Monthly Archives: July 2021

Part 2 – Upload container vulnerability assessment result to Azure Storage Account

Previously I wrote an article to walk people through CI/CD Integration with Azure Security Center. I got a question about uploading vulnerability assessment result to an Azure Storage Account. In this article, let’s see how to do that with Azure … Continue reading

Posted in Secure Development | Tagged | 2 Comments

Part 1 – Quick look at CICD Integration in Azure Security Center to scan your docker image

If you are working in a cyber-security field where DevOps is involved, you probably heard about shift-left security. Shift-left security is just basically to move security assessment or verification sooner in the development process so you wouldn’t waste time to … Continue reading

Posted in Secure Development | Tagged , | 2 Comments

Notes on Azure SQL Server Auditting should be enabled policy

Recently I was asked to help a colleague of mine on a policy named “Azure SQL Server auditing should be enabled“. He deployed an ARM template to enable auditing but the deployment didn’t reflect the setting in Azure Portal. In … Continue reading

Posted in Secure Development, Security Automation | Tagged | Leave a comment

Notes on Azure Backup Soft-delete feature in a cybersecurity context

Backup would be the last hope for you in an attempt of recovering your infrastructure after a cyber attack. Malware doesn’t only steal and exfiltrate data but also scans and deletes your backup. The soft delete feature is designed to … Continue reading

Posted in Monitoring & Detection, Security Operation | Tagged | Leave a comment

Demystify Azure DDoS Protection Azure Policy

There are two different policies in Azure Security Center/Azure Policy scan virtual network resources and DDoS protection plan. Your virtual network resources may fall into the list of non-compliant resources in one of these policies. In this article, let’s demystify … Continue reading

Posted in Governance & Compliance | Tagged , | Leave a comment

Create an Azure Role Assignment Watchlist in Azure Sentinel

Watchlist in Azure Sentinel allows you to build your own data from external data sources for correlation with analytics or hunting rules in your Azure Sentinel environment. In this article, what we are going to do is explore Azure Sentinel … Continue reading

Posted in Security Automation, Security Operation | Tagged , | 5 Comments