SlideShare uma empresa Scribd logo

Azure Security Fundamentals

Transferir como PPTX, PDF
Lorenzo Barbieri
Lorenzo Barbieri

Short session about Azure Security Fundamentals, from physical to infrastucture, network app and data security.

Tecnologia
1 de 12
Built-in Partner Controls Unique Intelligence Unique Intelligence Built in + Partner Controls
Two-factor authentication with biometrics Employee & contractor vetting Metal detectors Video coverage rack front & back Inability to identify location of specific customer data Secure destruction bins Ongoing roaming patrols Video coverage Ongoing roaming patrols Front entrance gate 1 defined access point Video coverage Perimeter fencing Two-factor authentication with biometrics Video coverage No building signage 24x7x365 security operations Verified single person entry Ongoing roaming patrols Background check System check Access approval Perimeter Building Server environment Physical datacenter security
Protect customer data Data, network segregation. DDoS protection at the edge. Platform segregation. Confidential computing. Secure hardware Custom-built hardware with integrated security and attestation Continuous testing War game exercises by Microsoft teams, vulnerability scanning & continuous monitoring CUSTOMER 2CUSTOMER 1 Secure foundation
Protection at the edge • OneDDoS protects the edge with Cloud scale filtering and DDoS mitigation • Edge layer protections screen unwanted traffic • Encryption for data in transit • Global Load Balancing improves resilience IP and Isolation Controls • Traffic between regions encrypted by default • IP and protocol controls for endpoints • Traffic isolation via site to site VPN or Azure ExpressRoute Infrastructure security Azure Virtual Network Isolation Endpoint Restrictions OneDDoS
No standing access to production servers and services. Just In Time Elevation required. Multi-factor authentication required for admin actions “Secure Workstations” required to access production Access requests are audited, logged and monitored Operational Security
Built-in Partner Controls Unique Intelligence Unique Intelligence
VIRTUAL MACHINES APPLICATIONS STORAGE & DATABASES Built-in Controls | Data protection Enable built-in encryption across resources Azure Storage Service Encryption Azure Disk Encryption SQL TDE/Always Encrypted Encrypt data while in use Azure confidential computing Use delegated access to storage objects Shared Access Signature enables more granular access control Use a key management system Keep keys in a hardware HSM/don’t store key in apps/GitHub Use one Key Vault per security boundary/per app/per region Monitor/audit key usage-pipe information into SIEM for analysis/threat detection Use Key Vault to enroll and automatically renew certificates
Azure Security Center with advanced analytics for threat detection Virtual machines Applications Storage & databases Network Built-in Controls | Threat protection Mitigate potential vulnerabilities proactively Ensure up to date VMs with relevant security patches Enable host anti-malware Reduce surface area of attack Enable just in time access to management ports Configure Application Whitelisting to prevent malware execution Detect threats early and respond faster Use actionable alerts and incidents Interactive investigation tool and playbooks to orchestrate responses
threats detected/monthBuilt-in Partner Controls Unique Intelligence Built-in Partner Controls
Azure Security Fundamentals

Recomendados

Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
Alert Logic
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to Hero
Kasun Rajapakse
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
Allen Brokken
 
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance WorkshopMicrosoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Nicholas Vossburg
 
Azure Governance
Azure GovernanceAzure Governance
Azure Governance
Benjamin Hüpeden
 
Business Continuity & Disaster Recovery with Microsoft Azure
Business Continuity & Disaster Recovery with Microsoft AzureBusiness Continuity & Disaster Recovery with Microsoft Azure
Business Continuity & Disaster Recovery with Microsoft Azure
Aymen Mami
 
TechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfTechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdf
MIlton788007
 

Recomendados

Microsoft Azure Security Overview
Microsoft Azure Security OverviewMicrosoft Azure Security Overview
Microsoft Azure Security Overview
Alert Logic
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to Hero
Kasun Rajapakse
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
David J Rosenthal
 
Azure Security Overview
Azure Security OverviewAzure Security Overview
Azure Security Overview
Allen Brokken
 
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance WorkshopMicrosoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Microsoft Cloud Adoption Framework for Azure: Thru Partner Governance Workshop
Nicholas Vossburg
 
Azure Governance
Azure GovernanceAzure Governance
Azure Governance
Benjamin Hüpeden
 
