Today I had the opportunity to speak at VT Code Camp #11 in Burlington, VT. As part of my series of talks on Running Azure Securely, my talk today was around defense in depth and was called Running Azure Securely – which of these Azure security features are for me?. The session was interactive, engaging a half-dozen folks in the audience in a discussion of how to defend various workloads using the (fictitious) page of photos app as a foil.
Some Resources Mentioned
- Azure is in 54 regions around the world
- Which services support Managed Identities? (works with Azure Active Directory – AAD)
- Azure Sentinel (SIEM) https://docs.microsoft.com/en-us/azure/sentinel/overview
- Azure Playbooks (automated actions from Azure Security Center): https://docs.microsoft.com/en-us/azure/security-center/security-center-playbooks
- Not mentioned, but might be of interest (more structured than the interactive format used today): https://blog.codingoutloud.com/2019/09/14/talk-running-sql-azure-securely-sql-saturday-877-14-sep-2019/
In this talk we’ll look at some ways to reason about which security controls you might want to apply and why. We’ll consider groups of Azure security features through a pragmatic lens of security best practices and defense-in-depth/breadth, but tempered by the reality that “more security” is not always the answer, but rather “what is the right security” for a situation. By the end of this talk you should have a better idea of the security feature set offered by Azure, why/when they might or might not be needed, and have discussed some ways to reason about how which are relevant you by helping you think about how to assess appropriately for multiple situations.
Do you have specific questions about the applicability of Azure security features already? Feel free to tweet your questions at Bill in advance to @codingoutloud and he’ll try to work answers to any questions into the talk in advance.
(if I can find one)