Talk: Azure Security Toolbox at Boston Azure

Last night’s Boston Azure meeting featured Marija Strazdas from @AlertLogic who spoke about the Shared Security Model for security in the cloud. I also showed in more detail some of the tools that Azure provides to help customers with their side of the responsibility model including some with Azure SQL DB, Storage, KeyVault, and Azure Security Center. Here are the slides I presented (though I didn’t get through most of them).

EDIT: Here is the deck presented by Marija Strazdas from @AlertLogic who spoke about the Shared Security Model for security in the cloud:

Alert Logic Azure Security Presentation

marija

You can find @bostonazure on twitter, and feel free to join us on slack.

 

Talk: When NOT to use PowerShell with Azure

Today at PowerShell in Action I spoke twice about not going TOO far in your PowerShell when managing Azure resources.

The point of the talks wasn’t really that using PowerShell is bad/wrong, more that it might not be the best tool for the job in certain scenarios. In particular, an ARM template is a powerful modeling tool in support of a “no pets” policy, which is interesting to consider as your cloud environments grow more complex while also wanting to make environments easier to manage. Another benefit stems from keeping the ARM template itself as an “infrastructure as code” artifact that can be used to document – and, more to the point, as executable documentation – for stamping out environments predictably. And still another feature: the ARM runtime handles a lot of the complex parts that could come by trying to script one resource at a time via imperative PowerShell scripts – for example, error recovery and retries.

The deck is on the event shared github repo.  There are lots of otherPowerShelly resources on that repo that you may find worth checking out.

(Added 03-June) For those of you who attended my Advanced session, when I attempted to clean up at the end using Remove-AzureRmResourceGroupDeployment, my PowerShell command had an error in it. Here is the correct version. In the first screen shot I show how to ascertain the correct value for  the first the parameter using Get-AzureRmResourceGroupDeployment.

Get-AzureRmResourceGroupDeployment

Remove-AzureRmResourceGroupDeployment `
   -Name Microsoft.Template -ResourceGroupName k1

Remove-AzureRmResourceGroupDeployment.png

Once that PowerShell command executed, all 8 resources associated with that deployment were removed (deleted, and billing stopped).

Ta da!

Hope to see all you locals at Boston Azure (@bostonazure) in the future for more Azurey action.

Talk: Spy vs. Spy (SQL Server vs. SQL #Azure SQL DB) at @NorthBTownAzure

Last night I spoke at the North Boston Azure cloud group, where the topic was Azure SQL Database – not just a cloud version of SQL Server. So much of the talk was interactive — a really high-energy discussion — big thanks to Jason for hosting me and to the group for a great conversation.

Here’s the deck I used:

comparing-azure-sql-database-and-sql-server-North-Boston-Azure-28-Mar-2017-bill-wilder

And here is some of the CLI 2.0 action, including the last line to clean up a resource group:


az login
az account set --subscription MySubscriptionName
./show-resourcegroup-contents.sh nbazure
z group delete -n nbazure --no-wait

Talk: my two talks from the 27th @BostonCodeCamp: 1. MFA & 2. #Azure Security Tips #boscc

Today the amazing Boston technology community put on their 27th Boston Code Camp. As usual, there were tons of great talks.

I presented twice. Materials are below.

Talk #1: 2FA, MFA, 2SA, OTP, RFP, OMG, WTF? How MFA works. 

Deck #1: BostonCodeCamp27-MFA-BillWilder-2017-Mar-25

Talk #2: 18 Specific Azure Security Tips. 

Deck #2: BostonCodeCamp27-18AzureSecurityTips-BillWilder-2017-Mar-25

 

 

Talk: SecureWorld Boston 2017 #SWBOS17- Using Public Cloud Platforms to Increase Enterprise Security

Spoke earlier today at SecureWorld Boston on Using Public Cloud Platforms to Increase Enterprise Security.

Deck is below:

SecureWorld Boston 2017 – Bill Wilder – Improving Enterprise Security with the Public Cloud – PUBLISHED

 

 

Talk: #Azure Cloud Platform – Guest Lecture for Zoran’s Harvard Class

Thanks Zoran for having me back again this year as a guest lecturer to help ensure your students don’t think AWS is the only cloud in the sky!

At the end I attempted to show how I could use the CLI from my macbook to clean up all my demo resources at once by deleting the containing resource group. It failed because I got the syntax wrong. I was typing something like azure resource delete Zoran, but ‘resource’ should have been ‘group’ and I failed to realize that at the time. I ran the correct command when I got home and it worked better. Here is my evidence… 🙂

delete-group

In case folks were wondering, the PowerShell command equivalent to azure group delete is:

Remove-AzureRmResourceGroup

The patterns I dug into are discussed in my book in chapters 2 (horizontal scaling) and 3 (queue pattern):

book-cover-medium.jpg

Talk: IoT has a dark side; #Azure DNS can help; Happy 7th Bday @BostonAzure

Boston Azure is 7 years old!

At today’s October Boston Azure meeting, we celebrated turning 7 years old, and had two talks. I presented one talk related to the Dyn DDoS outage from Friday Oct 21, which illustrated the dark side of IoT since it was used to power a huge DDoS attack on Dyn, taking down Netflix, Github, Spotify, and lots of other sites as collateral damage. In my talk I explained some of the background and how we addressed it with Azure DNS.

Here’s the deck for the “IoT has a dark side” talk:

Jim O’Neil provides some resource relating to his talk. There are listed AS A COMMENT on the meeting page (scroll below the meeting description page to comments – Meetup.com does not allow changing a meeting description after the meeting begins, so amendments tend to be as comments).

And here’s a photo of the evening – taken by @jimoneil (Jim), showing (L->R) Mark (@MHEisenberg), I’m in the middle (@codingoutloud), and @nazik_huq (Nazik Huq) – all who have helped @bostonazure (Boston Azure) thrive through the years. And not to forget about some others who were not present – like @georgebabey (George Babey), @haleyjason (Jason Haley), Michael Stiefel, and @squdgy (Maura Wilder) – who have all deserve credit for the success of the group through the years.

cv0rnylxyaetg_k

And finally, here’s Jim, the event’s featured speaker and the photographer and tweeter of the above photo. I think this photo was taken by @nazik_huq (Nazik Huq).

highres_455490152