This post is about increasing automated security posture with Azure DevOps by using the "Microsoft Security Code Analysis extension", which is a set of tasks that helps implement security analysis of your files and code in your pipelines. Microsoft have done an amazing job with making this extension available, so we can make use of automated build tasks to check for some commonly encountered security issues. Follow me in this article to explore how we make use of the Azure DevOps extension for Microsoft Security Code Analysis, which includes these build tasks to help us: Credential Scanner (CredScan)BinSkimTSLintRoslyn AnalyzersMicrosoft…
At Microsoft Ignite 2019 in Orlando, there was a plethora of interesting announcements. Some which are already available in your Azure subscriptions to try out. Two of these, which also are some favorites of mine to keep tabs on my resources easier across subscriptions, are the Network Insights and Storage Insights additions to Azure Monitor. Azure Monitor - Networks (preview)Network Insights also gives you the capability to do cross-subscription monitoring for your network health. From here, you can easily drill down into any part of your networking in the cloud and investigate if you have any issues going on,…
Launching new websites, services and applications in the cloud is easy. However, the fact that getting something up and running is easy, doesn't mean that it's sufficient for an enterprise-grade or distributed-scale application to operate in the long run. Designing the solution architecture, infrastructure and configuration of your apps and services are extremely important - and if you intend to embrace a real workload (not "see my demo here"), you need to ensure that things are flying at all times, with redundancy and failovers. In this post we'll talk a bit about diagnosing and troubleshooting errors and issues with Azure…
Hooray! Today is an exciting day for me. We just launched a new podcast named Ctrl+Alt+Azure, which you can find here: ctrlaltazure.com. I'm co-hosting this with my friend and fellow Microsoft MVP for Azure, Jussi Roine. Here we are, casually looking relaxed in an atypical scandinavian style. Tobias Zimmergren & Jussi Roine - Co-hosts of the Ctrl+Alt+Azure PodcastWe even designed a fancy logo for the new podcast. I'm sure everything will be awesome with a logo like that. Ctrl+Alt+Azure Podcast by Tobias Zimmergren & Jussi RoineBackground storyIn recent year(s) I've been in…
In this post I'm sharing a tip about how you can remove the Azure Sentinel service, but keep your ingested data in Log Analytics so you can actually keep working with the data for reports and auditing reasons.…
When working with Azure DevOps, there's a lot of options and configurations to tailor the service exactly to the needs of your organization. Part of the responsibilities that lie on the ones that managed these pipelines is to ensure that you don't spill the beans - or in other words, leak any sensitive data. With Azure DevOps, you can get sensitive data like Connection Strings, Secrets, API Keys and whatever else you may classify as sensitive, directly from an Azure Key Vault. In this post we'll explore how to configure Azure DevOps to fetch Secrets directly from Azure Key Vault…
A powerful capability of the Azure Sentinel service is that you can ingest data from a wide variety of sources. Using Connectors, you can even ingest data from other places than Azure, and you can get a more complete picture of your security posture across services in your technological landscape. In a previous post I talked about how to ingest Office 365 logs into your Azure Sentinel dashboards. In this post, I'm talking about how we can build our own Azure Log Analytics Data Collector API application to send custom logs to your Log Analytics workspace - and since I'm…
Azure Sentinel is a product from Microsoft, offering a cloud-native SIEM service. Sentinel uses clever AI (Artificial Intelligence) to make your threat detection and responses faster and smarter. A key feature with Azure Sentinel is that you can connect to other data sources. Microsoft has built-in support for ingesting data from a plethora of their own data sources, including: Azure ADOffice 365Cloud App SecurityAzure Activity LogAzure AD Identity ProtectionAzure Information Protection (AIP)Azure Advanced Threat Protection (ATP)Azure Security CenterDNSMicrosoft Web Application Firewal (WAF)Windows FirewallWindows Security Eventsand more...In this post I'll talk about how you can enable Azure…