Are you O365 Administrator or InfoSec Architect? You may be interested to read this post. Some organizations don’t allow guest
Continue reading »Phishing Attacks via Messaging and the problem with internet specifications and standards
We all are familiar with email phishing but attackers are increasingly using other forms of communications since email servers are
Continue reading »AKS- Use Azure AD and RBAC to control access to your Kubernetes Cluster
Information Security professionals, this is one of the powerful capability that you don’t want your organization to miss. Integration of
Continue reading »Security Automation- Protect Azure App Services Applications
It’s been couple of months since I started security automation to stop the bad actors at the front gate and
Continue reading »Launch of Tools at ASPNET4YOU
Welcome to Tools at ASPNET4YOU (Beta)- a tool for developers! As Application/Solution Architect or InfoSec Architect, I was inspired by
Continue reading »Azure AD Application Permissions and How to Reduce Risk and Impact
Risk is part of doing business and you can’t eliminate the risk completely. Our job is the minimize the risk
Continue reading »AWS SFTP Service with Custom Identity Provider and SSH RSA Key based Authentication
As InfoSec Architect, part of my job is to review formal documentations provided by cloud provider (aws in this case)
Continue reading »Security Automation based on Actionable Intelligence (AI)- Stop the bad actors at the gate before they can get to your public websites in near real-time.
The solution or the idea in this post can be commercialized by security product vendors or entrepreneurs. Even though this
Continue reading »Access Azure SQL Databases over Private Connection from Azure vNET and On-Premise
Azure SQL is a PaaS regional service and by default it is accessible over the internet from anywhere. So, why
Continue reading »Deciphering the security of Azure Storage Blob access with Access Key and HMAC Signature
First of all, don’t use shared access key to access Azure Storage Account. It’s not recommended for security reason. Instead,
Continue reading »