SlideShare a Scribd company logo

Cloudbrew 2019 - Azure Security

Download as PPTX, PDF
T
Tom Janetscheck

In today's cloud era, admins struggle to keep their IT infrastructures safe. Cloud security is joint responsibility and what we need is a new approach! In this session, you will learn how to securely deploy and maintain Azure infrastructure solutions, why automation is essential, what network security and encryption options you have, and how access control can prevent you from having sleepless nights. We will successfully attack an Azure environment live on stage, dive deep into Azure Security Center, and see how we can use it to ultimately secure IT infrastructures on premises, hybrid, and on Azure.

Technology
1 of 45
#TechforPeople.
welcome.
Innovative technology consulting for business. Azure Infrastructure SecurityUltimate security in the cloud era Tom Janetscheck, Principal Cloud Security Architect & Microsoft MVP
about me. Tom Janetscheck Principal Cloud Security Architect @ Devoteam Alegri Focused on Azure Identity, Security, Governance, and Infrastructure Community Lead of Azure Meetup Saarbrücken Co-organizer of Azure Saturday Tech blogger and book author @azureandbeyond https://blog.azureandbeyond.com
● Cloud security challenges Why is cloud security so difficult and identity security so important? ● Azure Governance Define your guardrails to enable security ● Azure Security Center Improve your hybrid cloud security posture ● Microsoft Intelligent Security Graph Unique insights, informed by trillions of signals ● Best practices ● Demo agenda.
Federal criminal agency – 2018 cybercrime situation report 87.000 cases of cybercrime in 2018 60.000.000 € amount of damage with an immense dark figure Estimated amount of damage according to Bitcom: 100.000.000.000 (!) € per yearSource: BKA - 2018 Cybercrime situation report
Today‘s cloud security challenges Increasingly sophisticated attacks It’s both, a strength and a challenge of the cloud. How do you make sure that ever-changing services are up to your security standards? Attack automation and evasion techniques are evolving along multiple dimensions We need human expertise, adaptability, and creativity to combat human threat actors.
Office 365 Modernizing the security perimeter • • + =  
Cloud Security is a Shared Responsibility Securing and managing the cloud foundation JOINT RESPONSIBILITYMICROSOFT COMMITMENT Physical assets Datacenter operations Cloud infrastructure Securing and managing your cloud resources Virtual machines Applications & workloads Data
Governance – a definition Establishment of policies, and continuous monitoring of their proper implementation, by the members of the governing body of an organization[…]1 1Source: BusinessDictionary
5 tips and best practices Common Sense Protect your IDs and implement RBAC Use tags and policies Secure your network Monitor your resources
5 tips and best practices Common Sense Protect your IDs and implement RBAC Use tags and policies Secure your network Monitor your resources
5 tips and best practices Protect your IDs and implement RBAC Use tags and policies Secure your network Monitor your resources Common Sense
Identity protection is essential! uuuuuuu uu$$$$$$$$$$$uu uu$$$$$$$$$$$$$$$$$uu u$$$$$$$$$$$$$$$$$$$$$u u$$$$$$$$$$$$$$$$$$$$$$$u u$$$$$$$$$$$$$$$$$$$$$$$$$u u$$$$$$$$$$$$$$$$$$$$$$$$$u u$$$$$$" "$$$" "$$$$$$u "$$$$" u$u $$$$" $$$u u$u u$$$ $$$u u$$$u u$$$ "$$$$uu$$$ $$$uu$$$$" "$$$$$$$" "$$$$$$$" u$$$$$$$u$$$$$$$u u$"$"$"$"$"$"$u uuu $$u$ $ $ $ $u$$ uuu u$$$$ $$$$$u$u$u$$$ u$$$$ $$$$$uu "$$$$$$$$$" uu$$$$$$ u$$$$$$$$$$$uu """"" uuuu$$$$$$$$$$ $$$$"""$$$$$$$$$$uuu uu$$$$$$$$$"""$$$" """ ""$$$$$$$$$$$uu ""$""" uuuu ""$$$$$$$$$$uuu u$$$uuu$$$$$$$$$uu ""$$$$$$$$$$$uuu$$$ $$$$$$$$$$"""" ""$$$$$$$$$$$" "$$$$$" ""$$$$"" $$$" $$$$" 88 88 88 88 88 88 88 88 88 88,dPPYba, ,adPPYYba, ,adPPYba, 88 ,d8 ,adPPYba, ,adPPYb,88 88P' "8a "" `Y8 a8" "" 88 ,a8" a8P_____88 a8" `Y88 88 88 ,adPPPPP88 8b 8888[ 8PP""""""" 8b 88 88 88 88, ,88 "8a, ,aa 88`"Yba, "8b, ,aa "8a, ,d88 88 88 `"8bbdP"Y8 `"Ybbd8"' 88 `Y8a `"Ybbd8"' `"8bbdP"Y8 Implement multi- factor authentication Adhere to the principle of least privilege Establish privileged identity/access management (PIM/PAM) Enable conditional access policies Use passphrases rather than (complex) passwords or go password-less
Identity protection is essential! oooo$$$$$$$$$$$$oooo oo$$$$$$$$$$$$$$$$$$$$$$$$o oo$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$o o$ $$ o$ o $ oo o$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$o $$ $$ $$o$ oo $ $ "$ o$$$$$$$$$ $$$$$$$$$$$$$ $$$$$$$$$o $$$o$$o$ "$$$$$$o$ o$$$$$$$$$ $$$$$$$$$$$ $$$$$$$$$$o $$$$$$$$ $$$$$$$ $$$$$$$$$$$ $$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$ $$$$$$$$$$$$$$ """$$$ "$$$""""$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ "$$$ $$$ o$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ "$$$o o$$" $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$o $$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" "$$$$$$ooooo$$$$o o$$$oooo$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ o$$$$$$$$$$$$$$$$$ $$$$$$$$"$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$"""""""" """" $$$$ "$$$$$$$$$$$$$$$$$$$$$$$$$$$$" o$$$ "$$$o """$$$$$$$$$$$$$$$$$$"$$" $$$ $$$o "$$""$$$$$$"""" o$$$ $$$$o oo o$$$" "$$$$o o$$$$$$o"$$$$o o$$$$ "$$$$$oo ""$$$$o$$$$$o o$$$$"" ""$$$$$oooo "$$$o$$$$$$$$$""" ""$$$$$$$oo $$$$$$$$$$ """"$$$$$$$$$$$ $$$$$$$$$$$$ $$$$$$$$$$" "$$$""""
Role-based access control 1. Security principal = user, group, service principal
