The Definitive Guide to KQL

The Definitive Guide to KQL
Author: Mark Morowczynski
Publisher: Microsoft Press
Total Pages: 1244
Release: 2024-05-16
Genre: Computers
ISBN: 0138293465

Turn the avalanche of raw data from Azure Data Explorer, Azure Monitor, Microsoft Sentinel, and other Microsoft data platforms into actionable intelligence with KQL (Kusto Query Language). Experts in information security and analysis guide you through what it takes to automate your approach to risk assessment and remediation, speeding up detection time while reducing manual work using KQL. This accessible and practical guide—designed for a broad range of people with varying experience in KQL—will quickly make KQL second nature for information security. Solve real problems with Kusto Query Language— and build your competitive advantage: Learn the fundamentals of KQL—what it is and where it is used Examine the anatomy of a KQL query Understand why data summation and aggregation is important See examples of data summation, including count, countif, and dcount Learn the benefits of moving from raw data ingestion to a more automated approach for security operations Unlock how to write efficient and effective queries Work with advanced KQL operators, advanced data strings, and multivalued strings Explore KQL for day-to-day admin tasks, performance, and troubleshooting Use KQL across Azure, including app services and function apps Delve into defending and threat hunting using KQL Recognize indicators of compromise and anomaly detection Learn to access and contribute to hunting queries via GitHub and workbooks via Microsoft Entra ID

Elasticsearch: The Definitive Guide

Elasticsearch: The Definitive Guide
Author: Clinton Gormley
Publisher: "O'Reilly Media, Inc."
Total Pages: 659
Release: 2015-01-23
Genre: Computers
ISBN: 1449358500

Whether you need full-text search or real-time analytics of structured data—or both—the Elasticsearch distributed search engine is an ideal way to put your data to work. This practical guide not only shows you how to search, analyze, and explore data with Elasticsearch, but also helps you deal with the complexities of human language, geolocation, and relationships. If you’re a newcomer to both search and distributed systems, you’ll quickly learn how to integrate Elasticsearch into your application. More experienced users will pick up lots of advanced techniques. Throughout the book, you’ll follow a problem-based approach to learn why, when, and how to use Elasticsearch features. Understand how Elasticsearch interprets data in your documents Index and query your data to take advantage of search concepts such as relevance and word proximity Handle human language through the effective use of analyzers and queries Summarize and group data to show overall trends, with aggregations and analytics Use geo-points and geo-shapes—Elasticsearch’s approaches to geolocation Model your data to take advantage of Elasticsearch’s horizontal scalability Learn how to configure and monitor your cluster in production

Microsoft Unified XDR and SIEM Solution Handbook

Microsoft Unified XDR and SIEM Solution Handbook
Author: Raghu Boddu
Publisher: Packt Publishing Ltd
Total Pages: 296
Release: 2024-02-29
Genre: Computers
ISBN: 1835085849

A practical guide to deploying, managing, and leveraging the power of Microsoft's unified security solution Key Features Learn how to leverage Microsoft's XDR and SIEM for long-term resilience Explore ways to elevate your security posture using Microsoft Defender tools such as MDI, MDE, MDO, MDA, and MDC Discover strategies for proactive threat hunting and rapid incident response Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionTired of dealing with fragmented security tools and navigating endless threat escalations? Take charge of your cyber defenses with the power of Microsoft's unified XDR and SIEM solution. This comprehensive guide offers an actionable roadmap to implementing, managing, and leveraging the full potential of the powerful unified XDR + SIEM solution, starting with an overview of Zero Trust principles and the necessity of XDR + SIEM solutions in modern cybersecurity. From understanding concepts like EDR, MDR, and NDR and the benefits of the unified XDR + SIEM solution for SOC modernization to threat scenarios and response, you’ll gain real-world insights and strategies for addressing security vulnerabilities. Additionally, the book will show you how to enhance Secure Score, outline implementation strategies and best practices, and emphasize the value of managed XDR and SIEM solutions. That’s not all; you’ll also find resources for staying updated in the dynamic cybersecurity landscape. By the end of this insightful guide, you'll have a comprehensive understanding of XDR, SIEM, and Microsoft's unified solution to elevate your overall security posture and protect your organization more effectively.What you will learn Optimize your security posture by mastering Microsoft's robust and unified solution Understand the synergy between Microsoft Defender's integrated tools and Sentinel SIEM and SOAR Explore practical use cases and case studies to improve your security posture See how Microsoft's XDR and SIEM proactively disrupt attacks, with examples Implement XDR and SIEM, incorporating assessments and best practices Discover the benefits of managed XDR and SOC services for enhanced protection Who this book is for This comprehensive guide is your key to unlocking the power of Microsoft's unified XDR and SIEM offering. Whether you're a cybersecurity pro, incident responder, SOC analyst, or simply curious about these technologies, this book has you covered. CISOs, IT leaders, and security professionals will gain actionable insights to evaluate and optimize their security architecture with Microsoft's integrated solution. This book will also assist modernization-minded organizations to maximize existing licenses for a more robust security posture.

