Tag Archives: Microsoft

BSidesCT Azure Security Talk

As I sit here on the nice shady patio enjoying my morning coffee, I figured I should probably post up my slide deck from my first official talk.  First of all BSidesCT was great!  The organizers made some classy laser cut badges this year and the CTF was a good time (actually got 4th in it!).  Will I submit another?  Who knows?  I think I will build on it a bit and learn more about ASP.NET in the process.  Ok, on to the side deck as my yard work is calling (thought I took Friday off for fun?)

Of Course My Cloud App is Secure, It’s in Azure

Some notes to add to the deck when it comes to the logging Azure Websites:

  • Azure has added the ability to bring log files down via FTP/FTPS.
  • They have added other log tools such as Log Stream which lets you watch your application and web log activity.
  • Azure PowerShell can do it using get-azurewebsitelog –name <appname> -Tail
  • Azure Powershell can do it with save-azurewebsitelogSaves to zip in directory you run the command from.

Other items to note when moving to any cloud solution:

  • Many security features are not enabled by default, though Microsoft does notify you of certain ones to turn on through Security Center
  • You can encrypt your Azure SQL Databases!
  • You can enable 2FA for your Azure/Live Account as well as implementing it within Azure for Azure AD or Web Apps.
  • Review your SLAs!!!
  • And of course way the risks of any cloud service.  Not all data is created equal and some of it is better off staying on-premise.

OK the temp is rising and it isn’t even noon yet, the yard awaits!