Recent Posts

Section 2 – Design a Zero Trust strategy and architecture – Design a security operations strategy

And time for the second section for my SC-100 study guide: Design a logging and auditing strategy to support security operations Develop security operations to support a hybrid or multi-cloud environment Design a strategy for SIEM and SOAR Evaluate security…

Continue Reading Section 2 – Design a Zero Trust strategy and architecture – Design a security operations strategy

Mover.io retirement

History of Mover.io Mover used Bifrost agent to connect to bifrost-v2.mover.io with port 443 Microsoft aquired Mover.io back in 2019 Many of you have been using Mover.io for data migrations, either for your organization or just for personal content. Either…

Continue Reading Mover.io retirement

Section 1 – Design a Zero Trust strategy and architecture – Build an overall security strategy and architecture

The first section for SC-100 study will contain: Identify the integration points in an architecture by using Microsoft Cybersecurity Reference Architecture (MCRA) Translate business goals into security requirements Translate security requirements into technical capabilities, including security services, security products, and…

Continue Reading Section 1 – Design a Zero Trust strategy and architecture – Build an overall security strategy and architecture

Exam cram for Cybersecurity Architect exam

When I wrote the study guide for AZ-500, I was planning to write a study guide for MS-500, SC-400 or AZ-104 but when I saw the contents of SC-100, I decided differently. For AZ-500 I counted 12 parts but now…

Continue Reading Exam cram for Cybersecurity Architect exam

Azure Enterprise-scale or Resource groups?

In this post I will be comparing the two different options, Azure Resource Management and Resource groups. These two are fundamentally different although they have the same functions for the resources. But first let’s go thru the cloud journey you…

Continue Reading Azure Enterprise-scale or Resource groups?

Microsoft Entra Permissions Management

Entra has combined three existing solutions under entra.microsoft.com: Azure Active Directory (Azure AD)  Multicloud identity and access management solution with integrated security.  Microsoft Entra Permissions Management​  One unified model to manage permissions ​of any identity across any cloud.  Microsoft Entra Verified ID​ …

Continue Reading Microsoft Entra Permissions Management

Section 15 – Secure data and applications – Configure and manage Azure Key Vault

And here goes the last section in my AZ-500 study guide, the end is coming with: Create and configure Key Vault Configure access to Key Vault Manage certificates, secrets, and keys Configure key rotation Configure Backup and recovery of certificates,…

Continue Reading Section 15 – Secure data and applications – Configure and manage Azure Key Vault

What’s new with Cross-tenant access with Azure AD External Identities

Microsoft has released Cross-tenant access settings and it’s still in preview. I wrote an article in February about this feature and let’s see what has been changed. And how to use to it with Teams Teamsplaining it more Difference between…

Continue Reading What’s new with Cross-tenant access with Azure AD External Identities

Section 14 – Secure data and applications – Configure security for databases

In this section I will cover the following: Enable database authentication by using Azure AD Enable database auditing Configure dynamic masking on SQL workloads Implement database encryption for Azure SQL Database Implement network isolation for data solutions, including Azure Synapse…

Continue Reading Section 14 – Secure data and applications – Configure security for databases

Section 13 – Secure data and applications – Configure security for storage

Configure access control for storage accounts Configure storage account access keys Configure Azure AD authentication for Azure Storage and Azure Files Different Storage Accounts types The Azure Storage platform includes the following data services: Azure Blobs A massively scalable object…

Continue Reading Section 13 – Secure data and applications – Configure security for storage