My Quotes


When U were born , you cried and the world rejoiced
Live U'r life in such a way that when you go
THE WORLD SHOULD CRY






Tuesday, June 6, 2023

Microsoft Cybersecurity Reference Architectures

·       𝐃𝐨𝐦𝐚𝐢𝐧 #𝟏 - 𝐈𝐝𝐞𝐧𝐭𝐢𝐭𝐲 𝐚𝐧𝐝 𝐀𝐜𝐜𝐞𝐬𝐬 

o   Azure Active Directory: Password-less & MFA, Hello for Business, Authenticator App, FIDO2 Keys, Azure AD PIM, B2B & B2C. https://lnkd.in/grPgTT4R

o   Identity Protection: Leaked Credential Protection. https://lnkd.in/gdgMJZNF

o   Identity Governance: Identity, Access, and Privileged Access Lifecycle, Entitlement Management, Access Requests, Workflow, Policy and Role Management, Governance Enforcement. https://lnkd.in/gbVEWcQs

o   Defender for Identity: User Behavior and Activities, Investigate Alerts, AD FS Protection, Lateral Movement Detection. https://lnkd.in/g53ave8s

 

·       𝐃𝐨𝐦𝐚𝐢𝐧 #𝟐 - 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬

o   Microsoft 365 Defender: Extended Detection and Response (#XDR). Endpoint, Office365, Identity, and more https://lnkd.in/gXFnX2PQ

o   Defender for Cloud: Cross Cloud XDR. https://lnkd.in/gZfP3QdF

o   Microsoft Sentinel: Cloud Native SIEM, SOAR. https://lnkd.in/gnd-6c-u

 

·       𝐃𝐨𝐦𝐚𝐢𝐧 #𝟑 - 𝐄𝐧𝐝𝐩𝐨𝐢𝐧𝐭 𝐚𝐧𝐝 𝐃𝐞𝐯𝐢𝐜𝐞 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲

o   Microsoft Endpoint Manager: Intune and Configuration Manager. https://lnkd.in/g4Vdfej2

o   Microsoft Defender for Endpoint: https://lnkd.in/g3KPMPCx

 

·       𝐃𝐨𝐦𝐚𝐢𝐧 #𝟒 - 𝐇𝐲𝐛𝐫𝐢𝐝 𝐈𝐧𝐟𝐫𝐚𝐬𝐭𝐫𝐮𝐜𝐭𝐮𝐫𝐞

o   Defender for Cloud: Cross Cloud XDR. https://lnkd.in/gZfP3QdF

o   Azure AD App Proxy: Secure Remote Access. https://lnkd.in/g2DDNYUy

o   Azure Arc: Hybrid and Multicloud Management. https://lnkd.in/gtaiiPgM

o   Azure Stack: Hybrid and Edge Computing. https://lnkd.in/gvKNyKQD

o   Azure Firewall: https://lnkd.in/gVnVNJbB

o   Azure WAF: https://lnkd.in/gpQCgdNc

o   DDoS Protection: https://lnkd.in/gF796HMv

o   Azure Key Vault: https://lnkd.in/gqMuSJ4S  

o   Azure Bastion: Secure RDP/SSH, Secure VM. https://lnkd.in/gmdyEb5W

o   Azure Lighthouse: https://lnkd.in/gHHUVyJn

o   Azure Backup: https://lnkd.in/gzBpjFXs  

o   Express Route: https://lnkd.in/gGBtuq5m

o   Private Link: https://lnkd.in/gzZVJ_gY

 

·       𝐃𝐨𝐦𝐚𝐢𝐧 #𝟓 - 𝐈𝐧𝐟𝐨𝐫𝐦𝐚𝐭𝐢𝐨𝐧 𝐏𝐫𝐨𝐭𝐞𝐜𝐭𝐢𝐨𝐧

o   Microsoft Purview: https://lnkd.in/g289yg_D

o   Compliance Manager: https://lnkd.in/gprm3xD4

 

·       𝐃𝐨𝐦𝐚𝐢𝐧 #𝟔 - 𝐏𝐞𝐨𝐩𝐥𝐞 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲

o   Attack Simulator: Simulation Training Platform. https://lnkd.in/g3xyhZff 

o   Insider Risk Management: https://lnkd.in/gfhxQEti

o   Communication Compliance: https://lnkd.in/gKJd4HRm

 

·       𝐃𝐨𝐦𝐚𝐢𝐧 #𝟕 - 𝐈𝐨𝐓 𝐚𝐧𝐝 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐚𝐥 𝐓𝐞𝐜𝐡𝐧𝐨𝐥𝐨𝐠𝐲

Azure Sphere: IoT and OT Security Services. https://lnkd.in/gFMQRZB6 

Azure Tips

Useful resources for Azure developers and architects! Microsoft Azure has unveiled the App Service Landing Zone Accelerator, an open-source collection of architectural guidance and reference implementation to accelerate the deployment of Azure App Service at scale. Whether you're building new applications in the cloud or looking to modernize your existing web apps, this accelerator provides a simple and robust starting point!

  • 𝐒𝐞𝐜𝐮𝐫𝐞 𝐃𝐞𝐬𝐢𝐠𝐧 𝐏𝐫𝐢𝐧𝐜𝐢𝐩𝐥𝐞𝐬
    • With the App Service Landing Zone Accelerator, you can implement a range of secure design principles to protect your apps and data.
    • Use isolated network layers for the different components
    • Use protected Azure Active Directory-based access via Managed Identity
    • Use private endpoints for Azure services
    • Use Network Security Groups to control inbound and outbound traffic at the subnet level
    • Enable Standard DDoS Protection for the SPOKE

  • 𝐂𝐨𝐦𝐩𝐫𝐞𝐡𝐞𝐧𝐬𝐢𝐯𝐞 𝐃𝐞𝐬𝐢𝐠𝐧 𝐀𝐫𝐞𝐚𝐬
The accelerator encompasses various design areas, covering critical aspects of your app's architecture.

  • 𝐀𝐳𝐮𝐫𝐞 𝐅𝐞𝐚𝐭𝐮𝐫𝐞𝐬 𝐚𝐧𝐝 𝐒𝐞𝐫𝐯𝐢𝐜𝐞𝐬
Within the App Service Landing Zone Accelerator, you'll leverage a range of Azure features and services to enhance your app development process.


Read More:

I hope you find these resources helpful. Happy learning!