DANA ON DATA

Fellow MVP and ethical hacker Nino Crudele has released an awesome free whitepaper on the Azure Fundamental for Ethical Hackers and Special Ops Team. This wh...

Can't believe I missed this, but Azure Security Center for IoT went GA recently. If you aren't aware of what it is, Azure Security Center for IoT unifies sec...

Microsoft Security Risk Detection (MSRD) is a Dynamic Security Application Testing (DAST) solution that makes it possible to do fuzzing and web scanning. Thi...

I was attending an Azure PowerShell deep dive training event this week, and someone pointed to an awesome poster published by RedGate that lays out all the d...

The invention of STRIDE was the key inflection point in the development of threat modeling from art to engineering practice. I saw an article today by Adam S...

Microsoft has published a whitepaper that explores the security of the Microsoft serverless platform and the benefits of using the serverless platform archit...

Celebrate the launch of Azure DevOps with us here in Vancouver! Spend an afternoon following a fictitious but practical real world example on how to leverage...

One of the cool things I see coming out of Microsoft these days is the investment in educating everyone on how to bake security in. Not just from IT, or softw...

Microsoft has released the Azure Security and Compliance Blueprint for NIST SP 800-171. This Azure Security and Compliance Blueprint provides guidance to hel...

One of the cool things about Azure AD is how easy they make it to act as an Identity Provider (IdP) for your app services in Azure. One of the unfortunate re...

OK, so you are building this awesome cloud application and running it on Azure. You are doing a great job of using source control and then one day, without e...

I was thinking about my post last week on how cool the threat intelligence dashboard in the Azure Security Center (ASC) was so cool, rendered from the tons o...

I was going through some of my old blog posts and came across an old presentation I did on understanding risk to data in software projects. It's funny how so...

I recently stumbled across an interesting article in the Azure Security documentation on building PCI compliant Payment Processing environment in Azure. The ...

I've been waiting for this to go public. Last week Microsoft announced the preview of Azure Active Directory Managed Service Identity (MSI)... a new way that...

Now this I like to see! Microsoft has announced that going forward by default encryption will now be turned on for Azure Blobs, Files, Tables and Queue Stora...

This is why I love the Microsoft Cloud. Microsoft has released a cloud service that uses artificial intelligence to track down bugs in software, both for Win...

Let's shatter the crystal and poke holes in the black box. There has been some banter online which is focused on detailing if Open Source Software is secure,...

So have you ever tried to restrict access to your applications in a way so that you can maintain least privilege? I do. All the time. And recently it blew up...

Although software security is still in its infancy, there are several methodologies like Microsoft SDL, OWASP CLASP and Cigital Touchpoints that are being ad...