You are previewing Microsoft Azure Security.
O'Reilly logo
Microsoft Azure Security

Book Description

Protect your solutions from malicious users using Microsoft Azure Services

In Detail

Microsoft Azure Security helps you ensure that all your applications and services stay secure and safe from any threats. Starting with a quick tour through the fundamentals of security standards, you will quickly gain a comprehensive overview of Azure Services where security has to be managed directly. You will then see some use cases of Azure usage, exploring the various building blocks of the entire platform. This will help you get involved with the services covered in the ensuing chapters.

Next, you will learn to identify, for any given service of Azure, where the possible traps are and how malicious behaviors could lead up to a huge loss in terms of information and consequently, money. Finish with a flourish by implementing authentication solutions within applications with Azure Services and learn the best practices for Azure-related IT resources. With this comprehensive guide, you will learn many of the key security processes along with network, system, and host security and ensure that your applications and services are secure.

What You Will Learn

  • Recognize the basic principles of IT security to protect your applications

  • Implement authentication solutions within applications with Azure Services

  • Analyze use cases of Azure usage, regarding services that are PaaS such as websites, SQL Databases, and storage

  • Analyze use cases of Azure usage, regarding services that are IaaS such as Virtual Machines and Virtual Networks

  • Use Azure Cloud-based identity solutions in applications

  • Assess risks to build a complete map of what to monitor

  • Identify and avoid common pitfalls while developing web applications

  • Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the files e-mailed directly to you.

    Table of Contents

    1. Microsoft Azure Security
      1. Table of Contents
      2. Microsoft Azure Security
      3. Credits
      4. About the Author
      5. About the Reviewers
      6. www.PacktPub.com
        1. Support files, eBooks, discount offers, and more
          1. Why subscribe?
          2. Free access for Packt account holders
          3. Instant updates on new Packt books
      7. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Errata
          2. Piracy
          3. Questions
      8. 1. The Fundamentals of Security Standards
        1. Information security fundamentals
          1. CIA triangle
          2. Security management
            1. Risk analysis
        2. Physical measures and logical measures
          1. Introducing ISO/IEC 27000
          2. Physical security and controls
            1. Security boundaries
            2. Mobile equipment
          3. Logical security and controls
            1. Human resources
            2. Access control
            3. Mobile devices
            4. Cryptography
            5. Communication
            6. Software management
            7. Laws and regulations
          4. Security in software development
            1. Local development tools
            2. Access to source code
            3. Credentials management
        3. Security standards in Azure
          1. Implementing security, privacy, and compliance
            1. Security
            2. Privacy
            3. Compliance
        4. Summary
      9. 2. Identity and Access Management for Users
        1. IAM in the current portal
          1. Creating a custom Azure Active Directory
            1. Configuring the Azure Directory user access
          2. Adding a co-administrator to the subscription
          3. Securing the Microsoft account
            1. Two-step verification
            2. Authenticator app
        2. IAM in the Preview portal
          1. Role-Based Access Control
            1. Roles
            2. Hierarchy of security objects
          2. Adding a user in the Preview portal
        3. Advanced authentication
          1. Multi-Factor Authentication
            1. Setting up Multi-Factor Authentication
          2. Management Certificates
            1. Setting up a Management Certificate
        4. Summary
      10. 3. Platform as a Service
        1. Hosting the code
          1. Cloud Services
            1. Remote endpoints
            2. Remote Desktop
            3. Startup tasks
            4. Microsoft Antimalware
            5. Network communication
          2. Websites
            1. Project Kudu
            2. Credentials
            3. Connection modes
            4. Settings and connection strings
            5. Backups
            6. Extensions
        2. Hosting the data
          1. Storage
            1. Account keys
            2. Shared Access Signatures
            3. Scalability and performance targets
          2. SQL Database
            1. Setting up firewall rules
            2. Setting up users and roles
            3. Connection settings
        3. Working with a cache
          1. Azure Managed Cache
            1. SSL
            2. Named caches
          2. Azure Redis Cache
            1. Databases
        4. Working with the Service Bus
          1. Shared Access Policies
        5. Summary
      11. 4. Infrastructure as a Service
        1. Virtual Machines
          1. External security
            1. Creation: Windows versus Linux
            2. Endpoints and ACLs
            3. Networking and isolation
            4. Extensions
          2. Internal security
            1. Operating system firewall
            2. Auditing and best practices
        2. Virtual Networks
          1. Network Security Groups
          2. Hybrid networks
        3. Azure Backup
          1. Configuring a backup vault
          2. Registering a server
          3. Scheduling backups
        4. Summary
      12. 5. Identity and Access Management for Developers
        1. Azure Active Directory
          1. Single-tenant applications
            1. Inspecting messages
            2. Available claims and security groups
          2. Multi-tenant applications
            1. Consent Framework
          3. Azure AD Graph API
            1. Directory extensions
          4. Azure AD Access Control Service
            1. Configuring Facebook as an Identity Provider
            2. Configuring Azure AD as an Identity Provider
            3. Applying claims transformations
            4. Integration with ASP.NET
        2. Azure Key Vault
          1. Creating a Key Vault
            1. Creating the vault
            2. Adding a key or secret
          2. Using the .NET client library
        3. Summary
      13. Index