Select Page
MITRE ATT&CK® mappings released for built-in Azure security controls

MITRE ATT&CK® mappings released for built-in Azure security controls

The Security Stack Mappings for Azure research project was published today, introducing a library of mappings that link built-in Azure security controls to the MITRE ATT&CK® techniques they mitigate against. Microsoft once again worked with the Center for Threat-Informed Defense ... continue reading
daribei_5-1622830917040.png

Azure Web App for Containers: Pulling a Container Image from ACR Without Exposing Credentials

Hello dear readers! My name is Daniel Ribeiro and I am a Customer Engineer working with Microsoft Mission Critical Team (SfMC). The Problem A customer of mine recently reported that when deploying a container using the Azure Web App, the ... continue reading
magdysalem_0-1622676141054.png

How-To: Deploy Microservice Application with Secrets Store CSI Driver Using Helm Chart

In the last blog we discussed AKS Pod Identity and how we utilize this feature in our application and establish a secure access to Azure resources using Azure SDK libraries. One of disadvantage of using Pod Identity is in case ... continue reading

Microsoft SQL Server Linux-based container images to be available only from the Microsoft Container Registry

Traditionally, SQL Server Linux container images could be downloaded from Microsoft Container Registry (mcr.microsoft.com) and mssql-server-linux. However, as you might be aware, we stopped updating the old repo, Microsoft/mssql-server-linux, a couple of years ago, as part of our move to ... continue reading
Out-of-the-box detections included in the Azure Sentinel SAP threat monitoring solution.

Protecting SAP applications with the new Azure Sentinel SAP threat monitoring solution

As one of the leading solution providers for applications that manage business processes, SAP is the custodian for massive amounts of sensitive data in many of the biggest organizations in the world. Since these applications are business-critical, an SAP security ... continue reading

Retro Game Translation with Azure Cognitive Services and IoT Edge

Paul DeCarlo shows Scott Hanselman how Azure IoT Edge enables you to deploy cloud intelligence locally on edge devices. By moving certain workloads to the edge of your network, your devices spend less time communicating with the cloud, can react ... continue reading

Announcing PowerShell Crescendo Preview.2

We are pleased to announce the second preview of PowerShell Crescendo, a framework to rapidly develop PowerShell cmdlets for native commands, regardless of platform. The updated preview releases are now available for download on the PowerShell Gallery: Microsoft.PowerShell.Crescendo Preview 2 ... continue reading
magdysalem_1-1618267540439.png

How-To: Deploy Microservice Application with Pod Identity Using Helm Chart

In the last blog we discussed how to deploy AKS fully integrated with AAD. Also we discussed deploying add-on for Azure Pod Identity and Azure CSI driver. In the article we will discuss how to create an application that using ... continue reading
magdysalem_0-1617211808512.png

HOW-TO: Deploy AKS with POD Managed Identity and CSI using Terraform and Azure Pipeline

Today as we develop and run application in AKS, we do not want credentials like database connection strings, keys, or secrets and certificates exposed to the outside world where an attacker could take advantage of those secrets for malicious purposes ... continue reading
The threat matrix to Kubernetes. The matrix consists of the various attacking techniques that target Kubernetes.

Secure containerized environments with updated threat matrix for Kubernetes

Last April, we released the first version of the threat matrix for Kubernetes. It was the first attempt to systematically map the threat landscape of Kubernetes. As we described in the previous post, we chose to adapt the structure of ... continue reading