The Complete Guide to Defense in Depth

The Complete Guide to Defense in Depth
Author: Akash Mukherjee
Publisher: Packt Publishing Ltd
Total Pages: 298
Release: 2024-07-31
Genre: Computers
ISBN: 1835464734

Gain comprehensive insights to safeguard your systems against advanced threats and maintain resilient security posture Key Features Develop a comprehensive understanding of advanced defense strategies to shape robust security programs Evaluate the effectiveness of a security strategy through the lens of Defense in Depth principles Understand the attacker mindset to deploy solutions that protect your organization from emerging threats Purchase of the print or Kindle book includes a free PDF eBook Book DescriptionIn an era of relentless cyber threats, organizations face daunting challenges in fortifying their defenses against increasingly sophisticated attacks. The Complete Guide to Defense in Depth offers a comprehensive roadmap to navigating the complex landscape, empowering you to master the art of layered security. This book starts by laying the groundwork, delving into risk navigation, asset classification, and threat identification, helping you establish a robust framework for layered security. It gradually transforms you into an adept strategist, providing insights into the attacker's mindset, revealing vulnerabilities from an adversarial perspective, and guiding the creation of a proactive defense strategy through meticulous mapping of attack vectors. Toward the end, the book addresses the ever-evolving threat landscape, exploring emerging dangers and emphasizing the crucial human factor in security awareness and training. This book also illustrates how Defense in Depth serves as a dynamic, adaptable approach to cybersecurity. By the end of this book, you’ll have gained a profound understanding of the significance of multi-layered defense strategies, explored frameworks for building robust security programs, and developed the ability to navigate the evolving threat landscape with resilience and agility.What you will learn Understand the core tenets of Defense in Depth, its principles, and best practices Gain insights into evolving security threats and adapting defense strategies Master the art of crafting a layered security strategy Discover techniques for designing robust and resilient systems Apply Defense in Depth principles to cloud-based environments Understand the principles of Zero Trust security architecture Cultivate a security-conscious culture within organizations Get up to speed with the intricacies of Defense in Depth for regulatory compliance standards Who this book is for This book is for security engineers, security analysts, and security managers who are focused on secure design and Defense in Depth. Business leaders and software developers who want to build a security mindset will also find this book valuable. Additionally, students and aspiring security professionals looking to learn holistic security strategies will benefit from the book. This book doesn’t assume any prior knowledge and explains all the fundamental concepts. However, experience in the security industry and awareness of common terms will be helpful.

Learn Azure Sentinel

Learn Azure Sentinel
Author: Richard Diver
Publisher: Packt Publishing Ltd
Total Pages: 423
Release: 2020-04-07
Genre: Computers
ISBN: 1839216638

Understand how to set up, configure, and use Azure Sentinel to provide security incident and event management services for your environment Key FeaturesSecure your network, infrastructure, data, and applications on Microsoft Azure effectivelyIntegrate artificial intelligence, threat analysis, and automation for optimal security solutionsInvestigate possible security breaches and gather forensic evidence to prevent modern cyber threatsBook Description Azure Sentinel is a Security Information and Event Management (SIEM) tool developed by Microsoft to integrate cloud security and artificial intelligence (AI). Azure Sentinel not only helps clients identify security issues in their environment, but also uses automation to help resolve these issues. With this book, you’ll implement Azure Sentinel and understand how it can help find security incidents in your environment with integrated artificial intelligence, threat analysis, and built-in and community-driven logic. This book starts with an introduction to Azure Sentinel and Log Analytics. You’ll get to grips with data collection and management, before learning how to create effective Azure Sentinel queries to detect anomalous behaviors and patterns of activity. As you make progress, you’ll understand how to develop solutions that automate the responses required to handle security incidents. Finally, you’ll grasp the latest developments in security, discover techniques to enhance your cloud security architecture, and explore how you can contribute to the security community. By the end of this book, you’ll have learned how to implement Azure Sentinel to fit your needs and be able to protect your environment from cyber threats and other security issues. What you will learnUnderstand how to design and build a security operations centerDiscover the key components of a cloud security architectureManage and investigate Azure Sentinel incidentsUse playbooks to automate incident responsesUnderstand how to set up Azure Monitor Log Analytics and Azure SentinelIngest data into Azure Sentinel from the cloud and on-premises devicesPerform threat hunting in Azure SentinelWho this book is for This book is for solution architects and system administrators who are responsible for implementing new solutions in their infrastructure. Security analysts who need to monitor and provide immediate security solutions or threat hunters looking to learn how to use Azure Sentinel to investigate possible security breaches and gather forensic evidence will also benefit from this book. Prior experience with cloud security, particularly Azure, is necessary.

