Category Archives: Secure Development

Migrate alert rules to another Azure Sentinel in the same tenant

In a large deployment, having a non-production environment to test Microsoft Sentinel analytics rule is recommended. Now when everything is ready you would need to copy your rules over to the production environment. This article provides you a script to … Continue reading

Posted in Secure Development, Security Automation | Tagged , | Leave a comment

Azure Sentinel Threat Intelligence API

Microsoft Sentinel (formerly aka Azure Sentinel) has a feature that allows you to create and manage custom Threat Intelligence (TI) indicators (aka IoC – Indicators of Compromise). There are requests from avid readers asking AzSec to write something about Microsoft … Continue reading

Posted in Secure Development, Security Automation | Tagged , , | Leave a comment

Part 2 – Upload container vulnerability assessment result to Azure Storage Account

Previously I wrote an article to walk people through CI/CD Integration with Azure Security Center. I got a question about uploading vulnerability assessment result to an Azure Storage Account. In this article, let’s see how to do that with Azure … Continue reading

Posted in Secure Development | Tagged | 2 Comments

Part 1 – Quick look at CICD Integration in Azure Security Center to scan your docker image

If you are working in a cyber-security field where DevOps is involved, you probably heard about shift-left security. Shift-left security is just basically to move security assessment or verification sooner in the development process so you wouldn’t waste time to … Continue reading

Posted in Secure Development | Tagged , | 2 Comments

Notes on Azure SQL Server Auditting should be enabled policy

Recently I was asked to help a colleague of mine on a policy named “Azure SQL Server auditing should be enabled“. He deployed an ARM template to enable auditing but the deployment didn’t reflect the setting in Azure Portal. In … Continue reading

Posted in Secure Development, Security Automation | Tagged | Leave a comment

Azure Disk Encryption ARM template for Windows VM

I had an article about a healthy Windows virtual machine in Azure and got a feedback that the virtual machine should have disk encryption in place. That feedback is very valuable and it drove me to do more research and … Continue reading

Posted in Secure Development | Tagged , | 1 Comment

Audit Azure App Service in your tenant

There are several ways to extract information of Azure App Service resources in your environment. You can use Resource Graph Explorer, Azure CLI, Azure PowerShell or Azure REST API. Depending on the information you would like to extract, the tool … Continue reading

Posted in Secure Development | Tagged , , | 2 Comments

Some fun with Azure Key Vault REST API and HttpClient – Part 5

We have gone through 5 articles about Azure Key Vault REST API in which we explored the possibility of working with Azure Key Vault REST API, specific to Vault and Secret. We also realized just ‘a bit‘ about how unclear … Continue reading

Posted in Secure Development | Tagged , | 2 Comments

Some fun with Azure Key Vault REST API and HttpClient – Part 4.1

I thought I would have a new title for this article as it is not going to cover the use of HttpClient and Key Vault REST API. Spent a little bit of time thinking, I decided to let it be … Continue reading

Posted in Secure Development | 2 Comments

Some fun with Azure Key Vault REST API and HttpClient – Part 4

The Part 2 in Some fun with Azure Key Vault REST API and HttpClient series provides simple guidance on how to create a new fresh secret without creating a new version of existing secret under a specified vault in Azure … Continue reading

Posted in Secure Development | Tagged , | 3 Comments