Role-based access control 1. Security principal = user, group, service principal 2. Role definition = set of management rights Owner Contributor Reader … Backup Operator Security Reader User Access Administrator Virtual Machine Contributor Reader Support Tickets Virtual Machine Operator Built in Custom
Role-based access control 1. Security principal = user, group, service principal 2. Role definition = set of management rights Owner Contributor Reader … Backup Operator Security Reader User Access Administrator Virtual Machine Contributor Reader Support Tickets Virtual Machine Operator Built in Custom Contributor "permissions": [ { "actions": [ "*" ], "notActions": [ "Authorization/*/Delete" "Authorization/*/Write" "Authorization/elevateAccess/Action" ], "dataActions": [ ], "notDataActions": [ ], } ],
Role-based access control 1. Security principal = user, group, service principal 2. Role definition = set of management rights 3. Scope = MG, subscription, RG, resource Owner Contributor Reader … Backup Operator Security Reader User Access Administrator Virtual Machine Contributor Reader Support Tickets Virtual Machine Operator Built in Custom Contributor "permissions": [ { "actions": [ "*" ], "notActions": [ "Authorization/*/Delete" "Authorization/*/Write" "Authorization/elevateAccess/Action" ], "dataActions": [ ], "notDataActions": [ ], } ], Azure subscription Resource group Management Group
Role-based access control – Role assignment Owner Contributor Reader … Backup Operator Security Reader User Access Administrator Virtual Machine Contributor Reader Support Tickets Virtual Machine Operator Built in Custom "actions": [ "*" ], "notActions": [ "Auth/*/Delete" "Auth/*/Write" "Auth/elevate… ], Azure subscription Resource group Management Group DevOps Group Contributor DevOps Resource Group Role Assignment
5 tips and best practices Protect your IDs and implement RBAC Use tags and policies Secure your network Monitor your resources Common Sense
5 tips and best practices Use tags and policies Secure your network Monitor your resources Common Sense Protect your IDs and implement RBAC
Resource Tags Name:Value, e.g. CostCenter:ProdIT, ResourceOwner:Tom Help to define responsibility and view consolidated billing Always tag RGs • Owner • Dept • CostCenter • […] Tag resources as needed Define tags in advance
Resource Policies Rule enforcements on MG, subscription or RG level Initiative definitions vs. Policy definitions Effect types: • Append • Deny • Audit
5 tips and best practices Use tags and policies Secure your network Monitor your resources Common Sense Protect your IDs and implement RBAC
5 tips and best practices Secure your network Monitor your resources Common Sense Protect your IDs and implement RBAC Use tags and policies
Hybrid network risks
5 tips and best practices Secure your network Monitor your resources Common Sense Protect your IDs and implement RBAC Use tags and policies
5 tips and best practices Monitor your resources Common Sense Protect your IDs and implement RBAC Use tags and policies Secure your network
Azure Security Center
Microsoft Azure Security Center Security Center assesses your environment and enables you to understand the status of your resources, and whether they are secure. Enable actionable, adaptive protections that identify and mitigate risk to reduce exposure to attacks Use advanced analytics and Microsoft Intelligent Security Graph to rapidly detect and respond to evolving cyber threats
Strengthen your security posture Identify shadow IT subscriptions Optimize and improve resource security Continous assessments
Microsoft Azure Security Center Security Center assesses your environment and enables you to understand the status of your resources, and whether they are secure. Enable actionable, adaptive protections that identify and mitigate risk to reduce exposure to attacks Use advanced analytics and Microsoft Intelligent Security Graph to rapidly detect and respond to evolving cyber threats
Adaptive threat prevention Advanced Threat Protection Native integration with Microsoft Defender ATP for Windows machines Advanced Threat Detection for Linux machines
Microsoft Azure Security Center Security Center assesses your environment and enables you to understand the status of your resources, and whether they are secure. Enable actionable, adaptive protections that identify and mitigate risk to reduce exposure to attacks Use advanced analytics and Microsoft Intelligent Security Graph to rapidly detect and respond to evolving cyber threats
Microsoft Intelligent Security Graph
Inside the Intelligent Security Graph Microsoft Trust Center
Protect your cloud storage/networkin g! Data leaks in the cloud often refer to unprotected/publicly available storage accounts or configuration issues in both, platform and infrastructure services.
Protect your identities! Most of today’s cyber attacks are identity-focused. Keep that in mind when planning your security strategy.
Have your governance ready! You need to define rules as guardrails to avoid shadow IT and other security issues.
Monitor the heck out of everything! You need to know what’s going on in your environment. Massive telemetry is necessary!
Repeat! Cloud security is an ongoing process. Make sure you regularly assess your current configuration by leveraging automation tools.
Witness on-stage live attacks, see adaptive identity protection, passwordless signins and MFA, and learn how Azure Security Center can help you to protect your hybrid cloud environment. demo.
thank you. #TechforPeople.

