Dana EppFeb 201 minHow to detect when emergency accounts are used in Azure ADSo in the latest episode of #KnowOps I help a community member out by showing how to setup Azure to detect and alert when emergency 'brea...
Dana EppFeb 131 minHow to secure your Azure storage accounts properlyAzure relies heavily on Azure Storage. From your VM disks to your application queues, chances are you have sensitive data already saved i...
Dana EppFeb 61 minHow to restrict network access to Azure Key VaultSo in this week's episode of #KnowOps I help answer the question on how to lock down Internet access to your Azure Key Vault through the ...
Dana EppFeb 21 minAzure Fundamental for Ethical Hackers and Special Ops TeamFellow MVP and ethical hacker Nino Crudele has released an awesome free whitepaper on the Azure Fundamental for Ethical Hackers and Speci...
Dana EppDec 6, 20191 minRecon your Azure resources with Kusto Query Language (KQL)Latest episode of #KnowOps is out. I introduce you to how I sift through millions of records of audit data in Azure in a matter of second...
Dana EppOct 30, 20191 minIs your data secure in Azure?Recently I have had the opportunity to engage with peers on social media about how secure their data is in Azure. It brought up some inte...
Dana EppSep 28, 20191 minAre you ready for Azure Bastion?Azure Bastion is a new managed PaaS service that provides seamless RDP and SSH connectivity to your virtual machines over Secure Sockets ...
Dana EppSep 4, 20191 minAzure Security Center for IoT goes GACan't believe I missed this, but Azure Security Center for IoT went GA recently. If you aren't aware of what it is, Azure Security Center...
Dana EppAug 25, 20191 minAzure Security Lab: a new space for Azure research and collaborationNow this is interesting... Microsoft has setup a set of dedicated cloud hosts for security researchers to test attacks against IaaS scena...
Dana EppJul 18, 20191 minMicrosoft says that Cloud Service Providers (CSP) need to use MFA, and I agreeLast month I read an interesting article from Krebs on Security about the fact that Microsoft will be forcing Cloud Service Providers (CS...
Dana EppJul 5, 20191 minThe Azure Security Architect MapFollowing up from The Azure Solution Architects Map I talked about last time, I was pleasantly surprised to find that Stephane published ...
Dana EppJun 4, 20191 minDHS Statement: MSPs and IT Consultants Weaken Office 365 SecurityA couple of weeks ago the Department of Homeland Security published an Analysis Report (AR19-133A) on Microsoft Office 365 Security Obser...
Dana EppMay 15, 20191 minAzure AD abolishes its 16 char limit for passwords!It's about time. Today, Microsoft announces that they have changed the 16 character limit for Azure AD passwords, allowing you to set a p...
Dana EppMay 1, 20191 min6 Ways to Pass Secrets to ARM TemplatesI saw an interesting post from Justin Yoo on 6 Ways Passing Secrets to ARM Templates today. In the article, he provides details on six di...
Dana EppMar 29, 20191 minHoly cow, STRIDE is now 20 years old! Long live STRIDE.The invention of STRIDE was the key inflection point in the development of threat modeling from art to engineering practice. I saw an art...
Dana EppMar 18, 20191 minMicrosoft releases 'Azure Security Engineer Associate' certificationI've been asked several times where someone new to Azure should start when it comes to Azure security. There are plenty of posts here tha...
Dana EppMar 9, 20191 minIs Azure Sentinel a good thing for the cloud?So a few weeks ago Microsoft announced Azure Sentinel, their new cloud-base SIEM system. Security Information and Event Management (SIEM)...
Dana EppFeb 23, 20191 minCool enhancements to the Azure AD combined MFA and password reset registration experienceYesterday Microsoft announced a set of fantastic enhancements—based on your feedback—to the public preview of our combined registration e...
Dana EppFeb 11, 20191 minThe 5 best practices you need to follow to protect identity in your Azure environmentIf you are responsible for your company's Azure environment, protecting identity is a key aspect you need to think about. Here are 5 best...
Dana EppJan 26, 20191 minSecurity best practices for IaaS workloads in AzureLet's face it. Most people first embracing Azure do so through virtual machines and Infrastructure as a Service (IaaS). This fact is evid...
