Cloud is the future, and it's already cutting across all Microsoft products and platforms. This Group intends to build a strong community around Microsoft cloud offerings, helping members build and migrate workloads to Microsoft Azure and related platforms. We will meet monthly once to discuss latest cloud developments and share the lessons from trenches. Looking forward for all the Cloud and Microsoft enthusiasts in helping build a vibrant community.
In this meeting we will discuss implementing security with Azure Policies in Azure tenant with real world examples demonstration of Its usage.
Azure policy is a service inside Azure that allows for configuration management.
It executes every time you change an existing resource or add a new resource in Azure tenant.
It has a set of rules that if met, triggers set of actions - which may take place to either report a non-compliance of configured rules or even deny the action altogether if the rule does not match.
This provides an excellent way to enforce security rules on Azure infrastructure on every possible resource in Azure without relying on development and infrastructure teams to follow the best security practices
Common use cases :
· Enforce creating Virtual machines ONLY on selected azure regions
· Enforce usage of approved golden image for virtual machines
· And many more…
Speaker - Ashish Gupta [VP, Cloud Security Operations, LPL Financial]
Ashish helped start the cloud security operations and Fraud detection operations under information security department in LPL Financial.
Before this, he was a core member of the security engineering and then led the incident response and digital forensics team in LPL Financial.
Before joining the Information security team in 2016, Ashish was a developer/architect in .NET/SQL and TIBCO.
Currently he focusses on pen testing the LPL Financial infrastructure and application - on-prem and Cloud (AWS/Azure) , with focus on recommendations for enhancements of security posture and remediation of security issues