Recommended

Importance of Azure infrastructure?-Microsoft Azure security infrastructure
Importance of Azure infrastructure?-Microsoft Azure security infrastructure Importance of Azure infrastructure?-Microsoft Azure security infrastructure
Importance of Azure infrastructure?-Microsoft Azure security infrastructureZabeel Institute
 
What is Microsoft Azure security technologies?-Microsoft Azure security techn...
What is Microsoft Azure security technologies?-Microsoft Azure security techn...What is Microsoft Azure security technologies?-Microsoft Azure security techn...
What is Microsoft Azure security technologies?-Microsoft Azure security techn...Zabeel Institute
 
What is Microsoft Azure Security?-Microsoft Azure security
What is Microsoft Azure Security?-Microsoft Azure security What is Microsoft Azure Security?-Microsoft Azure security
What is Microsoft Azure Security?-Microsoft Azure securityZabeel Institute
 
Security on Windows Azure
Security on Windows AzureSecurity on Windows Azure
Security on Windows AzureHaddy El-Haggan
 
Global Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security CenterGlobal Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security CenterScott Hoag
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to HeroKasun Rajapakse
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
Power of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityPower of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityBruno Capuano
 

Recommended

Importance of Azure infrastructure?-Microsoft Azure security infrastructure
Importance of Azure infrastructure?-Microsoft Azure security infrastructure Importance of Azure infrastructure?-Microsoft Azure security infrastructure
Importance of Azure infrastructure?-Microsoft Azure security infrastructureZabeel Institute
 
What is Microsoft Azure security technologies?-Microsoft Azure security techn...
What is Microsoft Azure security technologies?-Microsoft Azure security techn...What is Microsoft Azure security technologies?-Microsoft Azure security techn...
What is Microsoft Azure security technologies?-Microsoft Azure security techn...Zabeel Institute
 
