Security

Hey there! In another post, we discussed how you can use Terraform to deploy Azure Firewall and how it can make your cloud deployments more efficient and secure. Today, let’s explore how you can achieve similar results using Bicep, Azure’s language for resource declaration.

Hello! This week, I wanted to share a new post about biceps - As you know, Infrastructure as Code (IaC) has become a critical aspect of any successful and scalable deployment.

Hi folks, I sincerely hope you are all doing great. You are probably aware of the importance of Azure Key Vault in securely and centrally managing secrets, encryption keys, and certificates.

Hi! As cloud architectures become more complex, Infrastructure as Code (IaC) has become increasingly important. By using tools like Terraform, IaC allows you to manage intricate infrastructures in a text-based, repeatable, and automated manner.

Hi! This week, we’re talking about security, specifically how to use automatic key rotation in Azure Key Vault. In case you didn’t know, Azure Key Vault’s automated key rotation improves security by creating new key versions at set intervals and sending expiration alerts via Event Grid.

Microsoft’s Defender for Storage has recently unveiled a significant security update, with two standout features being near-real-time malware scanning and sensitive data discovery. In this article, I will guide you on how to enable these features across all your Azure storage accounts using Bicep.

Hello everyone! Azure offers a variety of security solutions, and Azure Firewall is a particularly effective tool. It is a fully managed cloud-native network firewall that provides top-notch protection for our virtual network resources.

Hi there! As you know, Microsoft Sentinel is an advanced SIEM tool that provides a comprehensive view of your organization’s security landscape. One of its superpowers comes from its integration with Azure AD connector.

Hi there! In a previous article, we discussed the deployment of an Azure Bastion host in an existing Virtual Network (VNet) using Azure CLI and PowerShell. While those methods are effective, there’s an opportunity to simplify the entire process.

In this blog post, I want to show you how to implement a hub-spoke network architecture on Azure using Terraform, one of my favorite infrastructure as code (IaC) tools. The hub-spoke model is a widely adopted networking strategy that allows you to simplify management, increase scalability, and improve the security of your Azure resources.

Today I want to show you how you can improve the security of your Linux virtual machines in Azure by integrating with Azure Active Directory (Azure AD) authentication. In this post, I’ll show you how to set up a Linux virtual machine and log in with Azure AD using openSSH certificate-based authentication.

Sending resource logs to a Log Analytics workspace allows us to consolidate log entries from multiple resources and query the logs for complex analysis. In this post, I want to show you how to manage diagnostic settings for your subscription and send the Activity logs data to your Log Analytics workspace.

By default, when an Azure AD B2B collaboration user is added to a tenant, the UserType property of the user is set to “Guest.” However, it may be the case that the host organization wants to treat the invited user as a member rather than a guest.

Hi, In a previous post, I showed you how to enable system-assigned managed identity on an Azure virtual machine. Today, I want to show you how to assign a managed identity to access an Azure resource securely.

Hi, Jorge is back. In this post, I want to show you How to enable the system-assigned managed identity on an Azure VM using Powershell and Azure CLI. When you enable a system-assigned managed identity, Azure creates an identity associated with the instance and stores it to the Azure AD tenant associated with the subscription where you created the service instance.

Hi everyone, In a previous post, I showed you how to deploy an Azure Firewall. Today I will show you how to create and manage IP Groups in your Azure Firewall using PowerShell and Azure CLI.

Hi, In a previous post, I showed you how to configure Azure Bastion diagnostic parameters to send logs and metrics to a storage account. But suppose you already have a log analysis workspace.

Hello! everybody. Today I will show you how to configure Azure Bastion Diagnostic to send logs and metrics to a storage account using PowerShell and Azure CLI. Once this configuration is established, you can use the stored information to find out which users connected through Azure Bastion, when, from where, and metric information about the workloads of the Azure Bastion host.

One of the security recommendations established by Microsoft in Azure Security Center is to enable the key vault’s firewall to prevent unauthorized traffic from reaching your key vault. This post will show you how to enable the firewall to ensure that only traffic from permitted networks can access your key vault using PowerShell and the Azure CLI.

Hey, guys, following the series of publications on Azure Firewall, today I’ll show you How to configure Azure Firewall Diagnostics to send logs and metrics to a storage account using PowerShell and the Azure CLI.