Publisher's Synopsis
Strategies for managing Microsoft's enterprise defense suite and understanding its capabilities, deployments, incident response, and defense against cyber threats
Purchase of the print or Kindle book includes a free PDF ebook
Key Features
- Understand Microsoft 365 Defender, their solutions, and how its crucial for security operations
- Learn how to onboard, manage, and troubleshoot Linux servers with Microsoft Defender for Endpoint
- Implement Microsoft Defender for Identity, explore their deployment methods and apply best practices
Book Description
Microsoft 365 Defender encompasses a lot of products and services that help to make your organization more secure when utilized correctly. It enhances your detection capabilities when you know how to use each product and interpret the results of threats. This book will help you get up and running with all these services and help you to use them effectively.
This book starts with a quick overview of cybersecurity risks that modern organizations face, such as ransomware and APT attacks, and how Microsoft is making massive investments in security today. You will understand how to deploy MDE by deep diving into configurations and their architecture. As you move further, you will learn how to configure Microsoft Defender Antivirus, and onboard and manage macOS, Android, and Linux MDE devices for effective solutions. You will understand how to deploy MS Identity and explore its different deployment methods that can protect your hybrid identity platform. Towards the end, you will be able to configure threat policies for Office 365 and manage KQL queries for advanced hunting with ease. Also, you will get to know how M365D can be integrated with Sentinel and how to use APIs for incident response.
By the end of this book, you will have a deep understanding of Microsoft 365 Defender, and how to protect and respond to security threats.
What you will learn
- Modern cybersecurity threats and a brief history of Microsoft security
- Understanding Microsoft 365 Defender in the threat landscape
- Leverage security benefits that MDE provides on Windows devices
- Understand how to onboard Windows clients and servers
- Learn how Microsoft Defender for Identity expands support to ADFS
- Implement Cloud Apps for better visibility of cloud activity
- Harden your environment with Vulnerability Management and Secure Score
Who This Book Is For
This book is for security engineers, incident responders, blue teamers, IT security professionals who wants to deploy and manage Microsoft 365 Defender services and who wants to successfully investigate and respond to cyber threats. Basic understanding of networking, vulnerabilities, and basic knowledge of Windows and security baselines is required.
Table of Contents
- Microsoft and Modern Cybersecurity Threats
- Microsoft 365 Defender: The big picture
- The Fundamentals of Microsoft Defender for Endpoint
- Onboarding Windows Clients and Servers
- Getting Started with Microsoft Defender Antivirus for Windows
- Advanced Microsoft Defender Antivirus for Windows
- Managing Attack Surface Reduction for Windows
- Managing Additional Capabilities for Windows
- Onboarding and Managing macOS
- Onboarding and Managing Linux Servers
- Onboarding and Managing iOS and Android
- Deploying Microsoft Defender for Identity
- Protecting and configuring iOS and Android
- Implementing Microsoft Defender for Identity
- Implementing Microsoft Defender for Office 365 and Exchange Online Protection
(N.B. Additional chapters to be confirmed upon publication)