What is Microsoft Azure Security?-Microsoft Azure security
What is Microsoft Azure Security?-Microsoft Azure security What is Microsoft Azure Security?-Microsoft Azure security
What is Microsoft Azure Security?-Microsoft Azure securityZabeel Institute
 
Security on Windows Azure
Security on Windows AzureSecurity on Windows Azure
Security on Windows AzureHaddy El-Haggan
 
Global Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security CenterGlobal Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security CenterScott Hoag
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to HeroKasun Rajapakse
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
Power of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityPower of the cloud - Introduction to azure security
Power of the cloud - Introduction to azure securityBruno Capuano
 
Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips Mario Worwell
 
Stefan van der Wiele | Protect users identities and control access to valuabl...
Stefan van der Wiele | Protect users identities and control access to valuabl...Stefan van der Wiele | Protect users identities and control access to valuabl...
Stefan van der Wiele | Protect users identities and control access to valuabl...Microsoft Österreich
 
CCI2018 - Azure Security Center - Stato dell’arte e roadmap
CCI2018 - Azure Security Center - Stato dell’arte e roadmapCCI2018 - Azure Security Center - Stato dell’arte e roadmap
CCI2018 - Azure Security Center - Stato dell’arte e roadmapwalk2talk srl
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
Nicholas DiCola | Secure your IT resources with Azure Security Center
Nicholas DiCola | Secure your IT resources with Azure Security CenterNicholas DiCola | Secure your IT resources with Azure Security Center
Nicholas DiCola | Secure your IT resources with Azure Security CenterMicrosoft Österreich
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyMicrosoft Österreich
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityHari Kumar
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingRobert Herjavec
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security FundamentalsLorenzo Barbieri
 
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6Knowledge & Experience
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security CenterLalit Rawat
 
Azure sentinal
Azure sentinalAzure sentinal
Azure sentinalAllied Consultants
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security CenterCheah Eng Soon
 
Azure vm introduction
Azure vm introductionAzure vm introduction
Azure vm introductionLalit Rawat
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - KeynoteAndrew Bettany
 
Govern Your Cloud: The Foundation for Success
Govern Your Cloud: The Foundation for SuccessGovern Your Cloud: The Foundation for Success
Govern Your Cloud: The Foundation for SuccessAlert Logic
 
The Top Cloud Security Issues
The Top Cloud Security IssuesThe Top Cloud Security Issues
The Top Cloud Security IssuesHTS Hosting
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architectureKarl Ots
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure SentinelMighty Guides, Inc.
 
Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudCloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudTom Janetscheck
 
Experts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityExperts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityTom Janetscheck
 

More Related Content

What's hot

Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips Mario Worwell
 
Stefan van der Wiele | Protect users identities and control access to valuabl...
Stefan van der Wiele | Protect users identities and control access to valuabl...Stefan van der Wiele | Protect users identities and control access to valuabl...
Stefan van der Wiele | Protect users identities and control access to valuabl...Microsoft Österreich
 
CCI2018 - Azure Security Center - Stato dell’arte e roadmap
CCI2018 - Azure Security Center - Stato dell’arte e roadmapCCI2018 - Azure Security Center - Stato dell’arte e roadmap
CCI2018 - Azure Security Center - Stato dell’arte e roadmapwalk2talk srl
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
Nicholas DiCola | Secure your IT resources with Azure Security Center
Nicholas DiCola | Secure your IT resources with Azure Security CenterNicholas DiCola | Secure your IT resources with Azure Security Center
Nicholas DiCola | Secure your IT resources with Azure Security CenterMicrosoft Österreich
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyMicrosoft Österreich
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityHari Kumar
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingRobert Herjavec
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security FundamentalsLorenzo Barbieri
 
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6Knowledge & Experience
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security CenterLalit Rawat
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security CenterCheah Eng Soon
 
Azure vm introduction
Azure vm introductionAzure vm introduction
Azure vm introductionLalit Rawat
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - KeynoteAndrew Bettany
 
Govern Your Cloud: The Foundation for Success
Govern Your Cloud: The Foundation for SuccessGovern Your Cloud: The Foundation for Success
Govern Your Cloud: The Foundation for SuccessAlert Logic
 
The Top Cloud Security Issues
The Top Cloud Security IssuesThe Top Cloud Security Issues
The Top Cloud Security IssuesHTS Hosting
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architectureKarl Ots
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure SentinelMighty Guides, Inc.
 

