You're reading from Windows Ransomware Detection and Protection Securing Windows endpoints, the cloud, and infrastructure using Microsoft Intune, Sentinel, and Defender

Product type Paperback

Published in Mar 2023

Publisher Packt

ISBN-13 9781803246345

Length 290 pages

Edition 1st Edition

Languages

Rust

Tools

Azure

Concepts

Cybersecurity

Author (1):

Marius Sandbu

View More author details

Table of Contents (16) Chapters

Preface

1. Part 1:Ransomware Basics

2. Chapter 1: Ransomware Attack Vectors and the Threat Landscape FREE CHAPTER

3. Chapter 2: Building a Secure Foundation

4. Part 2:Protect and Detect

5. Chapter 3: Security Monitoring Using Microsoft Sentinel and Defender

6. Chapter 4: Ransomware Countermeasures – Windows Endpoints, Identity, and SaaS

7. Chapter 5: Ransomware Countermeasures – Microsoft Azure Workloads

8. Chapter 6: Ransomware Countermeasures – Networking and Zero-Trust Access

9. Chapter 7: Protecting Information Using Azure Information Protection and Data Protection

10. Part 3:Assume Breach

11. Chapter 8: Ransomware Forensics

12. Chapter 9: Monitoring the Threat Landscape

13. Chapter 10: Best Practices for Protecting Windows from Ransomware Attacks

14. Index

Why subscribe?

15. Other Books You May Enjoy

Identity and access management in Microsoft Azure

Azure provides a wide range of different security mechanisms. It is important to understand that some services are used to protect the workload itself, such as a virtual machine. There are also services to protect the identity of the administrators or users that have access to Azure to ensure that they are not allowed to set up services that are publicly available or that if they want to perform any administrative action, they need to sign in to the Azure portal with MFA.

When you are interacting with Microsoft Azure either through the web portal, CLI, or SDKs, you are always working with an API layer called Azure Resource Manager, as seen in the following figure. This figure also depicts the other API layer when interacting with Microsoft 365, which is called the Graph API.