Today I had the opportunity to speak at the Granite State Code Camp (#GSCC2021) in Manchester, NH. This was the first time I’ve given an in-person talk since the start of COVID and it was great to see so many smiling facing (even when partially obscured by a mask!).
Last year my focus was a more in-the-weeds talk called Running Azure Securely – which of these Azure security features are for me?. This year I stepped back a level and focused on Compliance. In the session I discussed security vs. compliance, the shared responsibility model, and touched on a few other features, but spent a good bit of time focused on what I am thinking about as the “Policy stack” where one can gather lots of insight about your workload’s compliance with technology controls indicated by various compliance standards – based on the Azure Policy capabilities, a pillar of governance, and rolled up and available from
Azure Security Center Microsoft Defender for Cloud.
Azure Security Center as a brand is no more – it is part of a rebranding to Microsoft Defender for Cloud. I assume this renaming, announced at Ignite, is because it is a feature set that can span beyond Azure – for example, keeping an on on-premises resources and resources in non-Azure clouds like AWS.
The session was interactive (as preferred!) and many thanks to Kevin and Vishwas and the nice lady whose name I didn’t catch who I think worked for the college for help in overcoming technical limitations in the room I was speaking from.
If you want to experience MORE AZURE please check out https://meetup.com/bostonazure (currently operating as part of “Virtual Boston Azure”).
If you are someone who would like to SPEAK at Virtual Boston Azure, please get in touch. (Twitter is a good way to reach me – I am @codingoutloud – or you can address it to @bostonazure.)
Slide deck is attached.
Tonight I had the opportunity to speak at #VirtualBostonAzure to talk about raising the visibility of security signals in your environment by turning on your WAF. In demos the WAF available in Azure Front Door was used.
Yesterday I had the opportunity to speak at the Granite State Code Camp (#gscc) in Burlington, MA. As part of my series of talks on Running Azure Securely, my talk today was around defense in depth and was called Running Azure Securely – which of these Azure security features are for me?. The session was interactive, engaging a third-of-a-dozen folks in the audience in a discussion of how to defend various workloads using the (fictitious) page of photos app as a foil.
Slide deck attached.
Also perhaps of interest – a similar talk from the other Burlington – at the recent VT Code Camp – which has a few add’l resources listed: https://blog.codingoutloud.com/2019/09/28/talk-running-azure-securely-are-all-these-security-features-for-me/
Today I had the opportunity to speak at VT Code Camp #11 in Burlington, VT. As part of my series of talks on Running Azure Securely, my talk today was around defense in depth and was called Running Azure Securely – which of these Azure security features are for me?. The session was interactive, engaging a half-dozen folks in the audience in a discussion of how to defend various workloads using the (fictitious) page of photos app as a foil.
Some Resources Mentioned
Azure offers thousands of security features. Some of them are easy to use and others are complicated. Some are free to use and some look really, really expensive. Which ones should I be using for my applications?
In this talk we’ll look at some ways to reason about which security controls you might want to apply and why. We’ll consider groups of Azure security features through a pragmatic lens of security best practices and defense-in-depth/breadth, but tempered by the reality that “more security” is not always the answer, but rather “what is the right security” for a situation. By the end of this talk you should have a better idea of the security feature set offered by Azure, why/when they might or might not be needed, and have discussed some ways to reason about how which are relevant you by helping you think about how to assess appropriately for multiple situations.
Do you have specific questions about the applicability of Azure security features already? Feel free to tweet your questions at Bill in advance to @codingoutloud and he’ll try to work answers to any questions into the talk in advance.
(if I can find one)
Today I had the opportunity to speak at SQL Saturday #877 in Burlington, MA. As part of my series of talks on Running Azure Securely, my talk today was Running Azure SQL Database Securely and applied to Azure SQL DB and Azure SQL DB Managed Instances.
Some Resources Mentioned
Running Azure SQL DBs Securely – Bill Wilder – SQL Saturday #877 – 14-Sep-2019
If you know your way around SQL Server, then you will find Azure SQL Database to be familiar territory. But some aspects are more familiar than others, which is especially true for security-related differences.
