Kirjailija
Rod Trent
Kirjat ja teokset yhdessä paikassa: 12 kirjaa, julkaisuja vuosilta 2022-2026, suosituimpien joukossa Mistaken for Dead. Vertaile teosten hintoja ja tarkista saatavuus suomalaisista kirjakaupoista.
12 kirjaa
Kirjojen julkaisuhaarukka 2022-2026.
A practical guide to modern cybersecurity using Microsoft tools, covering step-by-step setup, Zero Trust AI integration, and security framework alignment Key Features Deploy Microsoft Sentinel with end-to-end guidance, including CI/CD automation and scalable architecture Integrate Security Copilot with Defender XDR to enable AI-driven threat detection and response Implement Zero-Trust strategies and align with modern DevSecOps and cybersecurity frameworks Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionIn the evolving cybersecurity landscape, the integration of Microsoft Defender XDR and Security Copilot presents a game-changing approach to modern threat detection and response. With this book, you’ll understand how these tools, in conjunction with Microsoft’s extensive ecosystem, enable organizations to outpace emerging threats. Starting with core XDR concepts, security frameworks, and Microsoft’s competitive advantages in cybersecurity, you’ll master the foundational aspects of deploying Microsoft Sentinel, configuring security infrastructure, and optimizing security operations using AI-driven tools. Advanced topics, including Zero-Trust strategies, DevSecOps integration, and partner programs, prepare you for increasingly sophisticated scenarios in Microsoft cloud security. You’ll also explore practical deployment workflows, covering cost analysis, role-based access configurations, and fast-tracked Sentinel deployment using CI/CD pipelines. By the end of this book, you’ll have gained insights into security automation, threat detection, and AI integration with Security Copilot for optimized operations and have the confidence to implement and manage Microsoft Defender XDR and Sentinel in complex environments, driving scalable and secure solutions.What you will learn Deploy Microsoft Sentinel with RBAC, governance, and financial planning Align security programs with Zero Trust and global frameworks Automate assessments with ScubaGear, Maester, and Azure DevOps Build secure Sentinel foundations with Entra ID, PIM, and management groups Onboard customers and partners via Azure Lighthouse and GDAP Master the Sentinel workflow backbone: KQL, detections, automation, MITRE ATT&CK Accelerate rollouts using FastTrack deployment and CI/CD pipelines Harness Security Copilot for AI-assisted detection and investigation Who this book is forThis book is for you if you have a solid understanding of Microsoft security products and Azure and are now looking to expand your expertise by incorporating Microsoft Sentinel. Security experts using alternative SIEM tools who want to adopt Microsoft Sentinel as an additional or replacement service will also find this book useful.
Become a Security Copilot expert and harness the power of AI to stay ahead in the evolving landscape of cyber defense Key Features Explore the Security Copilot ecosystem and learn to design effective prompts, promptbooks, and custom plugins Apply your knowledge with real-world case studies that demonstrate Security Copilot in action Transform your security operations with next-generation defense capabilities and automation Access interactive learning paths and GitHub-based examples to build practical expertise Book DescriptionBe at the forefront of cybersecurity innovation with Microsoft Security Copilot, where advanced AI tackles the intricate challenges of digital defense. This book unveils Security Copilot’s powerful features, from AI-powered analytics revolutionizing security operations to comprehensive orchestration tools streamlining incident response and threat management. Through real-world case studies and frontline stories, you’ll learn how to truly harness AI advancements and unlock the full potential of Security Copilot within the expansive Microsoft ecosystem. Designed for security professionals navigating increasingly sophisticated cyber threats, this book equips you with the skills to accelerate threat detection and investigation, refine your security processes, and optimize cyber defense strategies. By the end of this book, you’ll have become a Security Copilot ninja, confidently crafting effective prompts, designing promptbooks, creating custom plugins, and integrating logic apps for enhanced automation.What you will learn Navigate and use the complete range of features in Microsoft Security Copilot Unlock the full potential of Security Copilot's diverse plugin ecosystem Strengthen your prompt engineering skills by designing impactful and precise prompts Create and optimize promptbooks to streamline security workflows Build and customize plugins to meet your organization's specific needs See how AI is transforming threat detection and response for the new era of cyber defense Understand Security Copilot's pricing model for cost-effective solutions Who this book is forThis book is for cybersecurity professionals at all experience levels, from beginners seeking foundational knowledge to seasoned experts looking to stay ahead of the curve. While readers with basic cybersecurity knowledge will find the content approachable, experienced practitioners will gain deep insights into advanced features and real-world applications.
