Review: Microsoft Defender for Cloud Cookbook by Sasha Kranjac (Packt Publishing)

Review: Microsoft Defender for Cloud Cookbook by Sasha Kranjac (Packt Publishing)

I’ve slacked a bit on reading books lately. Life, in general, has been hectic, and I haven’t had a decent chance to read an excellent book. I’ve fixed that now, at least for this week, by reading the latest book from Sasha Kranjac, a fellow Microsoft MVP (among other things). The book is called Microsoft Defender for Cloud Cookbook (Packt Publishing).

The ebook version of the book is currently discounted at just 5 € if you buy direct from Packt Publishing. It’s 314 pages and was released in July 2022.

What the book contains

As the book is a cookbook, it’s practical and hands-on. There is less theory and perhaps fewer reference data. I like this approach, and I feel the book gives the most value to someone who knows Azure but would like to understand Defender for Cloud’s aspects fully. I found myself reading the ebook version on my tablet, next to my workstation, with Azure Portal open to check through the detailed content. The book reads like a lab book, so be prepared to focus on actionable content rather than esoteric theoretical ideas.

The book has ten parts:

  • Part 1 for getting started with Defender for Cloud: provisioning, configuring, enabling.
  • Part 2 for multi-cloud connectivity – AWS, Google Cloud, and Azure Arc.
  • Part 3 for advanced automation via playbooks (Logic Apps) and continuous export
  • Part 4 on Secure Score
  • Part 5 on alerts and incidents
  • Part 6 on compliance and policies
  • Part 7 on workload protection
  • Part 8 on firewall manager
  • Part 9 on information protection
  • and finally, part 10 on KQL and workbooks

Before starting the book, I was more or less familiar with all aspects of these. I set out to read the book with the willingness to learn new stuff about a familiar service. And that I did get. Not every week do I get to configure multi-cloud protection or use the Firewall Manager in practice.

Some bits are very condensed, assuming the reader knows at least the elements and basics of a given feature or capability. You can – and perhaps should – pick the parts you need to learn the most and go from there. Each part includes hands-on guidance on how to get the feature configured. This is perhaps the primary difference from many other books that aim to explain each aspect’s why. It’s a cookbook, after all.

Sasha’s writing style is direct and results-oriented. Each sentence packs knowledge in. I’m a fan of shorter books, as I rarely have time to digest a 750+ page book. This book delivers in that context, also.

The screenshots are clean, and the guidance for the exercises is easy to follow.

The book is less about educating you on all aspects of a given capability, for example, KQL isn’t taught in this book, but how to use KQL in workbooks as part of your reporting and visibility needs.

In closing

The book is a lovely read. I read it in three sittings during the past week. Bits I skimmed more rapidly, as I felt I knew enough about a given topic. Other bits I followed more carefully to expose myself to learning about something I’ve spent less time on.

I can warmly recommend the book to anyone wanting to learn the ins and outs of Defender for Cloud in a practical way!