Photo by @sincerelymedia on Unsplash

Recommended books about Azure security!

Tobias Zimmergren
Tobias Zimmergren
ScriptRunner Webinar

Recently, I got the question to share a list of books I read on Azure security. While I find most of my material online, in Microsoft Docs, Microsoft Learn, and community blogs, there are some relevant books to look at if you're aiming to strengthen your security knowledge in the Azure space.

Here are three interesting books you can get on Amazon on Azure security.

AZ-500: Microsoft Azure Security Technologies

The Exam Ref for "AZ-500: Microsoft Certified Azure Security Engineer Associate" is a 410-pages book about the various areas that make up the exam for the AZ-500 certification.

Two experienced Microsoft employees author this book; Yuri Diogenes and Orin Thomas. This book brings excellent insights into many relevant topics required to pass the AZ-500.

However, whether you aim to pass this certification, this is a good read if you're new to security in Azure or already on your cloud journey and want to strengthen your skills in these areas.

The book covers these main objectives:

  • Manage identity and access
  • Implement platform protection
  • Manage security operations
  • Secure data and applications

The book is organized by exam objectives and features strategic "what-if" scenarios to challenge your thinking. It does assume that you have experience implementing security controls and threat protection, managing identity and access, and protecting assets in both cloud and hybrid environments. ย 

Book: AZ-500 Exam Reference: Microsoft Azure Security Technologies.

Get the book:

The book was published on 24 December 2020, so there are some updates to the exams and topics since then, which you can review here:

Azure Security Handbook

The full title of this book is "Azure Security Handbook: A Comprehensive Guide for Defending Your Enterprise Environment".

This book is authored by Karl Ots, a previous Microsoft employee, and a seasoned industry peer. ย 

The Azure Security Handbook will teach you:

  • To remediate security risks of Azure applications by implementing the proper security controls at the right time.
  • To achieve security and stay secure across your Azure environment by setting guardrails to automate secure configurations.
  • To protect the most common reference workloads, according to security best practices.
  • To design security access control solutions for your Azure administrative and application access.

If you're a security architect, cloud application developer, or a cloud solution architect working with Azure, this book is probably a great fit on your shelf.

Book: Azure Security Handbook: A comprehensive guide for defending your enterprise environment.

Get the book:

This book was published on August 29, 2021, so the content is still relevant.

SC-900: Microsoft Security, Compliance, and Identity Fundamentals

This is an exam reference guiding your way to the SC-900 exam.

Several well-known profiles in the industry author the exam ref for SC-900. Yuri Diogenes, Nicholas DiCola, Mark Morowczynski, and Kevin McKinnerey.

Topics covered include:

  • Describing the concepts of security, compliance, and identity.
  • Describing the capabilities of Microsoft identity and access management solutions.
  • Describing the capabilities of Microsoft Security solutions.
  • Describing the capabilities of Microsoft compliance solutions.
Book: Exam Ref SC-900 Microsoft Security, Compliance, and Identity Fundamentals.

The book is organized by exam objectives, featuring strategic, "what-if" scenarios to challenge your thinking. It assumes you are a business user, stakeholder, consultant, professional, or student who wants to create holistic, end-to-end solutions with Microsoft security, compliance, and identity technologies.

Get the book:

In addition to this book, Microsoft has published free sample questions to help prepare for this exam.

Over to you

Good luck on your journey in the Azure ecosystem. In this post, I mention some books that cover interesting concepts for security-related topics in Azure.

However, most of my knowledge is a combined collection of information from Microsoft Docs, Microsoft Learn, and the wider only communities.

Would you like to see a comprehensive list of recommended sites, including blogs, podcasts, and official Microsoft resources? Let me know in the comments ๐Ÿ™

AzurecybersecuritySecurity

Tobias Zimmergren Twitter

Hey, I'm Tobias! I write about my experiences in designing, architecting, securing, and operating distributed cloud services. Nice to meet you ๐Ÿ‘‹

Reactions and mentions


Presently sponsored by:
Hornet Security