Business Continuity & Disaster Recovery with Microsoft Azure
Business Continuity & Disaster Recovery with Microsoft AzureBusiness Continuity & Disaster Recovery with Microsoft Azure
Business Continuity & Disaster Recovery with Microsoft Azure
Aymen Mami
 
TechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdfTechnicalTerraformLandingZones121120229238.pdf
TechnicalTerraformLandingZones121120229238.pdf
MIlton788007
 
On-premise to Microsoft Azure Cloud Migration.
On-premise to Microsoft Azure Cloud Migration. On-premise to Microsoft Azure Cloud Migration.
On-premise to Microsoft Azure Cloud Migration.
Emtec Inc.
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
Karina Matos
 
Windows Azure Virtual Machines
Windows Azure Virtual MachinesWindows Azure Virtual Machines
Windows Azure Virtual Machines
Clint Edmonson
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0
Marcos Oikawa
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access management
Dinusha Kumarasiri
 
Azure fundamentals
Azure fundamentalsAzure fundamentals
Azure fundamentals
Alexandre BERGERE
 
Azure migration
Azure migrationAzure migration
Azure migration
Arnon Rotem-Gal-Oz
 
Azure subscription management with EA and CSP
Azure subscription management with EA and CSPAzure subscription management with EA and CSP
Azure subscription management with EA and CSP
Daichi Isami
 
Azure Migrate
Azure MigrateAzure Migrate
Azure Migrate
Mustafa
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
David J Rosenthal
 
Microsoft Azure Technical Overview
Microsoft Azure Technical OverviewMicrosoft Azure Technical Overview
Microsoft Azure Technical Overview
gjuljo
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
New Horizons Ireland
 
App Modernization with Microsoft Azure
App Modernization with Microsoft AzureApp Modernization with Microsoft Azure
App Modernization with Microsoft Azure
Microsoft Tech Community
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Edureka!
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
Karl Ots
 
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
Morgan Simonsen
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
Anoop Nair
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
David J Rosenthal
 
AWS Cloud Security Fundamentals
AWS Cloud Security FundamentalsAWS Cloud Security Fundamentals
AWS Cloud Security Fundamentals
Amazon Web Services
 
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance ConversationMicrosoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Nicholas Vossburg
 
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
MSAdvAnalytics
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
Amazon Web Services
 

Mais conteúdo relacionado

Mais procurados

Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
David J Rosenthal
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
David J Rosenthal
 

Mais procurados (20)

On-premise to Microsoft Azure Cloud Migration.
On-premise to Microsoft Azure Cloud Migration. On-premise to Microsoft Azure Cloud Migration.
On-premise to Microsoft Azure Cloud Migration.
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
Windows Azure Virtual Machines
Windows Azure Virtual MachinesWindows Azure Virtual Machines
Windows Azure Virtual Machines
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0
 
Azure Identity and access management
Azure Identity and access managementAzure Identity and access management
Azure Identity and access management
 
Azure fundamentals
Azure fundamentalsAzure fundamentals
Azure fundamentals
 
Azure migration
Azure migrationAzure migration
Azure migration
 
Azure subscription management with EA and CSP
Azure subscription management with EA and CSPAzure subscription management with EA and CSP
Azure subscription management with EA and CSP
 
Azure Migrate
Azure MigrateAzure Migrate
Azure Migrate
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
Microsoft Azure Technical Overview
Microsoft Azure Technical OverviewMicrosoft Azure Technical Overview
Microsoft Azure Technical Overview
 
Understanding Azure AD
Understanding Azure ADUnderstanding Azure AD
Understanding Azure AD
 
App Modernization with Microsoft Azure
App Modernization with Microsoft AzureApp Modernization with Microsoft Azure
App Modernization with Microsoft Azure
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
 
Azure security architecture
Azure security architectureAzure security architecture
Azure security architecture
 
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
Massive Lift & Shift Migrations to Microsoft Azure with the Microsoft Migrati...
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
 
AWS Cloud Security Fundamentals
AWS Cloud Security FundamentalsAWS Cloud Security Fundamentals
AWS Cloud Security Fundamentals
 
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance ConversationMicrosoft Cloud Adoption Framework for Azure: Governance Conversation
Microsoft Cloud Adoption Framework for Azure: Governance Conversation
 

