reviewed and approved by the Azure security and compliance team.

All Azure data centers use integrated deployment systems for the distribution and installation of security updates for all software provided by Microsoft. If third-party software is used, the customer or software manufacturer is responsible for security updates, depending on how the software is provided and used. For example, if third-party software is installed using Azure Marketplace, the manufacturer is responsible for providing updates. If the software is manually installed, then it depends on the specific software. For Microsoft software, a special team within Microsoft, named Microsoft Security Response Center, is responsible for monitoring and identifying any security incident 24/7/365. Furthermore, any incident must be resolved in the shortest possible time frame.

Vulnerability scanning is performed across the Azure infrastructure (servers, databases, and network) at least once every quarter. If there is a specific issue or incident, vulnerability scanning is performed more often. Microsoft performs penetration tests, but also hires independent consultants to perform penetration tests. This ensures that nothing goes undetected. Any security issues are addressed immediately in order to increase security and stop any exploit when the issue is detected.

In case of any security issue, Microsoft has incident management in place. In the event that Microsoft is aware of a security issue, it takes the following action:

The customer is notified of the incident.
An immediate investigation is started to provide detailed information regarding the security incident.
Steps are taken to mitigate the effects and minimize the damage of the security incident.

Incident management is clearly defined in order to manage, escalate, and resolve all security incidents promptly.

You're reading from Mastering Azure Security Keeping your Microsoft Azure workloads safe

Table of Contents (15) Chapters

Azure infrastructure monitoring

Authors (2)

Personalised recommendations for you