Credits and sources

Microsoft Learn

Intro

In this blog post, I will show how to use Azure DevOps pipelines with source code placed in GitHub. I will also show you how to integrate GitHub with Azure DevOps boards so that you can manage your project in Azure DevOps and close work items by using commits to your GitHub repository.

This can be useful in migration scenarios and scenarios where you want the repository features from GitHub together with Azure DevOps features like project management and pipelines.

Credits and sources

Microsoft Learn

Hashicorp

Hashicorp docs

Intro

This article is about automating image builds in Azure. I am using Packer in this scenario and will use a Windows image for the examples. Linux builds use the same process. The goal is to make a customized image in Azure and place it in the Azure Compute Gallery for use with either AVD or Scale Sets.

I will walk through the process of using Packer on my machine and then move the process into GitHub Action for an automated build.

Credits and sources

Microsoft Learn

Intro

In this part of the blog series, I want to show you what Microsoft Defender for Key Vault (MDKV) brings. MDKV helps to protect the Azure Key Vaults against suspicious activities, and it does so without any agent installation. MDKV is one of the most straightforward features to manage. Still, it does protect some of the most sensitive resources you will have in Azure, like, for instance, certificates and secrets used to access your resources and data.

Credits and sources

Microsoft Learn

Intro

In this part of the blog series, I want to show you what Microsoft Defender for DNS (MDDNS) brings. MDDNS helps to protect the Azure DNS services against suspicious activities, and it does so without any agent installation.

Microsoft Defender for DNS features

The features that MDDNS offers are protection against:

• Data exfiltration
• Malware
• DNS attacks
• Communication with domains used for malicious activities (phishing and crypto mining)

Microsoft Defender for DNS alerts

Microsoft Learn Docs provides a complete list of alerts that MDDNS provides; see the link below.

Credits and sources

Microsoft Learn

Intro

In this part of the blog series, I want to show you how to remediate or dismiss the recommendation that Microsoft provides. Most of the recommendations are something you will want to implement, but some recommendations might not fit your environment. There are multiple ways of dismissing the recommendation. Here I will show you two, one is to waive the recommendation, and the other is to disable the policy that provides the recommendation. I won’t show how I go about all recommendations in this post, but I will show you how to use the security posture to improve your Azure secure score.

Credits and sources

Microsoft Learn

TechTarget

https://www.techtarget.com/searchsecurity/definition/Cloud-Security-Posture-Management-CSPM

Intro

In this blog series, I want to focus on how Microsoft Defender for Cloud (MDFC) can help secure your Azure environment. MDFC is a collection of Defender products that provides security and visibility into your security posture in Azure. Still, many security features can also cover on-premises and other public clouds. MDFC offers free features and a range of paid features for your cloud workloads. I will go into each feature in this series to cover what it does and ensure you know if it is a paid feature. Any pricing mentioned in this series is from the Microsoft Azure pricing calculator, but there are other ways to buy the licenses, so you must find the best deal for your environment.