Learn what the publisher verification status is, and how to set it up in your organization. Azure AD comes with Consent Policies, enabling your organizations to only trust verified publishers. Users will then only be able to consent to applications that are verified.…
All posts in “security”
Learn about some of my key scenarios for using the Azure Resource Graph to gain a better understanding of my Azure resources. This is a great tool for your Azure Governance toolkit.…
I love automation. Part of the glory of seeing a green build is to also know that it has passed some type of quality gates. In this post I'll talk a bit about some of my favorite Code Analysis tools for .NET Core. I use them in both personal as well as work projects, in a varietal mix depending on project. It's not an exhaustive list, and by no means the only tools that can be used. These are a select part of my arsenal to ensure I stay on the right path when developing software. Someone asked me recently…
I have previously written about various Container-topics on this site. Recently, I also published a post about "Best Practices for security in Azure Container Registry." In this post, I want to bring awareness to how we can make use of one of the tips from that post, namely the Repository-scoped permissions. We can now create more fine-grained permission for our ACR. Time-limited access to help block any access after a specific point in time.Granular permission control helps restrict or allow specific actions on the registry. Actions are usually things like Read (pull), Write (push), Delete.Help your organization delegate…
Here's a list of simple and efficient tips to stay more secure when Working From Home. Cybersecurity tips for Remote Workers that anyone can benefit from!…
Are you a CIO, CISO, or are you at any level responsible for security in your organization? Are you just getting started with Azure and the cloud, and having a remote workforce - or are you seasoned in the cloud, but your users are not? Here's a couple of tips from the field that I hope can help. Work From Home, or #WFH, is a thing today. I have been successfully working remotely for more than seven years, and I have enjoyed every minute of it - but it isn't without challenges. I get questions regularly now, both from family…
The years fly by, and we continue to evolve how we design and architect our systems. As we learn more, and technology evolves, so does our processes and design considerations. In this post I want to make notes of a few best practices I've adopted and keep at the top of mind when I engage in new projects that require reliable serverless executions at scale. There are a ton of other things I would want to add to this post as well, but I've chosen the things I consider to be "a-ha" moments for myself throughout my years of building…
Best Practices for security in Azure Container Registries is a list of real-world experiences in strengthening your security posture.…