Semelhante a Azure Security Fundamentals

Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
MSAdvAnalytics
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
Amazon Web Services
 

Semelhante a Azure Security Fundamentals (20)

Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & ComplianceCortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
 
00. introduction to app sec v3
00. introduction to app sec v300. introduction to app sec v3
00. introduction to app sec v3
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentation
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model Overview
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
 
ESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business ProductsESET: #DoMore With Our Comprehensive Range of Business Products
ESET: #DoMore With Our Comprehensive Range of Business Products
 
BRK2122 IOT - From the cloud to the edge
BRK2122 IOT - From the cloud to the edgeBRK2122 IOT - From the cloud to the edge
BRK2122 IOT - From the cloud to the edge
 
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @TowsonImportance of Identity Management in Security - Microsoft Tech Tour @Towson
Importance of Identity Management in Security - Microsoft Tech Tour @Towson
 
Global Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security CenterGlobal Azure Bootcamp 2018 - Azure Security Center
Global Azure Bootcamp 2018 - Azure Security Center
 
366864108 azure-security
366864108 azure-security366864108 azure-security
366864108 azure-security
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud Security
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Primend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisusPrimend praktiline konverents - Office 365 turvalisus
Primend praktiline konverents - Office 365 turvalisus
 
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
BIG IRON, BIG RISK? SECURING THE MAINFRAME - #MFSummit2017
 
Contextual Security and Application Control for Virtualized Desktops
Contextual Security and Application Control for Virtualized DesktopsContextual Security and Application Control for Virtualized Desktops
Contextual Security and Application Control for Virtualized Desktops
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
 
Io t security and azure sphere
Io t security and azure sphereIo t security and azure sphere
Io t security and azure sphere
 

Mais de Lorenzo Barbieri

Mais de Lorenzo Barbieri (20)

Microsoft Ignite Milan: Copilot Adoption In Italy
Microsoft Ignite Milan: Copilot Adoption In ItalyMicrosoft Ignite Milan: Copilot Adoption In Italy
Microsoft Ignite Milan: Copilot Adoption In Italy
 
Can Santa Cloud survive the Generative AI revolution?
Can Santa Cloud survive the Generative AI revolution?Can Santa Cloud survive the Generative AI revolution?
Can Santa Cloud survive the Generative AI revolution?
 
Build and Modernize Intelligent Apps​
Build and Modernize Intelligent Apps​Build and Modernize Intelligent Apps​
Build and Modernize Intelligent Apps​
 
Develop any software from anywhere!
Develop any software from anywhere!Develop any software from anywhere!
Develop any software from anywhere!
 
Personal Branding for Developers @ PyCon Italy 2023
Personal Branding for Developers @ PyCon Italy 2023Personal Branding for Developers @ PyCon Italy 2023
Personal Branding for Developers @ PyCon Italy 2023
 
Storytelling inclusivo
Storytelling inclusivoStorytelling inclusivo
Storytelling inclusivo
 
Effective Public Speaking
Effective Public SpeakingEffective Public Speaking
Effective Public Speaking
 
GitHub for partners
GitHub for partnersGitHub for partners
GitHub for partners
 
Codemotion DevCast: App Modernization in the Cloud
Codemotion DevCast: App Modernization in the CloudCodemotion DevCast: App Modernization in the Cloud
Codemotion DevCast: App Modernization in the Cloud
 
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloud
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloudHow do you protect a hybrid PaaS-IaaS solution, built entirely in the cloud
How do you protect a hybrid PaaS-IaaS solution, built entirely in the cloud
 
Azure DevOps & GitHub... Better Together!
Azure DevOps & GitHub... Better Together!Azure DevOps & GitHub... Better Together!
Azure DevOps & GitHub... Better Together!
 
