Catégorie : Divers

Azure Threat Research Matrix

Hi,

In this article, I will share with you the Azure Threat Research Matrix. The purpose of the Azure Threat Research Matrix (ATRM) is to conceptualize the known tactics, techniques, and procedures (TTP) that adversaries may use against the Azure platform. Inspired from MITRE ATT&CK, ATRM is designed to give quick insight into a potential TTP that an adversary may be using in their attack campaign.

In comparison to MITRE ATT&CK, Azure does not have the same capabilities for some of the tactics, e.g. Initial Access. While some tactics in ATT&CK may pertain to Azure, the ATRM is meant to be specific within Azure AD and Azure Resources.

Source: https://microsoft.github.io/Azure-Threat-Research-Matrix

Maxime.

Network security groups support for private endpoints

Hi!

Network security groups (NSGs) support for private endpoints is now generally available. This feature enhancement provides you with the ability to enable advanced security controls on traffic destined to a private endpoint. In order to leverage this feature, you will need to set a specific subnet level property, called PrivateEndpointNetworkPolicies, to enabled on the subnet containing private endpoint resources.

By default, network policies are disabled for a subnet in a virtual network. To utilize network policies like UDR and NSG support, network policy support must be enabled for the subnet. This setting is only applicable to private endpoints within the subnet. This setting affects all private endpoints within the subnet. For other resources in the subnet, access is controlled based on security rules in the network security group.

Enable Network Policy:

  1. Sign-in to the Azure portal.
  2. In the search box at the top of the portal, enter Virtual network. Select Virtual networks.
  3. Select myVNet.
  4. In settings of myVNet, select Subnets.
  5. Select the default subnet.
  6. In the properties for the default subnet, select Enabled in NETWORK POLICY FOR PRIVATE ENDPOINTS.
  7. Select Save.
Maxime.

Microsoft MVP Azure 2022-2023 !

Hi!

Its my immense pleasure to share you that I have been awarded as Microsoft Most Valuable Professional (MVP) for the 6th time.

I would like to thanks Microsoft MVP Award team, Betsy and Rochelle. Finally, thanks to all my colleagues, blog readers and commentators. Congratulations to all the new and renewed MVP!

Maxime.