https://azure.microsoft.com/en-us/global-infrastructure/"> Microsoft operates one of the largest cloud computing infrastructures in the world, serving over one billion customers and twenty million organizations worldwide. Learn from our experts, how our focus on scale, security, innovation, and sustainability enable us to build a trusted cloud platform for our customers. Experts: Brian Janous: General Manager of Energy and Sustainability, Microsoft Noelle Walsh: Corporate Vice-President Cloud Operations + Innovation, Microsoft Jules Williams: Senior Director, Datacenter Execution, Microsoft Kushagra Vaid: General Manager and Distinguished Engineer, Azure Infrastructure, Microsoft Omar Khan: General Manager, Microsoft Azure, Microsoft Niall Murphy: Global Director of Azure Site Reliability Engineering, Microsoft For more information, please visit: https://azure.microsoft.com/en-us/global-infrastructure/
In Kubernetes, the API server is the central way to interact and manage the cluster. To improve cluster security in Azure Kubernetes Server, Ruchika Gupta shows Scott Hanselman how you can restrict access to the API server to a limited set of IP address ranges.Secure access to the API server using authorized IP address ranges in Azure Kubernetes Service (AKS)Azure Kubernetes Service (AKS) overviewKubernetes: Getting startedCreate a free account (Azure)
Caitie McCaffrey joins Scott Hanselman to give a detailed overview of Azure Sphere, including how the hardware, operating system, and cloud-based security service work together to deliver end-to-end security for IoT devices. Azure Sphere is now generally available. A secure foundation for IoT, Azure Sphere now generally availableGet started with Azure SphereThe Seven Properties of Highly Secure DevicesAzure Sphere overviewCreate a free account (Azure)
Using a bastion host can help limit threats such as port scanning and other types of malware targeting your VMs. Ashish Jain joins Scott Hanselman to show how Azure Bastion gives you secure and seamless RDP and SSH access to your virtual machines. Now you can securely access your VMs over SSL from the Azure portal and without exposing public IP addresses.Azure Bastion overviewAzure Bastion docsDeploy Azure Bastion in an Azure Virtual Network (sample ARM template)Create a free account (Azure)
Sarah Young joins Scott Hanselman to discuss Azure Sentinel, which is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.Azure Sentinel overviewQuickstart: Onboard Azure SentinelQuickstart: Create your first automated workflow with Azure Logic AppsAzure/Azure-Sentinel on GitHubCreate a free account (Azure)
Did you know that by default, all pods in a Kubernetes cluster will accept traffic from any source? Now, with network policies available out-of-the-box in Azure Kubernetes Service you can isolate pods, control egress & ingress traffic, and secure your workloads. Saurya Das is here to show us how it works.Secure traffic between pods using network policies in Azure Kubernetes Service (AKS) docsAzure Kubernetes Service (AKS) docsAzure Kubernetes Service (AKS) overviewLearn about KubernetesCreate a free account (Azure)
Regardless of deployment location, applications are often dependent on advanced services to boost performance and safeguard against threats. This can make the task of transitioning them to the cloud without impacting business operations a complex and daunting process. F5 has helped many of its customers successfully migrate their apps and app services to Azure. Please tune into this 30-minute webinar to learn about how to make that transition securely and with confidence, and engage with F5 in a live Q&A.
As the adoption of Kubernetes grows, secret management tools must integrate well with Kubernetes so that the sensitive data can be protected in the containerized world. On this episode, Yoko Hakuna demonstrates the HashiCorp Vault's Kubernetes auth method for identifying the validity of containers requesting access to the secrets.HashiCorp Vault project websiteGet started with VaultKubernetes Auth Method docVault Agent with Kubernetes guideVault Agent docHow does Vault encrypt data?Open Source Security Best Practices for Developers, Contributors, and Maintainers (The Open Source Show)Create a free account (Azure)
Working with Microsoft, HashiCorp launched Vault with a number of features to make secret management easier to automate in Azure cloud. Yoko Hyakuna from HashiCorp joins Donovan Brown to show how Azure Key Vault can auto-unseal the HashiCorp Vault server, and then how HashiCorp Vault can dynamically generate Azure credentials for apps using its Azure secrets engine feature.HashiCorp Vault project websiteGet started with VaultAuto-unsealing Vault using Azure Key Vault guideVault server configuration with Azure Key VaultAzure Secrets Engine docHow does Vault encrypt data?Create a free account (Azure)
Learn about practical ways to ensure your Azure environment has been appropriately secured and you mitigate common threats. These actions will assist you in providing the necessary control around your Azure environment that limits the opportunity for security intrusions. These are critical actions due to the change in operational character of a cloud environment.