**Secure your Azure applications the right way. The expert DevSecOps techniques you’ll learn in this essential handbook make it easy to keep your data safe.** As a Program Manager at Microsoft, Bojan Magusic has helped numerous Fortune 500 companies improve their security posture in Azure. Now, in *Azure Security* he brings his experience from the cyber security frontline to ensure your Azure cloud-based systems are safe and secure. In *Azure Security* you’ll learn vital security skills, including how to: * Set up secure access through Conditional Access policiesImplement Azure WAF on Application Gateway and Front Door * Deploy Azure Firewall Premium for monitoring network activities * Enable Microsoft Defender for Cloud to assess workload configurations * Utilize Microsoft Sentinel for threat detection and analytics * Establish Azure Policy for compliance with business rules Correctly set up out-of-the-box Azure services to protect your web apps against both common and sophisticated threats, learn to continuously assess your systems for vulnerabilities, and discover cutting-edge operations for security hygiene, monitoring, and DevSecOps. Each stage is made clear and easy to follow with step-by-step instructions, complemented by helpful screenshots and diagrams. Purchase of the print book includes a free eBook in PDF and ePub formats from Manning Publications. **About the technology** Securing cloud-hosted applications requires a mix of tools, techniques, and platform-specific services. The Azure platform provides built-in security tools to keep your systems safe, but proper implementation requires a foundational strategy and tactical guidance. **About the book** *Azure Security* details best practices for configuring and deploying Azure’s native security services—from a zero-trust foundation to defense in depth (DiD). Learn from a Microsoft security insider how to establish a DevSecOps program using Microsoft Defender for Cloud. Realistic scenarios and hands-on examples help demystify tricky security concepts, while clever exercises help reinforce what you’ve learned. **What’s inside** * Set up secure access policies * Implement a Web Application Firewall * Deploy MS Sentinel for monitoring and threat detection * Establish compliance with business rules **About the reader** For software and security engineers building and securing Azure applications. **About the author** **Bojan Magusic** is a Product Manager with Microsoft on the Security Customer Experience Engineering Team. **Table of Contents** PART 1 FIRST STEPS 1 About Azure security 2 Securing identities in Azure: The four pillars of identity and Azure Active Directory PART 2 SECURING AZURE RESOURCES 3 Implementing network security in Azure: Firewall, WAF, and DDoS protection 4 Securing compute resources in Azure: Azure Bastion, Kubernetes, and Azure App Service 5 Securing data in Azure Storage accounts: Azure Key Vault 6 Implementing good security hygiene: Microsoft Defender for Cloud and Defender CSPM 7 Security monitoring for Azure resources: Microsoft Defender for Cloud plans PART 3 GOING FURTHER 8 Security operations and response: Microsoft Sentinel 9 Audit and log data: Azure Monitor 10 Importance of governance: Azure Policy and Azure Blueprints 11 DevSecOps: Microsoft Defender for DevOps