Banking on Cloud Data Platforms: A Guide

Banking on Cloud Data Platforms: A Guide
Author: Dillip Kumar, Sarah Mohapatra
Publisher: Blue Rose Publishers
Total Pages: 216
Release: 2023-10-12
Genre: Computers
ISBN:

This book explores the evolution of data platforms over the last five decades, spanning from data warehousing to big data and cloud technologies. It discusses architecture, guiding principles, technology, and various use cases in the banking industry. The role of fintech and meeting digital payment demands with modern platforms is addressed. Techniques for handling PII/SPDI data in the cloud, ingestion frameworks, real-time and streaming data, and data availability are discussed practically. Additionally, it covers the increasing roles of CDOs, governance, data security, and DPDP. These chapters serve as valuable references for banks and financial institutions, drawing from real-world data sources and global events.

Windows Server 2008 PKI and Certificate Security

Windows Server 2008 PKI and Certificate Security
Author: Brian Komar
Publisher: Pearson Education
Total Pages: 1074
Release: 2008-04-09
Genre: Computers
ISBN: 0735646406

Get in-depth guidance for designing and implementing certificate-based security solutions—straight from PKI expert Brian Komar. No need to buy or outsource costly PKI services when you can use the robust PKI and certificate-based security services already built into Windows Server 2008! This in-depth reference teaches you how to design and implement even the most demanding certificate-based security solutions for wireless networking, smart card authentication, VPNs, secure email, Web SSL, EFS, and code-signing applications using Windows Server PKI and certificate services. A principal PKI consultant to Microsoft, Brian shows you how to incorporate best practices, avoid common design and implementation mistakes, help minimize risk, and optimize security administration.

Mastering Microsoft Dynamics 365 Business Central

Mastering Microsoft Dynamics 365 Business Central
Author: Stefano Demiliani
Publisher: Packt Publishing Ltd
Total Pages: 685
Release: 2024-03-19
Genre: Computers
ISBN: 1837639663

Utilize Microsoft Dynamics 365 Business Central's most recent capabilities to create bespoke business management solutions using best practices learned along the way from veterans in the industry. Purchase of the print or Kindle book includes a free PDF eBook Key Features Extend Business Central's functionalities through Azure, Power Platform, GitHub, and custom extensions Unlock the potential of data exchange and functionality expansion by integrating with external systems using APIs and OData Build reliable, maintainable, and continuously improving solutions while writing performant, well-structured code and using telemetries and DevOps Book DescriptionThis book dives straight into guiding you through the process of building real-world solutions with the AL language and Visual Studio Code. It emphasizes best practices and extensibility patterns to ensure your extensions are well-structured, maintainable, and meet the needs of modern businesses. You'll learn advanced AL techniques, report creation methods, debugging strategies, and how to leverage telemetries for monitoring. Additionally, it covers performance optimization practices and API integration to help you create efficient and interconnected solutions. With a focus on extension development, this new edition allows you to jump right into coding without spending time on setup processes. This book introduces new chapters covering essential tasks that Business Central developers frequently encounter, such as file handling and printing management. Finally, the book expands its scope by including chapters on various integration aspects, including VS Code extensions, GitHub DevOps, Azure services, and Power Platform integrations. We’ll wrap up by covering Copilot capabilities in Business Central and how you can create your own generative AI copilots. By mastering these concepts and techniques, you'll be well-equipped to create powerful and customized solutions that extend the capabilities of Dynamics 365 Business Central.What you will learn Developing a customized solution for Dynamics 365 Business Central Writing performant code following extensibility patterns Handling reporting, files, and printing on a cloud environment Handling Business Central telemetries with Azure Writing APIs and integrations for Dynamics 365 Business Central Applying DevOps and CI/CD to development projects by using GitHub Integrating Business Central with Power Platform Publishing your solutions to AppSource marketplace Manage Copilot capabilities and create your own generative AI copilot Who this book is for This book is intended for new developers who want to get started with Dynamics 365 Business Central. Professionals with expertise will also benefit from this book by enhancing their knowledge and comprehension of Dynamics 365 Business Central development platform and best practices