What's hot (20)

Azure Sentinel Tips
Azure Sentinel Tips Azure Sentinel Tips
Azure Sentinel Tips
 
Stefan van der Wiele | Protect users identities and control access to valuabl...
Stefan van der Wiele | Protect users identities and control access to valuabl...Stefan van der Wiele | Protect users identities and control access to valuabl...
Stefan van der Wiele | Protect users identities and control access to valuabl...
 
CCI2018 - Azure Security Center - Stato dell’arte e roadmap
CCI2018 - Azure Security Center - Stato dell’arte e roadmapCCI2018 - Azure Security Center - Stato dell’arte e roadmap
CCI2018 - Azure Security Center - Stato dell’arte e roadmap
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacks
 
Nicholas DiCola | Secure your IT resources with Azure Security Center
Nicholas DiCola | Secure your IT resources with Azure Security CenterNicholas DiCola | Secure your IT resources with Azure Security Center
Nicholas DiCola | Secure your IT resources with Azure Security Center
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 
Cloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls SecurityCloud Computing Security - Cloud Controls Security
Cloud Computing Security - Cloud Controls Security
 
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud ComputingLIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
 
Azure Security Fundamentals
Azure Security FundamentalsAzure Security Fundamentals
Azure Security Fundamentals
 
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6
Microsot Azure IoT Security for IoT ALGYAN Tech Seminar 2020/2/6
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security Center
 
Azure sentinal
Azure sentinalAzure sentinal
Azure sentinal
 
Getting Started with Azure Security Center
Getting Started with Azure Security CenterGetting Started with Azure Security Center
Getting Started with Azure Security Center
 
Azure vm introduction
Azure vm introductionAzure vm introduction
Azure vm introduction
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - Keynote
 
Govern Your Cloud: The Foundation for Success
Govern Your Cloud: The Foundation for SuccessGovern Your Cloud: The Foundation for Success
Govern Your Cloud: The Foundation for Success
 
The Top Cloud Security Issues
The Top Cloud Security IssuesThe Top Cloud Security Issues
The Top Cloud Security Issues
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel
 

Similar to Cloudbrew 2019 - Azure Security

Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudCloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudTom Janetscheck
 
Experts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityExperts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityTom Janetscheck
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfJustinBrown267905
 
SC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security SolutionsSC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security SolutionsFredBrandonAuthorMCP
 
Top 10 cloud security tools to adopt in 2024.pdf
Top 10 cloud security tools to adopt in 2024.pdfTop 10 cloud security tools to adopt in 2024.pdf
Top 10 cloud security tools to adopt in 2024.pdfSparity1
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security OperationsAmazon Web Services
 
So You Want a Job in Cybersecurity
So You Want a Job in CybersecuritySo You Want a Job in Cybersecurity
So You Want a Job in CybersecurityTeri Radichel
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security OperationsEvident.io
 
DIY guide to runbooks, incident reports, and incident response
DIY guide to runbooks, incident reports, and incident responseDIY guide to runbooks, incident reports, and incident response
DIY guide to runbooks, incident reports, and incident responseNathan Case
 
Risk Management for Public Cloud Projects
Risk Management for Public Cloud ProjectsRisk Management for Public Cloud Projects
Risk Management for Public Cloud ProjectsAlex Mags
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security OverviewRobert Crane
 
Remediate and secure your organization with azure sentinel
Remediate and secure your organization with azure sentinelRemediate and secure your organization with azure sentinel
Remediate and secure your organization with azure sentinelSamik Roy
 
Azure Fundamentals Part 3
Azure Fundamentals Part 3Azure Fundamentals Part 3
Azure Fundamentals Part 3CCG
 
Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...
Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...
Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...Amazon Web Services
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud securityRaj Sarode
 
Azure Forensics & Incident Response
Azure Forensics & Incident ResponseAzure Forensics & Incident Response
Azure Forensics & Incident ResponseChristopher Doman
 
Elastic Security Brochure
Elastic Security BrochureElastic Security Brochure
Elastic Security BrochureJoseph DeFever
 

Similar to Cloudbrew 2019 - Azure Security (20)

Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft CloudCloudbrew 2019 - Threat hunting with the Microsoft Cloud
Cloudbrew 2019 - Threat hunting with the Microsoft Cloud
 
Experts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure SecurityExperts Live Norway - Azure Infrastructure Security
Experts Live Norway - Azure Infrastructure Security
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
SC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security SolutionsSC-900 Capabilities of Microsoft Security Solutions
SC-900 Capabilities of Microsoft Security Solutions
 