The Definitive Guide to KQL
Mark Morowczynski; Rod Trent; Matthew Zorich
PEARSON EDUCATION (US)
2024
nidottu
Turn the avalanche of raw data from Azure Data Explorer, Azure Monitor, Microsoft Sentinel, and other Microsoft data platforms into actionable intelligence with KQL (Kusto Query Language). Experts in information security and analysis guide you through what it takes to automate your approach to risk assessment and remediation, speeding up detection time while reducing manual work using KQL. This accessible and practical guide—designed for a broad range of people with varying experience in KQL—will quickly make KQL second nature for information security. Solve real problems with Kusto Query Language— and build your competitive advantage: Learn the fundamentals of KQL—what it is and where it is usedExamine the anatomy of a KQL queryUnderstand why data summation and aggregation is importantSee examples of data summation, including count, countif, and dcountLearn the benefits of moving from raw data ingestion to a more automated approach for security operationsUnlock how to write efficient and effective queriesWork with advanced KQL operators, advanced data strings, and multivalued stringsExplore KQL for day-to-day admin tasks, performance, and troubleshootingUse KQL across Azure, including app services and function appsDelve into defending and threat hunting using KQLRecognize indicators of compromise and anomaly detectionLearn to access and contribute to hunting queries via GitHub and workbooks via Microsoft Entra ID
Microsoft Unified XDR and SIEM Solution Handbook
Raghu Boddu; Rod Trent; Sami Lamppu
PACKT PUBLISHING LIMITED
2024
nidottu
A practical guide to deploying, managing, and leveraging the power of Microsoft's unified security solution Key Features Learn how to leverage Microsoft's XDR and SIEM for long-term resilience Explore ways to elevate your security posture using Microsoft Defender tools such as MDI, MDE, MDO, MDA, and MDC Discover strategies for proactive threat hunting and rapid incident response Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionTired of dealing with fragmented security tools and navigating endless threat escalations? Take charge of your cyber defenses with the power of Microsoft's unified XDR and SIEM solution. This comprehensive guide offers an actionable roadmap to implementing, managing, and leveraging the full potential of the powerful unified XDR + SIEM solution, starting with an overview of Zero Trust principles and the necessity of XDR + SIEM solutions in modern cybersecurity. From understanding concepts like EDR, MDR, and NDR and the benefits of the unified XDR + SIEM solution for SOC modernization to threat scenarios and response, you’ll gain real-world insights and strategies for addressing security vulnerabilities. Additionally, the book will show you how to enhance Secure Score, outline implementation strategies and best practices, and emphasize the value of managed XDR and SIEM solutions. That’s not all; you’ll also find resources for staying updated in the dynamic cybersecurity landscape. By the end of this insightful guide, you'll have a comprehensive understanding of XDR, SIEM, and Microsoft's unified solution to elevate your overall security posture and protect your organization more effectively.What you will learn Optimize your security posture by mastering Microsoft's robust and unified solution Understand the synergy between Microsoft Defender's integrated tools and Sentinel SIEM and SOAR Explore practical use cases and case studies to improve your security posture See how Microsoft's XDR and SIEM proactively disrupt attacks, with examples Implement XDR and SIEM, incorporating assessments and best practices Discover the benefits of managed XDR and SOC services for enhanced protection Who this book is forThis comprehensive guide is your key to unlocking the power of Microsoft's unified XDR and SIEM offering. Whether you're a cybersecurity pro, incident responder, SOC analyst, or simply curious about these technologies, this book has you covered. CISOs, IT leaders, and security professionals will gain actionable insights to evaluate and optimize their security architecture with Microsoft's integrated solution. This book will also assist modernization-minded organizations to maximize existing licenses for a more robust security posture.
Microsoft Cybersecurity Architect Exam Ref SC-100
Dwayne Natwick; Rod Trent
PACKT PUBLISHING LIMITED
2023
nidottu
Advance your knowledge of architecting and evaluating cybersecurity services to tackle day-to-day challenges Key Features Gain a deep understanding of all topics covered in the SC-100 exam Benefit from practical examples that will help you put your new knowledge to work Design a zero-trust architecture and strategies for data, applications, access management, identity, and infrastructure Book DescriptionMicrosoft Cybersecurity Architect Exam Ref SC-100 is a comprehensive guide that will help cybersecurity professionals design and evaluate the cybersecurity architecture of Microsoft cloud services. Complete with hands-on tutorials, projects, and self-assessment questions, you’ll have everything you need to pass the SC-100 exam. This book will take you through designing a strategy for a cybersecurity architecture and evaluating the governance, risk, and compliance (GRC) of the architecture. This will include cloud-only and hybrid infrastructures, where you’ll learn how to protect using the principles of zero trust, along with evaluating security operations and the overall security posture. To make sure that you are able to take the SC-100 exam with confidence, the last chapter of this book will let you test your knowledge with a mock exam and practice questions. By the end of this book, you’ll have the knowledge you need to plan, design, and evaluate cybersecurity for Microsoft cloud and hybrid infrastructures, and pass the SC-100 exam with flying colors.What you will learn Design a zero-trust strategy and architecture Evaluate GRC technical strategies and security operations strategies Design security for infrastructure Develop a strategy for data and applications Understand everything you need to pass the SC-100 exam with ease Use mock exams and sample questions to prepare for the structure of the exam Who this book is forThis book is for a wide variety of cybersecurity professionals – from security engineers and cybersecurity architects to Microsoft 365 administrators, user and identity administrators, infrastructure administrators, cloud security engineers, and other IT professionals preparing to take the SC-100 exam. It’s also a good resource for those designing cybersecurity architecture without preparing for the exam. To get started, you’ll need a solid understanding of the fundamental services within Microsoft 365, and Azure, along with knowledge of security, compliance, and identity capabilities in Microsoft and hybrid architectures.