Content that touches on Cybersecurity, cloud security, security for executives, and more.
Frameworks to strategically improve your cybersecurity Paid Members Public
Learn about popular cybersecurity frameworks like NIST Cybersecurity Framework (CSF), CISAs Cross-Sector Cybersecurity Performance Goals (CPG), MITRE ATT&CK and D3FEND, Microsoft Cloud Adoption Framework's Secure methodology, and Microsoft's CISO Workshop Training.
Learnings from the NSA and CISA top 10 cybersecurity misconfigurations Paid Members Public
Learn more about the joint advisory by the NSA and CISA, highlighting the top 10 cybersecurity misconfigurations commonly found in large organizations' networks.
What is the Cybercrime Atlas? Paid Members Public
The Cybercrime Atlas is an initiative launched by the World Economic Forum to better understand and combat cybercrime globally. By mapping the cybercriminal ecosystem, it aims to disrupt cyber-criminal networks.
Exam Study Guide: SC-100 - Microsoft Cybersecurity Architect Expert Paid Members Public
I recently decided to sit the SC-100: Microsoft Cybersecurity Architect Expert exam which, if you pass, grants you the certification with the same title. I am happy to share that I passed the exam. In this post, I will share some details about the experience, and links and insights for
Discover sensitive Key Vault operations with Microsoft Sentinel Paid Members Public
Microsoft's Azure Key Vault Security workbook helps you structure the explorations of sensitive operations in your Azure Key Vaults. Using this workbook, we can cut the diagnostic and troubleshooting time down by a lot.
Securing Microsoft Teams Paid Members Public
Recently, Microsoft Teams adoption in organizations world-wide has skyrocketed. To keep up with this pace, here's a post about securing the Collaboration Experience, configuring Compliance, and a look at Security options!
GitHub Actions for Security Code Analysis Paid Members Public
Performing code analysis and security scans on your code is imperative to software craftsmanship. Over the years, I have had plenty of options for performing security scans, both with third-party vendors and open-source tools. I want to highlight some of my favorite GitHub Actions to run code analysis with a
Website security scanning with GitHub Actions and OWASP ZAP Paid Members Public
Security is a topic that should be on top of everyone's mind. Particularly security in software is vital, given the enormous growth in threats targeting online resources. I previously wrote about other developer-oriented security aspects that you might find interesting: * Embrace a Security Development Lifecycle (SDL) for Azure [https://zimmergren.