Implementing Governance as Code
Implementing Governance as CodeImplementing Governance as Code
Implementing Governance as Code
 
Top 10 cloud security tools to adopt in 2024.pdf
Top 10 cloud security tools to adopt in 2024.pdfTop 10 cloud security tools to adopt in 2024.pdf
Top 10 cloud security tools to adopt in 2024.pdf
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
 
So You Want a Job in Cybersecurity
So You Want a Job in CybersecuritySo You Want a Job in Cybersecurity
So You Want a Job in Cybersecurity
 
cybersecurity-careers.pdf
cybersecurity-careers.pdfcybersecurity-careers.pdf
cybersecurity-careers.pdf
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
 
DIY guide to runbooks, incident reports, and incident response
DIY guide to runbooks, incident reports, and incident responseDIY guide to runbooks, incident reports, and incident response
DIY guide to runbooks, incident reports, and incident response
 
Risk Management for Public Cloud Projects
Risk Management for Public Cloud ProjectsRisk Management for Public Cloud Projects
Risk Management for Public Cloud Projects
 
Microsoft 365 Security Overview
Microsoft 365 Security OverviewMicrosoft 365 Security Overview
Microsoft 365 Security Overview
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
 
Remediate and secure your organization with azure sentinel
Remediate and secure your organization with azure sentinelRemediate and secure your organization with azure sentinel
Remediate and secure your organization with azure sentinel
 
Azure Fundamentals Part 3
Azure Fundamentals Part 3Azure Fundamentals Part 3
Azure Fundamentals Part 3
 
Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...
Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...
Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
 
Azure Forensics & Incident Response
Azure Forensics & Incident ResponseAzure Forensics & Incident Response
Azure Forensics & Incident Response
 
Elastic Security Brochure
Elastic Security BrochureElastic Security Brochure
Elastic Security Brochure
 

Recently uploaded

SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 

Recently uploaded (20)

SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 

Cloudbrew 2019 - Azure Security

  • 3. Innovative technology consulting for business. Azure Infrastructure SecurityUltimate security in the cloud era Tom Janetscheck, Principal Cloud Security Architect & Microsoft MVP
  • 4. about me. Tom Janetscheck Principal Cloud Security Architect @ Devoteam Alegri Focused on Azure Identity, Security, Governance, and Infrastructure Community Lead of Azure Meetup Saarbrücken Co-organizer of Azure Saturday Tech blogger and book author @azureandbeyond https://blog.azureandbeyond.com
  • 5. ● Cloud security challenges Why is cloud security so difficult and identity security so important? ● Azure Governance Define your guardrails to enable security ● Azure Security Center Improve your hybrid cloud security posture ● Microsoft Intelligent Security Graph Unique insights, informed by trillions of signals ● Best practices ● Demo agenda.
  • 6. Federal criminal agency – 2018 cybercrime situation report 87.000 cases of cybercrime in 2018 60.000.000 € amount of damage with an immense dark figure Estimated amount of damage according to Bitcom: 100.000.000.000 (!) € per yearSource: BKA - 2018 Cybercrime situation report
  • 7. Today‘s cloud security challenges Increasingly sophisticated attacks It’s both, a strength and a challenge of the cloud. How do you make sure that ever-changing services are up to your security standards? Attack automation and evasion techniques are evolving along multiple dimensions We need human expertise, adaptability, and creativity to combat human threat actors.
  • 8. Office 365 Modernizing the security perimeter • • + =  
  • 9. Cloud Security is a Shared Responsibility Securing and managing the cloud foundation JOINT RESPONSIBILITYMICROSOFT COMMITMENT Physical assets Datacenter operations Cloud infrastructure Securing and managing your cloud resources Virtual machines Applications & workloads Data
  • 10. Governance – a definition Establishment of policies, and continuous monitoring of their proper implementation, by the members of the governing body of an organization[…]1 1Source: BusinessDictionary
  • 11. 5 tips and best practices Common Sense Protect your IDs and implement RBAC Use tags and policies Secure your network Monitor your resources
  • 12.
  • 13. 5 tips and best practices Common Sense Protect your IDs and implement RBAC Use tags and policies Secure your network Monitor your resources
  • 14. 5 tips and best practices Protect your IDs and implement RBAC Use tags and policies Secure your network Monitor your resources Common Sense
  • 15. Identity protection is essential! uuuuuuu uu$$$$$$$$$$$uu uu$$$$$$$$$$$$$$$$$uu u$$$$$$$$$$$$$$$$$$$$$u u$$$$$$$$$$$$$$$$$$$$$$$u u$$$$$$$$$$$$$$$$$$$$$$$$$u u$$$$$$$$$$$$$$$$$$$$$$$$$u u$$$$$$" "$$$" "$$$$$$u "$$$$" u$u $$$$" $$$u u$u u$$$ $$$u u$$$u u$$$ "$$$$uu$$$ $$$uu$$$$" "$$$$$$$" "$$$$$$$" u$$$$$$$u$$$$$$$u u$"$"$"$"$"$"$u uuu $$u$ $ $ $ $u$$ uuu u$$$$ $$$$$u$u$u$$$ u$$$$ $$$$$uu "$$$$$$$$$" uu$$$$$$ u$$$$$$$$$$$uu """"" uuuu$$$$$$$$$$ $$$$"""$$$$$$$$$$uuu uu$$$$$$$$$"""$$$" """ ""$$$$$$$$$$$uu ""$""" uuuu ""$$$$$$$$$$uuu u$$$uuu$$$$$$$$$uu ""$$$$$$$$$$$uuu$$$ $$$$$$$$$$"""" ""$$$$$$$$$$$" "$$$$$" ""$$$$"" $$$" $$$$" 88 88 88 88 88 88 88 88 88 88,dPPYba, ,adPPYYba, ,adPPYba, 88 ,d8 ,adPPYba, ,adPPYb,88 88P' "8a "" `Y8 a8" "" 88 ,a8" a8P_____88 a8" `Y88 88 88 ,adPPPPP88 8b 8888[ 8PP""""""" 8b 88 88 88 88, ,88 "8a, ,aa 88`"Yba, "8b, ,aa "8a, ,d88 88 88 `"8bbdP"Y8 `"Ybbd8"' 88 `Y8a `"Ybbd8"' `"8bbdP"Y8 Implement multi- factor authentication Adhere to the principle of least privilege Establish privileged identity/access management (PIM/PAM) Enable conditional access policies Use passphrases rather than (complex) passwords or go password-less
  • 16. Identity protection is essential! oooo$$$$$$$$$$$$oooo oo$$$$$$$$$$$$$$$$$$$$$$$$o oo$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$o o$ $$ o$ o $ oo o$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$o $$ $$ $$o$ oo $ $ "$ o$$$$$$$$$ $$$$$$$$$$$$$ $$$$$$$$$o $$$o$$o$ "$$$$$$o$ o$$$$$$$$$ $$$$$$$$$$$ $$$$$$$$$$o $$$$$$$$ $$$$$$$ $$$$$$$$$$$ $$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$$$$$$$$$$$ $$$$$$$$$$$$$ $$$$$$$$$$$$$$ """$$$ "$$$""""$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ "$$$ $$$ o$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ "$$$o o$$" $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$o $$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$" "$$$$$$ooooo$$$$o o$$$oooo$$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ o$$$$$$$$$$$$$$$$$ $$$$$$$$"$$$$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$$"""""""" """" $$$$ "$$$$$$$$$$$$$$$$$$$$$$$$$$$$" o$$$ "$$$o """$$$$$$$$$$$$$$$$$$"$$" $$$ $$$o "$$""$$$$$$"""" o$$$ $$$$o oo o$$$" "$$$$o o$$$$$$o"$$$$o o$$$$ "$$$$$oo ""$$$$o$$$$$o o$$$$"" ""$$$$$oooo "$$$o$$$$$$$$$""" ""$$$$$$$oo $$$$$$$$$$ """"$$$$$$$$$$$ $$$$$$$$$$$$ $$$$$$$$$$" "$$$""""
  • 17. Role-based access control 1. Security principal = user, group, service principal
  • 18. Role-based access control 1. Security principal = user, group, service principal 2. Role definition = set of management rights Owner Contributor Reader … Backup Operator Security Reader User Access Administrator Virtual Machine Contributor Reader Support Tickets Virtual Machine Operator Built in Custom
