Database Patterns with Azure Kubernetes Service Part 1: MySQL + Azure Managed Disk

One of the non-straight forward aspects of implementing for applications in Kubernetes is the stateful data store. I will be showing 2 relational database patterns in Azure Kubernetes Service. Since containers are the fundamental building blocks, these are stateless by default. That is the containers can lose its data when it is terminated or fail. …

Continue reading Database Patterns with Azure Kubernetes Service Part 1: MySQL + Azure Managed Disk

Understanding Ingress Controllers and Azure App Gateway for Azure Kubernetes Part 2: AGIC

The previous part 1 blog post went over fundamental concepts of ingress and ingress controller. This part 2 post will build on this concept and give a review of the App Gateway Ingress Controller (AGIC) First of all, what happens when you deploy AKS with its default settings? The default AKS deployment when going through …

Continue reading Understanding Ingress Controllers and Azure App Gateway for Azure Kubernetes Part 2: AGIC

Understanding Ingress Controllers and Azure App Gateway for Azure Kubernetes Part 1: Intro

I will share my experiences with a design and implementation of Azure Application Gateway for an Azure Kubernetes Service (AKS) cluster. This is so that you may get some practical insight as you plan and design for using the Azure App Gateway. In this blog series, I will go over Fundamental Ingress conceptsArchitecture and deployment …

Continue reading Understanding Ingress Controllers and Azure App Gateway for Azure Kubernetes Part 1: Intro

Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 6 Hunting

The previous previous blog post is part 5 in this series. Azure Sentinel provides features for Hunting as a proactive step of looking for security threats for security analysts through the mountains of data collected. According to this article Threat Hunting Vs. SIEM by Infosec, hunting is defined as “Threat hunting is the act of …

Continue reading Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 6 Hunting

Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 5 Incidents

The previous blog post part 4, I have shown how to create Analytics rules that alert for SQL Injection attacks. I will show the incidents that are generated from this rule to do further investigation. Your organization may have a cyber security team that will monitor, analyze and investigate incidents to evaluate threats. Incidents investigation …

Continue reading Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 5 Incidents

Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 4 Analytics

Continuing from post Part 3. Create a Analytics Rule which will generate an incident for investigation for web attacks. I would call this more of an active monitoring approach vs the Azure Sentinel workbooks. An analytics rule seems to me the same process of creating a log analytics alert rule. Once Azure Sentinel is connected …

Continue reading Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 4 Analytics

Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 3 Monitoring

Continuing from blog post Part 2. Azure Sentinel Workbooks provides custom dashboard to see the data in the form of visualizations and tables. These data presentations are based on queries to the log analytics workspace. You can create a workbook from scratch or leverage built-in workbooks by starting from templates. For the Web Application Firewall …

Continue reading Using Azure Sentinel with Azure App Gateway to Investigate Web Attacks – Part 3 Monitoring