Today, I went through the part 4 of Azure Fundamentals by MS Learn. Part 4 is about my favorite subject, security. Before starting this journey, I was spending most of my time expanding my knowledge and experience in cybersecurity. I hope to utilize the knowledge I acquired in my cloud studies.
Today I learned about:
- Azure Security Center: This is pretty much like an on-cloud Security Operations Center (SOC). It is a monitoring service that provides visibility for the security posture of resources.
- Azure Sentinel: Sentinel collects data from all points of your cloud architecture. It can be called the SIEM of the cloud.
- Azure Key Vault: Centralized cloud service for storing secrets such as passwords, API keys, certificats etc.
- Azure Dedicated Hosts: If for compliance or any other reason you need your application to be the sole application running on that particular hardware, you can achieve this through Dedicated Hosts.
- Azure Firewall: Azure's Firewall service that helps protect resources in Azure Virtual Networks.
- Azure DDoS Protection: Denial of Service protection. It offers two tiers. Basic tier is free and automatically enabled in for your services. Standard tier provides some additional mitigation capabilities, but not free.
- Network Security Groups: These can be used as internal firewalls. They can manage and block the internal traffic between different resources.