Final part of a series for MSPs on configuring Microsoft Defender for Cloud to secure Azure, hybrid, and multi-cloud environments.
A guide to implementing security governance using Azure Policy as Code with Bicep, based on a Microsoft Reactor presentation.
Explains Azure Resource Locks (ReadOnly/DoNotDelete), their benefits for preventing accidental deletions, and potential pitfalls to consider.
A guide to organizational compliance readiness using security frameworks like CSA, CCM, and NIST for cloud environments.
A guide to building a comprehensive cloud security program, covering strategy, maturity levels, and controls based on the NIST framework.
How Thought Machine uses Cartography to map and secure ephemeral cloud environments across multiple providers.
A guide to setting up cross-account security auditing for AWS and GCP environments using hub-and-spoke models and IAM roles.
Guide to integrating Azure App Service with Azure Front Door Premium using Private Link for secure, private connectivity without complex DNS or endpoint management.
Microsoft's new SC-900 Security Fundamentals certification covers cloud security, identity, and compliance concepts for IT professionals.
Explores using Semgrep, a static analysis tool, to find security vulnerabilities in Infrastructure as Code like Terraform and Kubernetes configurations.
Announcing CloudSecDocs.com, a public collection of technical notes and cheatsheets for cloud-native technologies, DevOps, and security.
A detailed guide on passing the AZ-500 Microsoft Azure Security Engineer exam, including tips, skills measured, and study resources.
A guide to integrating Cartography with Elasticsearch for continuous monitoring and drift detection of cloud assets in multi-cloud environments.
A guide to essential security practices for protecting SQL Server instances running on Azure Virtual Machines, focusing on encryption and access controls.
Explores Azure Resource Graph use cases for improving Azure governance, including audits, security, and cross-subscription insights.
Explores secure credential management in Azure using Managed Identities to avoid storing secrets in code or configuration.
A technical guide on troubleshooting Conditional Access policies for Azure AD applications, focusing on why some apps don't appear in policy menus.
Explores secure credential management for cloud apps using Azure Managed Identities to avoid hardcoded secrets in code and source control.
Guide on implementing a secure Software Development Lifecycle (SDLC) for Azure, emphasizing developer responsibility and automated security.
Guide to enabling free, managed HTTPS certificates for custom domains in Azure App Service, including limitations and setup steps.