  • 19. Role-based access control 1. Security principal = user, group, service principal 2. Role definition = set of management rights Owner Contributor Reader … Backup Operator Security Reader User Access Administrator Virtual Machine Contributor Reader Support Tickets Virtual Machine Operator Built in Custom Contributor "permissions": [ { "actions": [ "*" ], "notActions": [ "Authorization/*/Delete" "Authorization/*/Write" "Authorization/elevateAccess/Action" ], "dataActions": [ ], "notDataActions": [ ], } ],
  • 20. Role-based access control 1. Security principal = user, group, service principal 2. Role definition = set of management rights 3. Scope = MG, subscription, RG, resource Owner Contributor Reader … Backup Operator Security Reader User Access Administrator Virtual Machine Contributor Reader Support Tickets Virtual Machine Operator Built in Custom Contributor "permissions": [ { "actions": [ "*" ], "notActions": [ "Authorization/*/Delete" "Authorization/*/Write" "Authorization/elevateAccess/Action" ], "dataActions": [ ], "notDataActions": [ ], } ], Azure subscription Resource group Management Group
  • 21. Role-based access control – Role assignment Owner Contributor Reader … Backup Operator Security Reader User Access Administrator Virtual Machine Contributor Reader Support Tickets Virtual Machine Operator Built in Custom "actions": [ "*" ], "notActions": [ "Auth/*/Delete" "Auth/*/Write" "Auth/elevate… ], Azure subscription Resource group Management Group DevOps Group Contributor DevOps Resource Group Role Assignment
  • 22. 5 tips and best practices Protect your IDs and implement RBAC Use tags and policies Secure your network Monitor your resources Common Sense
  • 23. 5 tips and best practices Use tags and policies Secure your network Monitor your resources Common Sense Protect your IDs and implement RBAC
  • 24. Resource Tags Name:Value, e.g. CostCenter:ProdIT, ResourceOwner:Tom Help to define responsibility and view consolidated billing Always tag RGs • Owner • Dept • CostCenter • […] Tag resources as needed Define tags in advance
  • 25. Resource Policies Rule enforcements on MG, subscription or RG level Initiative definitions vs. Policy definitions Effect types: • Append • Deny • Audit
  • 26. 5 tips and best practices Use tags and policies Secure your network Monitor your resources Common Sense Protect your IDs and implement RBAC
  • 27. 5 tips and best practices Secure your network Monitor your resources Common Sense Protect your IDs and implement RBAC Use tags and policies
  • 29. 5 tips and best practices Secure your network Monitor your resources Common Sense Protect your IDs and implement RBAC Use tags and policies
  • 30. 5 tips and best practices Monitor your resources Common Sense Protect your IDs and implement RBAC Use tags and policies Secure your network
  • 32. Microsoft Azure Security Center Security Center assesses your environment and enables you to understand the status of your resources, and whether they are secure. Enable actionable, adaptive protections that identify and mitigate risk to reduce exposure to attacks Use advanced analytics and Microsoft Intelligent Security Graph to rapidly detect and respond to evolving cyber threats
  • 33. Strengthen your security posture Identify shadow IT subscriptions Optimize and improve resource security Continous assessments
  • 34. Microsoft Azure Security Center Security Center assesses your environment and enables you to understand the status of your resources, and whether they are secure. Enable actionable, adaptive protections that identify and mitigate risk to reduce exposure to attacks Use advanced analytics and Microsoft Intelligent Security Graph to rapidly detect and respond to evolving cyber threats
  • 35. Adaptive threat prevention Advanced Threat Protection Native integration with Microsoft Defender ATP for Windows machines Advanced Threat Detection for Linux machines
  • 36. Microsoft Azure Security Center Security Center assesses your environment and enables you to understand the status of your resources, and whether they are secure. Enable actionable, adaptive protections that identify and mitigate risk to reduce exposure to attacks Use advanced analytics and Microsoft Intelligent Security Graph to rapidly detect and respond to evolving cyber threats
  • 38. Inside the Intelligent Security Graph Microsoft Trust Center
  • 39. Protect your cloud storage/networkin g! Data leaks in the cloud often refer to unprotected/publicly available storage accounts or configuration issues in both, platform and infrastructure services.
  • 40. Protect your identities! Most of today’s cyber attacks are identity-focused. Keep that in mind when planning your security strategy.
  • 41. Have your governance ready! You need to define rules as guardrails to avoid shadow IT and other security issues.
  • 42. Monitor the heck out of everything! You need to know what’s going on in your environment. Massive telemetry is necessary!
  • 43. Repeat! Cloud security is an ongoing process. Make sure you regularly assess your current configuration by leveraging automation tools.
  • 44. Witness on-stage live attacks, see adaptive identity protection, passwordless signins and MFA, and learn how Azure Security Center can help you to protect your hybrid cloud environment. demo.

Editor's Notes

  1. SIEM Security Information and Event Management SOAR security orchestration automation and response
  2. ASC is supercharged by the Microsoft Intelligent Security Graph
  3. Unique insights, informed by trillions of signals