Learn Azure Synapse Data Explorer

Learn Azure Synapse Data Explorer
Author: Pericles (Peri) Rocha
Publisher: Packt Publishing Ltd
Total Pages: 346
Release: 2023-02-17
Genre: Computers
ISBN: 1803239611

A hands-on guide to working on use cases helping you ingest, analyze, and serve insightful data from IoT as well as telemetry data sources using Azure Synapse Data Explorer Free PDF included with this book Key FeaturesAugment advanced analytics projects with your IoT and application dataExpand your existing Azure Synapse environments with unstructured dataBuild industry-level projects on integration, experimentation, and dashboarding with Azure SynapseBook Description Large volumes of data are generated daily from applications, websites, IoT devices, and other free-text, semi-structured data sources. Azure Synapse Data Explorer helps you collect, store, and analyze such data, and work with other analytical engines, such as Apache Spark, to develop advanced data science projects and maximize the value you extract from data. This book offers a comprehensive view of Azure Synapse Data Explorer, exploring not only the core scenarios of Data Explorer but also how it integrates within Azure Synapse. From data ingestion to data visualization and advanced analytics, you'll learn to take an end-to-end approach to maximize the value of unstructured data and drive powerful insights using data science capabilities. With real-world usage scenarios, you'll discover how to identify key projects where Azure Synapse Data Explorer can help you achieve your business goals. Throughout the chapters, you'll also find out how to manage big data as part of a software as a service (SaaS) platform, as well as tune, secure, and serve data to end users. By the end of this book, you'll have mastered the big data life cycle and you'll be able to implement advanced analytical scenarios from raw telemetry and log data. What you will learnIntegrate Data Explorer pools with all other Azure Synapse servicesCreate Data Explorer pools with Azure Synapse Studio and Azure PortalIngest, analyze, and serve data to users using Azure Synapse pipelinesIntegrate Power BI and visualize data with Synapse StudioConfigure Azure Machine Learning integration in Azure SynapseManage cost and troubleshoot Data Explorer pools in Synapse AnalyticsSecure Synapse workspaces and grant access to Data Explorer poolsWho this book is for If you are a data engineer, data analyst, or business analyst working with unstructured data and looking to learn how to maximize the value of such data, this book is for you. If you already have experience working with Azure Synapse and want to incorporate unstructured data into your data science project, you'll also find plenty of useful information in this book. To maximize your learning experience, familiarity with data and performing simple queries using SQL or KQL is recommended. Basic knowledge of Python will help you get more from the examples.

Microsoft Windows Security Resource Kit

Microsoft Windows Security Resource Kit
Author: Ben Smith
Publisher:
Total Pages: 716
Release: 2005
Genre: Computers
ISBN: 9780735621749

Now fully updated and revised, this official Microsoft RESOURCE KIT delivers the in-depth information and tools you need to help protect your Windows-based clients, servers, networks, and Internet services. Security experts Ben Smith and Brian Komar, working in conjunction with the Microsoft Security Team, explain how core Windows security internals work and how to assess security threats and vulnerabilities, configure security features, monitor and respond to security events, and effectively apply security technologies and best practices. You'll find new information on Microsoft Windows Server 2003 Service Pack 1, Windows XP Service Pack 2, and Microsoft Office 2003 Editions. And you'll get essential tools, scripts, templates, and other key resources on the CD. Get in-depth guidance on how to: Build security considerations into the design of Active Directory objects, domains, and forests; manage user accounts and passwords; apply Group Policy NEW--Utilize the Security Configuration Wizard and Windows Update Services Configure TCP/IP and the Windows Firewall, and address the unique security risks of mobile computing and wireless networking Define security settings for domain controllers, IIS 5.0 and 6.0, Windows Terminal Services, and DNS, DHCP, WINS, RAS, and certificate servers NEW--Design an 802.1x authentication infrastructure NEW--Implement the security advances in Microsoft Office 2003 Editions, IIS 6.0, and the latest service packs Perform security assessments and respond to security incidents Manage security and privacy settings for Microsoft Office and Internet Explorer CD features: 20+ tools and scripts, including: Placeholder script Xcacls.vbs--to script file and folder permissions EventcombMT.exe--to collect and search event logs from multiple computers through a GUI Microsoft Encyclopedia of Networking, Second Edition, eBook Microsoft Encyclopedia of Security eBook Bonus content from additional Microsoft Press security books eBook of the complete RESOURCE KIT For customers who purchase an ebook version of this title, instructions for downloading the CD files can be found in the ebook.