Planning Essentials for an Azure Kubernetes Cluster – Part 2

Continuing from blog post Part 1, the objective is to go through some essentials for planning out a simple Azure Kubernentes Cluster to host your containerized or microservices application in a development/test or proof of concept (POC) environment. Also, to lay out the foundation to build upon towards a production grade environment. Identity Access Security …

Continue reading Planning Essentials for an Azure Kubernetes Cluster – Part 2

Planning Essentials for an Azure Kubernetes Cluster – Part 1

Background: Getting started and learning Azure Kubernetes Service (AKS) is known to be a steep learning curve. In addition to planning for an AKS setup has a ton of design and architecture considerations. Objective: Go through some essentials for planning a simple Azure Kubernetes Cluster to host your containerized or micro-services application in a development/test …

Continue reading Planning Essentials for an Azure Kubernetes Cluster – Part 1

ARM Templates Fundamentals: My Development Tools

Azure ARM Templates provides the ability to deploy azure resource infrastructure in a repeatable, declarative and repeatable state. It is infrastructure-as-code. For those getting started and wondering what they need to build your tool belt, I will share what my tool belt and development process look like. My Software and tools My operating system is …

Continue reading ARM Templates Fundamentals: My Development Tools

Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 6 Hunting

The previous previous blog post is part 5 in this series. Azure Sentinel provides features for Hunting as a proactive step of looking for security threats for security analysts through the mountains of data collected. According to this article Threat Hunting Vs. SIEM by Infosec, hunting is defined as “Threat hunting is the act of …

Continue reading Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 6 Hunting

Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 5 Incidents

The previous blog post part 4, I have shown how to create Analytics rules that alert for SQL Injection attacks. I will show the incidents that are generated from this rule to do further investigation. Your organization may have a cyber security team that will monitor, analyze and investigate incidents to evaluate threats. Incidents investigation …

Continue reading Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 5 Incidents

Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 4 Analytics

Continuing from post Part 3. Create a Analytics Rule which will generate an incident for investigation for web attacks. I would call this more of an active monitoring approach vs the Azure Sentinel workbooks. An analytics rule seems to me the same process of creating a log analytics alert rule. Once Azure Sentinel is connected …

Continue reading Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 4 Analytics

Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 3 Monitoring

Continuing from blog post Part 2. Azure Sentinel Workbooks provides custom dashboard to see the data in the form of visualizations and tables. These data presentations are based on queries to the log analytics workspace. You can create a workbook from scratch or leverage built-in workbooks by starting from templates. For the Web Application Firewall …

Continue reading Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 3 Monitoring