Select Page
Affinity.png

New Features of Windows Server 2022 Failover Clustering

Greetings again Windows Server and Failover Cluster fans!!  John Marlin here and I own the Failover Clustering feature within the Microsoft product team.  In this blog, I will be giving an overview of the new features in Windows Server 2022 ... continue reading
MITRE ATT&CK® mappings released for built-in Azure security controls

MITRE ATT&CK® mappings released for built-in Azure security controls

The Security Stack Mappings for Azure research project was published today, introducing a library of mappings that link built-in Azure security controls to the MITRE ATT&CK® techniques they mitigate against. Microsoft once again worked with the Center for Threat-Informed Defense ... continue reading
daribei_5-1622830917040.png

Azure Web App for Containers: Pulling a Container Image from ACR Without Exposing Credentials

Hello dear readers! My name is Daniel Ribeiro and I am a Customer Engineer working with Microsoft Mission Critical Team (SfMC). The Problem A customer of mine recently reported that when deploying a container using the Azure Web App, the ... continue reading
magdysalem_0-1622676141054.png

How-To: Deploy Microservice Application with Secrets Store CSI Driver Using Helm Chart

In the last blog we discussed AKS Pod Identity and how we utilize this feature in our application and establish a secure access to Azure resources using Azure SDK libraries. One of disadvantage of using Pod Identity is in case ... continue reading

Microsoft SQL Server Linux-based container images to be available only from the Microsoft Container Registry

Traditionally, SQL Server Linux container images could be downloaded from Microsoft Container Registry (mcr.microsoft.com) and mssql-server-linux. However, as you might be aware, we stopped updating the old repo, Microsoft/mssql-server-linux, a couple of years ago, as part of our move to ... continue reading
magdysalem_1-1618267540439.png

How-To: Deploy Microservice Application with Pod Identity Using Helm Chart

In the last blog we discussed how to deploy AKS fully integrated with AAD. Also we discussed deploying add-on for Azure Pod Identity and Azure CSI driver. In the article we will discuss how to create an application that using ... continue reading
magdysalem_0-1617211808512.png

HOW-TO: Deploy AKS with POD Managed Identity and CSI using Terraform and Azure Pipeline

Today as we develop and run application in AKS, we do not want credentials like database connection strings, keys, or secrets and certificates exposed to the outside world where an attacker could take advantage of those secrets for malicious purposes ... continue reading
The threat matrix to Kubernetes. The matrix consists of the various attacking techniques that target Kubernetes.

Secure containerized environments with updated threat matrix for Kubernetes

Last April, we released the first version of the threat matrix for Kubernetes. It was the first attempt to systematically map the threat landscape of Kubernetes. As we described in the previous post, we chose to adapt the structure of ... continue reading

Best practices for Azure Container Instances (ACI) with GitHub Actions

Azure Container Instances (ACI) allow for a quick, simple, and cost effective way to run serverless containers in production. ACI is generally available and is for hosting serverless containerized workloads, including ETL pipelines, serverless batch jobs, and API microservices. Come ... continue reading
Azure Security Products.PNG

What's the difference between Azure Security Center, Azure Defender and Azure Sentinel?

It's common to have a pre-defined perspective when you hear the word "security". Some people think of applications being configured correctly or insecure coding practices. Some people think of identity concepts like password spray attacks, phishing or multi factor authentication ... continue reading