Archives
- January 2022 (3)
- December 2021 (9)
- November 2021 (13)
- August 2021 (1)
- July 2021 (6)
- June 2021 (1)
- May 2021 (1)
- April 2021 (1)
- January 2021 (1)
- August 2020 (1)
- July 2020 (3)
- June 2020 (1)
- March 2020 (5)
- February 2020 (3)
- January 2020 (18)
- December 2019 (22)
- November 2019 (3)
- October 2019 (1)
- July 2019 (1)
- April 2019 (2)
- January 2019 (2)
- October 2018 (2)
- September 2018 (1)
- August 2018 (4)
- July 2018 (4)
- February 2018 (6)
- January 2018 (3)
- November 2017 (1)
- August 2017 (3)
- May 2017 (4)
- April 2017 (4)
- December 2016 (1)
Categories
- Application Security (1)
- Azure Security Center (10)
- Governance & Compliance (19)
- Host Protection (3)
- Identity & Access Control (9)
- Monitoring & Detection (22)
- Network Security (3)
- Secure Development (13)
- Security Automation (53)
- Security Operation (21)
- Service Overview (1)
Monthly Archives: July 2021
Part 2 – Upload container vulnerability assessment result to Azure Storage Account
Previously I wrote an article to walk people through CI/CD Integration with Azure Security Center. I got a question about uploading vulnerability assessment result to an Azure Storage Account. In this article, let’s see how to do that with Azure … Continue reading
Part 1 – Quick look at CICD Integration in Azure Security Center to scan your docker image
If you are working in a cyber-security field where DevOps is involved, you probably heard about shift-left security. Shift-left security is just basically to move security assessment or verification sooner in the development process so you wouldn’t waste time to … Continue reading
Notes on Azure SQL Server Auditting should be enabled policy
Recently I was asked to help a colleague of mine on a policy named “Azure SQL Server auditing should be enabled“. He deployed an ARM template to enable auditing but the deployment didn’t reflect the setting in Azure Portal. In … Continue reading
Notes on Azure Backup Soft-delete feature in a cybersecurity context
Backup would be the last hope for you in an attempt of recovering your infrastructure after a cyber attack. Malware doesn’t only steal and exfiltrate data but also scans and deletes your backup. The soft delete feature is designed to … Continue reading
Posted in Monitoring & Detection, Security Operation
Tagged soft-delete azure backup
Leave a comment
Demystify Azure DDoS Protection Azure Policy
There are two different policies in Azure Security Center/Azure Policy scan virtual network resources and DDoS protection plan. Your virtual network resources may fall into the list of non-compliant resources in one of these policies. In this article, let’s demystify … Continue reading
Create an Azure Role Assignment Watchlist in Azure Sentinel
Watchlist in Azure Sentinel allows you to build your own data from external data sources for correlation with analytics or hunting rules in your Azure Sentinel environment. In this article, what we are going to do is explore Azure Sentinel … Continue reading
Posted in Security Automation, Security Operation
Tagged azure sentinel, azure sentinel watchlist api
5 Comments