OWASP Toronto - Oct 2018 Event: Azure Cloud Security Workshop

Hi everyone,

I am very excited to announce our October OWASP Toronto chapter event, which will be hands-on Azure Security Workshop run by Tanya Janca, the chapter lead of OWASP Ottawa!

Tanya Janca is a senior cloud developer advocate for Microsoft, specializing in application security; evangelizing software security and advocating for developers through public speaking, her open source project OWASP DevSlop, and various forms of teaching via workshops, blogs and community events. As an ethical hacker, OWASP Project and Chapter Leader, software developer and professional computer geek of 20+ years, she is a person who is truly fascinated by the ‘science’ of computer science.

You can find out more about Tanya here:
@SheHacksPurple
http://devslop.co/
https://medium.com/@shehackspurple
https://www.slideshare.net/TanyaJanca
https://www.youtube.com/channel/UCyxbNw11fMUgoR3XpVYVPIQ
https://www.twitch.tv/shehackspurple

Please note that Shopify has graciously offered to host us this month at their 80 Spadina Ave, Toronto offices.

As usual, space is limited, so please confirm your attendance on our Meetup event pages (see links below).

Thanks,
Opheliar Chan

-----

Date/Time: October 1, 2018, 6:00 PM to 8 PM EDT
Location: 80 Spadina Avenue, Toronto, ON

Have you ever wondered how security is different ‘in the cloud’? Where do you store your certificates? Your keys? Your connection strings? How can you see what’s going on with your resources? How do you patch? Where can you see your server configs other important information? How do you manage an security incident? How do you even know that you’re having an incident?

This first half of this workshop will be a demo where the audience follows along, the second part will be for audience members to build things and secure them, in Azure.

Demo will include:
• Complete Azure Security Centre walkthrough
• Policy and compliance, including subscription coverage
• Resource Security Hygiene
• Azure Security Centre Recommendations (mitigation of one or more items, dependent on time)
• Threat Protection, Alerts and Threats
• Applying System Updates
• Key Vault

Audience Participation
(people who do not have a laptop can follow along with the teacher)
• