Cyber Security on Azure: An IT Professional’s Guide to Microsoft Azure Security Center
Improving Application Security With Azure
-
Upload
softchoice-corporation -
Category
Technology
-
view
371 -
download
3
Transcript of Improving Application Security With Azure
![Page 1: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/1.jpg)
SECRUE APPLICATION ARCHITECTURE IN AZURE
![Page 2: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/2.jpg)
Intro: Your Presenter
Tadd AxonMicrosoft Services Practice
Lead
• MS Practice Lead
• Background in IT Operations, system architecture,
• Information security, security & compliance audit
![Page 3: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/3.jpg)
Agenda
• Public cloud has changed the (development) world
• Tools to support secure application architecture
• Cloud Provider Capabilities to support security
• Technologies to accelerate secure application development
• The Learning Curve
• Demo
• Q&A – Post an IM anytime
![Page 4: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/4.jpg)
Impact of Public Cloud
• Tools, capabilities, and technologies once only available to large enterprise are now accessible and affordable
• The burden of maintaining the supporting infrastructure for these is greatly reduced
• Responsibility for delivery of security is split o Cloud provider has contractual obligation to provide secure foundation and
it serves their best interest to do so, and provide transparencyo Cloud provider shoulders the burden for attracting and retaining security talento Cloud consumer focusses on the security of the application versus application
and entire supporting infrastructure
![Page 5: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/5.jpg)
Supporting Tools for Secure Applications
TOOL CAPABILITY
Azure Security Center Alerts, Analysis, Recommendations
Azure AD Identity Protection Alerts, Analysis, Guidance, Policy and Enforcement
Application Insights Performance metrics, code level issues
Operations Management Suite Log analytics, assessment, recommended actions
![Page 6: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/6.jpg)
Azure Security Center
270%
![Page 7: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/7.jpg)
Azure Identity Protection
![Page 8: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/8.jpg)
Azure Application Insights
![Page 9: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/9.jpg)
Azure Operations Management Suite
![Page 10: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/10.jpg)
Q&A
![Page 11: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/11.jpg)
Supporting Capabilities for Secure Applications
CAPABILITY BENEFITS
AZURE RESOURCE MANAGER
• Template based deployment• Manage application infrastructure as source code• Idempotency• Resource Policy• Resource Locks
AZURE STORAGE ENCRYPTION
• Encryption for Data at Rest• Client side libraries for encryption in transit
![Page 12: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/12.jpg)
Supporting Technologies for Secure Applications
• API Managemento Publish APIs rapidly, even from “legacy” serviceso Secure access and protect from overuse
• Azure KeyVaulto HSM based storage for secrets (passwords, cryptographic keys)o Auditable
• Azure SQLo Azure AD integration for role based access control at the DB levelo Least-privilege design for access to DB services
• Virtual Machine Scale Setso Idempotent deployment at scaleo Disposable, ephemeral worker nodes
![Page 13: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/13.jpg)
Q&A
![Page 14: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/14.jpg)
DEMO
![Page 15: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/15.jpg)
![Page 16: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/16.jpg)
![Page 17: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/17.jpg)
![Page 18: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/18.jpg)
![Page 19: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/19.jpg)
![Page 20: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/20.jpg)
![Page 21: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/21.jpg)
![Page 22: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/22.jpg)
![Page 23: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/23.jpg)
![Page 24: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/24.jpg)
The Learning Curve
• The learning curve for this can appear steep
• There are a multitude of resourceso Sample code and templates to provision resourceso Architecture Guidanceo Development Guidanceo Strong community of MS Partners
![Page 25: Improving Application Security With Azure](https://reader033.fdocuments.net/reader033/viewer/2022052606/5875f66f1a28ab006e8b64cd/html5/thumbnails/25.jpg)
Q&A