In this session we review the key differences around identity management and authentication (including multi-factor authentication), managing server credentials (or, even better, not needing to in some cases), how to audit logins (probably not what you expect), an overview of encryption and data masking options, and the supporting role of Azure Key Vault. We will also touch on compliance and disaster recovery to give the complete picture of powerful features you’ll definitely want to know about to protect your data.
This talk will cover relevant capabilities for both traditional Azure SQL Databases and the newer Azure SQL Managed Instances.
This talk assumes you are already familiar with SQL Server or another enterprise database.
(Credit Taiob Ali @SqlWorldWide)
On Tuesday July, 30, 2019 I had the opportunity to speak at North Boston Azure. The talk was part of a series on Running Azure Securely and was called Are all these Azure security features for me? and was not really a “talk” in that it was highly interactive. For those who attended, you will recall we filled in some slides collaboratively. Thus, they may not appear so polished for those of you who did not join live. Either way, please find the slides (“collaborative” and all) below.
This was an experimental approach for me and the feedback from the audience tells me it worked pretty well. The group at North Boston Azure was already knowledgeable and engaged, so hopefully made for a interesting experience for all involved (was certainly fun for me).
You can follow me on Twitter (@codingoutloud).
You can also follow Boston Azure on Twitter (@bostonazure).
We had a great event at MIT on Saturday 27-April-2019 — the Boston Azure edition of the Global Azure Bootcamp hosted at MIT. There were lots of great session contributions – making this a true community effort.
Big thank you to local organizers Olimpia (@olimpiaestela), Veronika (@breakpointv16), Gladis, and Maura (@squdgy). We all worked closely with Jason (@haleyjason) who ran the Burlington MA event. And don’t forget those folks at the Global Azure Bootcamp level providing a platform making this possible for a coordinated day of #Global Azure cloudiness (https://global.azurebootcamp.net/).
The thanks continue with sponsors: MIT Women in Technology, Insight (formerly Blue Metal – https://www.insight.com/en_US/solve/digital-innovation.html), Finomial, and the Global Sponsors (https://global.azurebootcamp.net/sponsors/).
And a big thank you to the speakers – all who gave up a chunk of weekend to join us on a Saturday to share their knowledge (in order of appearance):
Attached are my slides:
The above graphic is from here: https://docs.microsoft.com/en-us/azure/event-grid/overview#event-sources
Here are some more links of interest:
- Some collected links (some repeated below): https://github.com/codingoutloud/bostonazurebootcamp2019/blob/master/README.md
- C# Script is real – not a hoax! 🙂 – https://msdn.microsoft.com/en-us/magazine/mt614271.aspx
- Azure Functions support C# Script (.csx files) – but also regular compiled C# (.cs on .NET Core)
- Example Azure Function written in regular compiled C#: https://github.com/codingoutloud/opstoolbox (especially https://github.com/codingoutloud/opstoolbox/blob/master/SslCertificateExpirationChecker.cs)
- Here are some example uses of the above:
- Event Grid:
- “Slide” I showed is below – it is from here: https://docs.microsoft.com/en-us/azure/event-grid/media/overview/functional-model.png
- Combine Azure Logic Apps with Azure Functions – https://docs.microsoft.com/en-us/azure/logic-apps/logic-apps-azure-functions#add-function-logic-app
- Similar to “follow-along lab” that tied together Subscription changes to an Azure Function using EventGrid
- Azure Blockchain Workbench:
At most recent Boston Azure meeting I give (what turns out to be…) the first part of a multi-part talk on Running Azure Securely. Even though I did not cover all this content, I’ve attached the whole powerpoint deck below.
Please watch for a Part II to be scheduled.
At the 29th Boston Code Camp, I spoke about Running Securely on Azure. Thanks to all of you who waited patiently for the A/V hookup challenges to be overcome.
Slides are here:
On Tuesday evening 27-Mar-2018 I had the pleasure of speaking to the Nashville Azure group about keeping workloads safe in the Azure cloud. Was a great group with a lot of interesting questions and dialog. They even helped to answer each others’ questions when I didn’t have answers, which is the best outcome of all.
For those interested in the deck I used, please find it below.