Archive on justinverstijnen.nl

Microsoft Defender External Attack Surface Management (EASM)

Sun, 01 Dec 2024 00:00:00 +0000

Microsoft Defender External Attack Surface Management (EASM) is a security solution for an organization’s external attack surfaces. It operates by monitoring security and operational integrity across the following assets:

Websites
IP addresses
Domains
SSL certificates
Other digital assets

In addition to these components, EASM can also forward all relevant information and logs to SIEM solutions such as Microsoft Sentinel.

It is also possible to manually input company-specific data, such as all domain names and IP addresses associated with its services.

Azure Key Vault

Tue, 26 Nov 2024 00:00:00 +0000

Azure Key Vault is a type of vault used to store sensitive technical information, such as:

Certificates
Secrets
Keys

What sets Azure Key Vault apart from a traditional password manager is that it allows software to integrate with the vault. Instead of hardcoding a secret, the software can retrieve it from the vault. Additionally, it is possible to rotate a secret every month, enabling the application to use a different secret each month.

The MITRE ATTACK Framework

Mon, 25 Nov 2024 00:00:00 +0000

The MITRE ATTACK (ATT&CK) Framework is a framework which describes all stages and methods cyberattacks attacks are launched on companies in the last 15 years. The main purpose of the framework is to help Red and Blue security teams to harden their systems and to provide a library of known attacks to help mitigate them.

MITRE is the organization who is in charge of this community-driven framework and is a non-profit organization. ATT&CK stands for:

The Zero Trust-model

Mon, 25 Nov 2024 00:00:00 +0000

The Zero Trust model is a security model to enhance your security posture by using 3 basic principles, and segmenting aspects of your IT environment into pillars.

The 3 primary principles are:

Verify Explicitly
Least privileged access
Assume Breach

At first, those terms seem very unclear to me. To further clarify the principles, i have added some practice examples to further understand what they mean:


Principle	Outcomes
Verify Explicity	Ensure people are really who they say they are Audit every login attempt from specific users Audit login attempts Block access from non-approved countries
Least privileged access	Assign users only the permissions they need, not more Assign only the roles when they need them using PIM Use custom roles when default roles expose too much permissions
Assume breach	At every level, think about possible breaches Segment your network Password-based authentication only is too weak

The model is the best illustrated like this:

Introduction to the Microsoft Cloud Security Benchmark (MCSB)

Tue, 16 Apr 2024 00:00:00 +0000

In the modern era like where we are today, security is a very important aspect of every system you manage. Bad security of 1 system can mess with all your systems.

So have a good overview of how secure your complete IT environment is, Microsoft released the Microsoft Cloud Security Benchmark, which is an collection of high-impact security recommendations you can use to secure your cloud services, even when utilizing a hybrid environment. When using Microsoft Defender for Cloud, this MCSB is included in the recommendations.

Introduction to the Azure Well-Architected Framework

Tue, 02 Apr 2024 00:00:00 +0000

The Azure Well-Architected Framework is a framework to improve the quality of your Microsoft Azure Deployment. This does it by spanning 5 pillars so an architect can determine with IT decision makers how they can get the most Azure with the planned budget.

The 5 pillars of the Well-Architected Framework are:


Pillar	Target
Reliability	The ability to recover a system and/or contine to work
Security	Secure the environment in all spots
Cost Optimization	Maximize the value when minimizing the costs
Operational Excellence	The processes that keep a system running
Performance Efficiency	The ability to adapt to changes

Cloud Adoption Framework Introduction (CAF)

Thu, 04 Jan 2024 00:00:00 +0000

More and more organizations are moving to the cloud. In order to do this succesful, we can use the Cloud Adoption Framework which is described by Microsoft.

The framework is a succesful order of processes and guidelines which companys can use to increase the success of adopting the cloud. The framework is described in the diagram below:

The CAF has the following steps:

Strategy: Define the project, define what you want to achieve and define the business outcomes.
Plan: Plan your migration, determine the plans and make sure the environment readiness is at a good level.
Ready (and migrate): Prepare your new cloud environment for planned changes and migrate your workloads to the cloud.
Optimize: After migrating to the cloud, optimize your environment by using the beste solutions possible and innovate at this level.
Secure: Improve the security of your workloads and plan your perodical security checks.
Manage: Manage operations for cloud and hybrid solutions.
Govern: Govern your environment and its workloads.

Intention of use

Increase the chance of your cloud success
Gives you a best practice of how to perform the migration by proven methodology
Ensures you don’t miss a crucial step

Intended users/audience

IT Decision makers
Company Management Teams
Companies who want to profit from cloud solutions
Companies that are planning to migrate to the cloud
Technicians and project managers for planning the migration

For more information, check out this page: https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/scenarios/