Resource Manager

Delegate Azure role assignment management using conditions

We’re excited to share the public preview of delegating Azure role assignment management using conditions. This preview gives you the ability to enable others to assign Azure roles but add restrictions on the roles they can assign and who they can assign roles to.  As the owner of an Azure subscription, you likely get requests […]

Delegate Azure role assignment management using conditions Continue Reading

Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement

Microsoft security researchers recently identified a campaign where attackers attempted to move laterally to a cloud environment through a SQL Server instance. This attack technique demonstrates an approach we’ve seen in other cloud services such as VMs and Kubernetes cluster, but not in SQL Server. The attackers initially exploited a SQL injection vulnerability in an

Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement Continue Reading

Manage your big data needs with HDInsight on AKS

As companies today look to do more with data, take full advantage of the cloud, and vault into the age of AI, they’re looking for services that process data at scale, reliably, and efficiently. Today, we’re excited to announce the upcoming public preview of HDInsight on Azure Kubernetes Service (AKS), our cloud-native, open-source big data

Manage your big data needs with HDInsight on AKS Continue Reading

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets

Since February 2023, Microsoft has observed password spray activity against thousands of organizations carried out  by an actor we track as Peach Sandstorm (HOLMIUM). Peach Sandstorm is an Iranian nation-state threat actor who has recently pursued organizations in the satellite, defense, and pharmaceutical sectors around the globe. Based upon the profile of victim organizations targeted

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets Continue Reading

Monthly news – September 2023

Microsoft Defender for Cloud Monthly news September 2023 Edition This is our monthly “What’s new” blog post, summarizing product updates and various new assets we released over the past month. In this edition, we are looking at all the goodness from August 2023.  Microsoft Defender for Cloud Malware scanning is now generally available (GA) as

Monthly news – September 2023 Continue Reading

Cryptojacking: Understanding and defending against cloud compute resource abuse

In cloud environments, cryptojacking – a type of cyberattack that uses computing power to mine cryptocurrency – takes the form of cloud compute resource abuse, which involves a threat actor compromising legitimate tenants. Cloud compute resource abuse could result in financial loss to targeted organizations due to the compute fees that can be incurred from

Cryptojacking: Understanding and defending against cloud compute resource abuse Continue Reading

Azure Monitor: How To Use Managed Identity with Log Ingestion API

Hello readers! In one of my recent post, Azure Monitor: Logs Ingestion API Tips & Tricks, I discussed some Tips and Tricks to better deal with the new Logs Ingestion API. In this new one, I would like to share an example of how to use Managed Identities as authentication method for custom log ingestion,

Azure Monitor: How To Use Managed Identity with Log Ingestion API Continue Reading

Using Resource Locks To Prevent Accidental Changes In Azure

Hello howdy readers, welcome to my post! My name is Khushbu Gandhi, I am Cloud Solutions Architect in Bay Area. Over the course of my learning with Azure thus far, I have realized that it’s easy to deploy resources in the Azure. In fact, it is this ease of use that has largely catapulted the push

Using Resource Locks To Prevent Accidental Changes In Azure Continue Reading

Monthly news – June 2023

Microsoft Defender for Cloud Monthly news June 2023 Edition This is our monthly “What’s new” blog post, summarizing product updates and various new assets we released over the past month. In this edition, we are looking at all the goodness from May 2023.  Microsoft Defender for Cloud Watch new episodes of the Defender for Cloud

Monthly news – June 2023 Continue Reading

Microsoft Defender for Cloud – Automate Notifications when new Attack Paths are created

Introduction Microsoft Defender for Cloud is a Cloud Native Application Protection Platform (CNAPP) that offers crucial insights and protective measures through its Attack Path risk analysis feature. A frequent requirement from customers is the ability to receive notifications whenever new attack paths are detected. This article presents an automated solution utilizing Azure Logic Apps to

Microsoft Defender for Cloud – Automate Notifications when new Attack Paths are created Continue Reading