Securing workloads in azure: CMK for storage encryption

by Alex | February 24, 2023 Do you need to reach compliance by encrypting storage with customer managed keys? I will walk you through the steps to bring your own key if your HSM does not have a native Azure Key Vault integration.... READ MORE

Securing workloads in Azure: Part 3 setting up your own build server

by Alex | August 14, 2022 Once the apps service is secured, we can't deploy to it anymore from outside environments. We need to set up our own build server in our network. This post explains how to do that... READ MORE

Securing workloads in Azure: Part 2 making connections private

by Alex | July 26, 2022 After putting the WAF in place, the next challenge is to make sure requests from the web are flowing through the WAF and make sure the app service is not accessible from the public anymore. Enter private endpoints.... READ MORE

Securing workloads in Azure: Part 1 setting the scene for network security

by Alex | July 14, 2022 We want to run a website! Choose App services for running the website, SQL database for the backend. And finally: key vault for some secret storage. Yup. We’re secure. But what will the networking guys say? Will we pass inspection by CISO or DPO?... READ MORE

Securing queries for use with a centralized azure log analytics workspace

by Alex | January 05, 2022 Do you want a single pane of glass for monitoring your azure resources? In this post we take a look at one of the first questions you'll want to see answered: can I share information with my users without breaking privacy constraints?... READ MORE