Book description
Plan, build, and maintain highly secure Azure applications and workloads
As business-critical applications and workloads move to the Microsoft Azure cloud, they must stand up against dangerous new threats. That means you must build robust security into your designs, use proven best practices across the entire development lifecycle, and combine multiple Azure services to optimize security. Now, a team of leading Azure security experts shows how to do just that. Drawing on extensive experience securing Azure workloads, the authors present a practical tutorial for addressing immediate security challenges, and a definitive design reference to rely on for years. Learn how to make the most of the platform by integrating multiple Azure security technologies at the application and network layers taking you from design and development to testing, deployment, governance, and compliance.
About You
This book is for all Azure application designers, architects, developers, development managers, testers, and everyone who wants to make sure their cloud designs and code are as secure as possible.
Discover powerful new ways to:
Improve app / workload security, reduce attack surfaces, and implement zero trust in cloud code
Apply security patterns to solve common problems more easily
Model threats early, to plan effective mitigations
Implement modern identity solutions with OpenID Connect and OAuth2
Make the most of Azure monitoring, logging, and Kusto queries
Safeguard workloads with Azure Security Benchmark (ASB) best practices
Review secure coding principles, write defensive code, fix insecure code, and test code security
Leverage Azure cryptography and confidential computing technologies
Understand compliance and risk programs
Secure CI / CD automated workflows and pipelines
Strengthen container and network security
Table of contents
- Cover Page
- Title Page
- Copyright Page
- Pearson’s Commitment to Diversity, Equity, and Inclusion
- Dedication Page
- Contents at a glance
- Contents
- Acknowledgments
- About the Authors
- Foreword
- Introduction
-
Part I: Security principles
- Chapter 1. Secure development lifecycle processes
- Chapter 2. Secure design
- Chapter 3. Security patterns
-
Chapter 4. Threat modeling
- TL;DR
- What is threat modeling?
- The four main phases of threat modeling
- STRIDE’s threat-classification approach
- The trouble with threat modeling
- Searching for a better threat modeling process
- A better way to perform threat modeling: The five factors
- Threat-modeling tools
- How to threat model: A real-life example
- Summary
- Chapter 5. Identity, authentication, and authorization
- Chapter 6. Monitoring and auditing
- Chapter 7. Governance
- Chapter 8. Compliance and risk programs
- Part II: Secure implementation
- Appendix A. Core cryptographic techniques
- Index
- Code Snippets
Product information
- Title: Designing and Developing Secure Azure Solutions
- Author(s):
- Release date: November 2022
- Publisher(s): Microsoft Press
- ISBN: 9780137908790
You might also like
book
Developing Microservices Architecture on Microsoft Azure with Open Source Technologies
Deliver microservices architecture, step-by-step: from defining business problems through development, deployment, and monitoring Increasingly, organizations are …
book
Azure Infrastructure as Code
Master ARM templates, Bicep, and other Azure Infrastructure-as-Code tools, techniques, and practices to build infrastructure on …
book
Azure Security Cookbook
Gain critical real-world skills to secure your Microsoft Azure infrastructure against cyber attacks Purchase of the …
book
Enterprise Integration with Azure Logic Apps
Learn how to create sophisticated and reliable Logic Apps with improved UX Key Features Become an …