A guide to getting started with Azure Sentinel, Microsoft's cloud-native SIEM and SOAR solution, covering setup, data connectors, and initial configuration.
Guide to connecting Office 365 tenants to Azure Sentinel for log ingestion and threat detection.
Announcing a new weekly newsletter curating cloud-native security news and updates for professionals.
A guide exploring seven methods for securely managing application secrets and configuration values in .NET Core applications deployed on Azure.
A curated list of security auditing and offensive tools for Docker, Kubernetes, AWS, GCP, and Git, with usage guides and an Ansible role.
A developer's critical questions for evaluating cloud providers, focusing on problem-solving, security implementation, and customer-driven development.
Explores how Conway's Law reveals communication gaps between hardware, firmware, kernel, and software layers, using examples like Spectre and Kubernetes.
Summary of July 2018 updates to Azure AD Managed Service Identity, including new user-assigned identities and supported services.
An analysis of AWS Secrets Manager, focusing on its secret rotation capabilities and comparing it to SSM Parameter Store.
A technical tutorial on setting up and managing Azure Key Vault using PowerShell, covering installation, access policies, and key/secret operations.
A guide on securing ASP.NET application configuration by integrating Azure Key Vault to inject secrets and connection strings.
Compares AWS Security Groups to traditional firewalls and outlines best practices for developing an effective security group policy.
Critique of FedRAMP's cloud security framework, arguing it creates bureaucratic barriers that hinder government adoption of innovative, cost-effective cloud solutions.
A cautionary analysis of the Code Spaces hack, explaining how similar cloud security breaches can happen on AWS, Azure, or any host, and outlining basic mitigation steps.
Explains how to use Windows Azure Shared Access Signatures to securely delegate file downloads directly from blob storage, with code examples.
Guide to enabling and configuring Microsoft Endpoint Protection anti-malware for Windows Azure Web and Worker roles.