Azure Academyadi: Introduction to GitHub and AzureDevOps
Azure Academyadi: Introduction to GitHub and AzureDevOpsAzure Academyadi: Introduction to GitHub and AzureDevOps
Azure Academyadi: Introduction to GitHub and AzureDevOps
 
Kubernetes vs App Service
Kubernetes vs App ServiceKubernetes vs App Service
Kubernetes vs App Service
 
Practical Personal Branding for Developers
Practical Personal Branding for DevelopersPractical Personal Branding for Developers
Practical Personal Branding for Developers
 
Prepare a Short Pitch
Prepare a Short PitchPrepare a Short Pitch
Prepare a Short Pitch
 
Kubernetes for .NET Developers
Kubernetes for .NET DevelopersKubernetes for .NET Developers
Kubernetes for .NET Developers
 
Accessible Public Speaking
Accessible Public SpeakingAccessible Public Speaking
Accessible Public Speaking
 
Kubernetes VS. App Service: When the orchestrator challenges the platform
Kubernetes VS. App Service: When the orchestrator challenges the platformKubernetes VS. App Service: When the orchestrator challenges the platform
Kubernetes VS. App Service: When the orchestrator challenges the platform
 
Public Speaking For Geeks: Work from Home Edition!
Public Speaking For Geeks: Work from Home Edition!Public Speaking For Geeks: Work from Home Edition!
Public Speaking For Geeks: Work from Home Edition!
 
Public Speaking for Geeks @ MS Ignite The Tour Milan
Public Speaking for Geeks @ MS Ignite The Tour MilanPublic Speaking for Geeks @ MS Ignite The Tour Milan
Public Speaking for Geeks @ MS Ignite The Tour Milan
 

Último

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Último (20)

Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 

Azure Security Fundamentals

  • 1.
  • 2. Built-in Partner Controls Unique Intelligence Unique Intelligence Built in + Partner Controls
  • 3. Two-factor authentication with biometrics Employee & contractor vetting Metal detectors Video coverage rack front & back Inability to identify location of specific customer data Secure destruction bins Ongoing roaming patrols Video coverage Ongoing roaming patrols Front entrance gate 1 defined access point Video coverage Perimeter fencing Two-factor authentication with biometrics Video coverage No building signage 24x7x365 security operations Verified single person entry Ongoing roaming patrols Background check System check Access approval Perimeter Building Server environment Physical datacenter security
  • 4. Protect customer data Data, network segregation. DDoS protection at the edge. Platform segregation. Confidential computing. Secure hardware Custom-built hardware with integrated security and attestation Continuous testing War game exercises by Microsoft teams, vulnerability scanning & continuous monitoring CUSTOMER 2CUSTOMER 1 Secure foundation
  • 5. Protection at the edge • OneDDoS protects the edge with Cloud scale filtering and DDoS mitigation • Edge layer protections screen unwanted traffic • Encryption for data in transit • Global Load Balancing improves resilience IP and Isolation Controls • Traffic between regions encrypted by default • IP and protocol controls for endpoints • Traffic isolation via site to site VPN or Azure ExpressRoute Infrastructure security Azure Virtual Network Isolation Endpoint Restrictions OneDDoS
  • 6. No standing access to production servers and services. Just In Time Elevation required. Multi-factor authentication required for admin actions “Secure Workstations” required to access production Access requests are audited, logged and monitored Operational Security
  • 8. VIRTUAL MACHINES APPLICATIONS STORAGE & DATABASES Built-in Controls | Data protection Enable built-in encryption across resources Azure Storage Service Encryption Azure Disk Encryption SQL TDE/Always Encrypted Encrypt data while in use Azure confidential computing Use delegated access to storage objects Shared Access Signature enables more granular access control Use a key management system Keep keys in a hardware HSM/don’t store key in apps/GitHub Use one Key Vault per security boundary/per app/per region Monitor/audit key usage-pipe information into SIEM for analysis/threat detection Use Key Vault to enroll and automatically renew certificates
  • 9. Azure Security Center with advanced analytics for threat detection Virtual machines Applications Storage & databases Network Built-in Controls | Threat protection Mitigate potential vulnerabilities proactively Ensure up to date VMs with relevant security patches Enable host anti-malware Reduce surface area of attack Enable just in time access to management ports Configure Application Whitelisting to prevent malware execution Detect threats early and respond faster Use actionable alerts and incidents Interactive investigation tool and playbooks to orchestrate responses
  • 10.
  • 11. threats detected/monthBuilt-in Partner Controls Unique Intelligence Built-in Partner Controls

Notas do Editor

  1. 1
  2. 5
  3. 6
  4. 8
  5. 9
  6. 10
  7. 12