Power of the cloud - Introduction to azure security

TRACK:
Introduction
to the Azure
Cloud
A Developer and IT Operations perspective
Introduction to Microsoft Azure Security
TRACK:
Introduction
to the Azure
Cloud @CloudPowerUs
er

TRACK:
Introduction
to the Azure
Cloud
Thank you to our Sponsors!
Power of the Cloud
Microsoft Cloud Power User Conference
@CloudPowerUs
er

TRACK:
Introduction
to the Azure
Cloud
Who we are
Bruno Capuano
• Group Manager, Regional Innovation Lead @ Avanade
• Artificial Intelligence
• Machine Learning
• Application Lifecycle Management
• 11x MVP - Visual Studio and Development Technologies,
Windows Development
BrunoCapuano@msn.com
@ElBruno
https://elbruno.com
https://www.linkedin.com/in/elbruno

TRACK:
Introduction
to the Azure
Cloud
Who we are
Adin Ermie
• Manager, Cloud Infrastructure Consulting @ Avanade
• Cloud Solutions Architect (Datacenter/Azure)
• Azure (IaaS, PaaS, Recovery Services)
• Operations Management Suite (OMS), Azure Monitor,
Azure Security Center (ASC)
• 3x MVP - Cloud and Datacenter Management (CDM)
Adin.Ermie@outlook.com
@AdinErmie
https://AdinErmie.com
https://www.linkedin.com/in/adinermie

TRACK:
Introduction
to the Azure
Cloud
S.E.C.U.R.I.T.Y
What do you think of when you hear this word?
IDENTITY & ACCESS DATA ENCRYPTION
ENCRYPTION KEY
MANAGEMENT
NETWORK SECURITY
THREAT
PROTECTION &
SECURITY MGMT
ENVIRONMENT
PROTECTION

TRACK:
Introduction
to the Azure
Cloud
Security Topics
Vague and nebulous
TRACK:
Introduction
to the Azure
Cloud
IDENTITY &
ACCESS
• Azure Active
Directory (AAD)
• Azure Information
Protection (AIP)
• Identity and
Access
Management
(IAM)
• Privileged Identity
Management
(PIM)
• Business-to-
Business (B2B)
• Business-to-
Consumer (B2C)
DATA
ENCRYPTION
• Azure Storage
Encryption (ASE)
• Azure Disk
Encryption (ADE)
• SSL / TLS
ENCRYPTION KEY
MANAGEMENT
• Azure Key Vault
• Certificates
• Secrets /
Passphrases
• Secure Credentials
NETWORK
SECURITY
• Azure Advanced
Threat Protection
(ATP)
• Network Security
Groups (NSGs)
• Application
Security Groups
(ASGs)
• DDos Protection
Plans
• Azure Service
Endpoints
• Site-to-Site VPNs
/ Express Route
THREAT
PROTECTION &
SECURITY MGMT
• Azure Security
Center (ASC)
• Threat Intelligence
• Log Analytics (LA)
/ Operation
Management
Suite (OMS)
ENVIRONMENT
PROTECTION
• Azure Policy
• Resource Group
Locks
• Azure Backup
• Cloud App
Security (CAS)
• Enterprise
Mobility and
Security (EMS)
• Intune
• Internet of Things
(IOT)

TRACK:
Introduction
to the Azure
Cloud
Security Fundaments
Design, Code, Environment, Operations
Secure
by design
Secure
the code
Secure the
environment
Secure the
operations

TRACK:
Introduction
to the Azure
Cloud
• Security Perspectives:
• Developers
• Code
• Data
• Authentication
• IT Operations
• Identity
• Data
• Network
• Resources
What we will cover…
©2017 Avanade Inc. All Rights Reserved.

Secure your IT resources with Azure
Security Center

TRACK:
Introduction
to the Azure
Cloud
Hybrid cloud
requires a new
approach for
security
Distributed
infrastructure
Rapidly changing
cloud resources
Increasingly
sophisticated threats

TRACK:
Introduction
to the Azure
Cloud
Microsoft Azure Security Center
Unify security management and enable advanced threat protection for hybrid cloud workloads

Dynamically discover and manage the
security of your hybrid cloud workloads
in a single cloud-based console

TRACK:
Introduction
to the Azure
Cloud
Understand security state across
hybrid workloads
Built-in Azure, no setup required
Automatically discover
and monitor security of
Azure resources
Gain insights for hybrid resources
Easily onboard resources running
in other clouds and on-premises

TRACK:
Introduction
to the Azure
Cloud
Central policy management
Define a security policy for each
subscription in Security Center
Apply across multiple subscriptions
using Azure Management Groups
Ensure compliance with
policy management

TRACK:
Introduction
to the Azure
Cloud
Gain deeper insights with
integrated log analytics
Quickly identify list of notable
events that require your attention
Out of the box notable events in
dashboard or create custom
queries
Search and analyze security data
using a flexible query language
Use built-in or custom queries with
Log Analytics search

TRACK:
Introduction
to the Azure
Cloud
Integrated partners
Connected security solutions
running in Azure, e.g. firewalls
and antimalware solutions
Microsoft security
Azure Active Directory
Information Protection
Advanced Threat Analytics
Many others
Any security solution that
supports Common Event Format
(CEF)
Analyze security information
from variety of sources

Enable actionable, adaptive protections
that identify and mitigate risk to reduce
exposure to attacks

TRACK:
Introduction
to the Azure
Cloud
Identify and remediate
vulnerabilities quickly
Continuous assessment of
machines, networks, and
Azure services
Hundreds of built-in security
assessments, or create your
own
Fix vulnerabilities quickly
Prioritized, actionable security
recommendations

