Resource Manager

AI Frontiers: Human insights on AI training

Recent developments in AI require more computing power to train the models. During training, the model learns from data how to perform specific tasks. Now, recent models like GPT, which have billions of parameters, require memory-intensive processing and power-intensive trainings. This requires a massive infrastructure. Thus, we have two main components for AI model training: […]

AI Frontiers: Human insights on AI training Continue Reading

Unleashing the Power of Microsoft Defender for Cloud – Unique Capabilities for Robust Protection

Microsoft Defender for Cloud (MDC) is a cloud-native application protection platform (CNAPP) that is made up of security measures and practices that are designed to protect cloud-based applications from various cyber threats and vulnerabilities. In this article we make a case that the unique capabilities provided by MDC will be hard to replicate with a

Unleashing the Power of Microsoft Defender for Cloud – Unique Capabilities for Robust Protection Continue Reading

Secrets scanning for Cloud deployments

Over the past year, our CNAPP solution has gone through progressive enhancements, particularly around secret management. It all began with the ability to identify various secret types across virtual machines (VMs). Subsequently, we expanded our focus to include a wide range of metadata associated with these secrets, providing valuable context.  Today, we are excited to

Secrets scanning for Cloud deployments Continue Reading

Securing Azure OpenAI Usage with Azure Functions and Managed Identities: a Step-by-Step Guide

Context The Azure OpenAI Service provides REST API access to OpenAI’s advanced language models, including GPT-4, GPT-4 Turbo with Vision, GPT-3.5-Turbo, and the series of Embeddings models. These state-of-the-art models are highly adaptable and can be tailored to a variety of tasks such as generating content, summarizing information, interpreting images, enhancing semantic search, and converting

Securing Azure OpenAI Usage with Azure Functions and Managed Identities: a Step-by-Step Guide Continue Reading

Protect Against OWASP API Top 10 Security Risks Using Defender for APIs

Overview The Open Web Application Security Project (OWASP) Foundation is a nonprofit foundation dedicated to improving software security through community-led open-source projects, education, and transparency. The OWASP API Security Project focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of APIs. In this post, we’ll dive into how Defender

Protect Against OWASP API Top 10 Security Risks Using Defender for APIs Continue Reading

Collect Event Ids using Azure Monitor Agent

Hello everyone, I am Bindusar (CSA) working with Intune. I have received multiple requests from customers asking to collect specific event IDs from internet-based client machines with either Microsoft Entra ID or Hybrid Joined and upload to Log Analytics Workspace for further use cases. There are several options available like: Running a local script on

Collect Event Ids using Azure Monitor Agent Continue Reading

Leveraging CEF with Azure Monitor Agent (AMA) for GCP-Hosted Fortinet Firewall and Syslog Forwarder,

Understand What purpose this Blog Serves: Let’s break down the blog title to understand its purpose: Leveraging CEF with Azure Monitor Agent (AMA) for GCP-Hosted Fortinet Firewall and Syslog Forwarder: This part emphasizes using Common Event Format (CEF) with Azure Monitor Agent (AMA) for monitoring and analysing logs from Fortinet firewall and Syslog Forwarder hosted

Leveraging CEF with Azure Monitor Agent (AMA) for GCP-Hosted Fortinet Firewall and Syslog Forwarder, Continue Reading

Threat actors misuse OAuth applications to automate financially driven attacks

Threat actors are misusing OAuth applications as an automation tool in financially motivated attacks. OAuth is an open standard for token-based authentication and authorization that enables applications to get access to data and resources based on permissions set by a user. Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth

Threat actors misuse OAuth applications to automate financially driven attacks Continue Reading

Deploy secret-less Conditional Access policies with Microsoft Entra ID Workload Identity Federation

Background  Many customers face challenges in managing their Conditional Access (CA) policies. Over time, they accumulate more and more policies that are created ad-hoc to solve specific business scenarios, resulting in a loss of overview and increased troubleshooting efforts. Microsoft has provided guidance on how to structure your Conditional Access policies in a way that

Deploy secret-less Conditional Access policies with Microsoft Entra ID Workload Identity Federation Continue Reading