Catégorie : Azure

Storage Account | Permitted scope for copy operations

Hi!

I will show a new storage account feature which can help you to prevent data breach. This feature will help you to restrict the copy operations at the storage account level.

Three options are available:

  • From any storage accounts (default value)
  • From storage accounts in the same Azure AD tenant
  • From storage accounts that have a private endpoint to the same virtual network

I will recommend you to protect all your storage account with a custom Azure Policy which uses the alias parameter: allowedCopyScope

Maxime.

Generate Alerts Samples for Containers plan

Hi!

You can now create sample alerts also for Defender for Containers plan. The new sample alerts are presented as being from AKS, Arc-connected clusters, EKS, and GKE resources with different severities and MITRE tactics. You can use the sample alerts to validate security alert configurations, such as SIEM integrations, workflow automation, and email notifications.

Maxime.

Cyber Tech & Risk | Security Controls in the Public Cloud

Hi!

Few weeks ago, I had the pleasure to give a talk about Security Controls in the Public Cloud for Cyber Tech & Risk.

Cyber Tech & Risk is the platform for people who care about technology, risk, and security to get fresh ideas, learn the latest skills, identify new opportunities, advance career development, and expand business/professional networks. Visit here to discover more: https://cybertechrisk.com.

In this presentation, we will see together the different types of security controls, and how we can apply them in the public cloud. This session will be illustrated with a series of examples for Azure, AWS, and GCP.

Maxime.