TRACK:
Introduction
to the Azure
Cloud
Limit exposure to brute-force
attacks
Lock down ports on virtual machines
Enable just-in-time access
to virtual machines
Access automatically granted
for limited time

TRACK:
Introduction
to the Azure
Cloud
Block malware and other
unwanted applications
Allow safe applications only
Adaptive whitelisting learns
application patterns
Simplified management with
recommended whitelists

Use advanced analytics and Microsoft
Intelligent Security Graph to rapidly detect and
respond to evolving cyber threats

TRACK:
Introduction
to the Azure
Cloud
Built-in Intelligence and
advanced analytics
Partners
Integrates alerts from partner
solutions, like firewalls and
antimalware Fusion
Combines events and alerts from across
the kill chain to map the attack timeline
Behavioral analytics
Looks for known patterns
and malicious behaviours
Threat intelligence
Looks for known malicious
actors using Microsoft
global threat intelligence
Anomaly detection
Uses statistical profiling to build
historical baselines
Alerts on deviations that conform to
a potential attack vector

TRACK:
Introduction
to the Azure
Cloud
Detect threats across the
kill chain
Target and attack
Inbound brute-force RDP,
SSH,
SQL attacks and more
Application and DDoS attacks
(WAF partners)
Intrusion detection
(NG Firewall partners)
Install and exploit
In-memory malware and
exploit attempts
Suspicious process execution
Lateral movement
Internal reconnaissance
Communication to a known
malicious IP (data exfiltration or
command and control)
Using compromised resources to
mount additional attacks (outbound
port scanning, brute-force RDP/SSH
attacks, DDoS, and spam)
Post breach

TRACK:
Introduction
to the Azure
Cloud
Get prioritized security alerts
Details about detected threats
and recommendations
Detect threats across the kill chain
Alerts that conform to kill
chain patterns are fused into
a single incident
Focus on the most
critical threats

TRACK:
Introduction
to the Azure
Cloud
Gain valuable insights
about attackers
Visualize source of attacks with
interactive map
Analyzes data from your
computers and firewalls logs
Gain insights through threat
reports
Attacker’s known objectives,
tactics, and techniques

TRACK:
Introduction
to the Azure
Cloud
Simplify security operations
and investigation
Quickly assess the scope and
impact of an attack
Interactive experience to
explore links across alerts,
computers and users
Use predefined or ad hoc
queries for deeper
examination

TRACK:
Introduction
to the Azure
Cloud
Respond quickly to threats
Automate and orchestrate common
security workflows
Create playbooks with integration
of Azure Logic Apps
Trigger workflows from any alert
to enable conditional actions

TRACK:
Introduction
to the Azure
Cloud
Develop with Security in mind
DEV
SEC
OPS
“Secure” code
“Secure” deploy
“Secure” ops

TRACK:
Introduction
to the Azure
Cloud
End-to-End
DES IG N | CODE | ENVIRONMENT | OP S
YOU HAVE TO INCLUDE ALL PHASES TO BE SECURE
username = ‘{0}’
API App SQLWeb
http name=johndoe

TRACK:
Introduction
to the Azure
Cloud
“Secure” ops
“Secure” deploy
Demo
DEV - S EC- OP S F LOW
“Secure” code

TRACK:
Introduction
to the Azure
Cloud
TRACK:
Introduction
to the Azure
Cloud

TRACK:
Introduction
to the Azure
Cloud
Code security
THE BURDEN OF OUR ‘SECRETS’
Service to service authentication — the two challenges:
• Chicken-and-egg problem for keys/secrets storage
• Working seamlessly between local development and deployed service instance
• Managed Service Identity (MSI)
• Azure Services Authentication Library (ASAL)
Access secrets
Azure Key Vault
Data access
Web App
Azure Storage
Azure AD
Authentication
“Secure” code

TRACK:
Introduction
to the Azure
Cloud
Takeaways
Culture
You own security for your service
• We can’t outsource it or do it later (Security Feature != Secure Feature)
Security is end-to-end
Leverage existing tools and use automation to include security in all stages of DevOps
• Install and use the Secure DevOps Kit for Azure
• Use Static Code Analysis Tools
• Monitor End Points
Monitor your service
No one knows your app/service better
• You have to share the responsibility of monitoring
• Use Azure Security Center and Operations Management Suite
• New attacks are increasing in frequency and size of breach!
Learning mindset
Azure will constantly improve and release new features. Attacks will continue to evolve

TRACK:
Introduction
to the Azure
Cloud
Resources
Microsoft Build Sessions
BRK4001 Building secure cloud apps
https://medius.studios.ms/Embed/Video/BRK4001?sid=BRK4001
Secure DevOps Kit for Azure (AzSK)
AzSK Module
https://www.powershellgallery.com/packages/AzSK/
AzSK Documentation
https://github.com/azsk/DevOpsKit-docs
AzSK Source
https://github.com/azsk/DevOpsKit
Security IntelliSense
https://marketplace.visualstudio.com/items?itemName=AzSDKTeam.Security
IntelliSense-Preview
Visual Studio Online CICD Build/Release Extension
https://marketplace.visualstudio.com/items?itemName=azsdktm.AzSDK-
task

TRACK:
Introduction
to the Azure
Cloud
Thank you
Adin Ermie
Adin.Ermie@outlook.com
@AdinErmie
https://AdinErmie.com
https://www.linkedin.com/in/adinermie
Bruno Capuano
BrunoCapuano@msn.com
@ElBruno
https://elbruno.com
https://www.linkedin.com/in/elbruno

Power of the cloud - Introduction to azure security

More Related Content

What's hot (20)

Similar to Power of the cloud - Introduction to azure security (20)

More from Bruno Capuano (20)

Recently uploaded (20)

Power of the cloud - Introduction to azure security