Archives
- January 2022 (3)
- December 2021 (9)
- November 2021 (13)
- August 2021 (1)
- July 2021 (6)
- June 2021 (1)
- May 2021 (1)
- April 2021 (1)
- January 2021 (1)
- August 2020 (1)
- July 2020 (3)
- June 2020 (1)
- March 2020 (5)
- February 2020 (3)
- January 2020 (18)
- December 2019 (22)
- November 2019 (3)
- October 2019 (1)
- July 2019 (1)
- April 2019 (2)
- January 2019 (2)
- October 2018 (2)
- September 2018 (1)
- August 2018 (4)
- July 2018 (4)
- February 2018 (6)
- January 2018 (3)
- November 2017 (1)
- August 2017 (3)
- May 2017 (4)
- April 2017 (4)
- December 2016 (1)
Categories
- Application Security (1)
- Azure Security Center (10)
- Governance & Compliance (19)
- Host Protection (3)
- Identity & Access Control (9)
- Monitoring & Detection (22)
- Network Security (3)
- Secure Development (13)
- Security Automation (53)
- Security Operation (21)
- Service Overview (1)
Monthly Archives: March 2020
ARM template for Azure VM with Guest Configuration
I’ve recently got some questions related to Azure Policy Guest Configuration and an ARM template to deploy pre-requisites in order to work with the feature. In this article, I’d like to share ARM template to deploy Azure Policy Guest Configuration … Continue reading
Quick look at new Azure Sentinel Incident API
I got some questions from people who worked with Microsoft product team about the new incident API they were introduced. I took a glance at it and thought I would need to write something about it, especially wrote a new … Continue reading
Quick notes in deploying Guest Configuration Extension on Azure VM
Azure Policy Guest Configuration allows you to audit configuration inside host. It sounds very much similar to Azure Automation Account Desired State Configuration (DSC). In fact the concept is similar to DSC but Azure Policy uses a dedicated agent called … Continue reading
Guidance for CVE-2020-0796 SMBv3 Compression vulnerability patching on Azure VM
There are discussions around a new CVE coded CVE-2020-0796 that Microsoft indicated a remote code execution vulnerability found in SMBv3.1.1 compression feature. There are questions from people working on Azure environment asking me what to do. The purpose of this … Continue reading
Filter Azure Security Center alert name in Azure Sentinel incident rule
In the past we learnt on how to connect Azure Security Center to Azure Sentinel so every alert generated from Azure Security Center can be an incident in Azure Sentinel. Not all alerts are true positive and sometime you wouldn’t … Continue reading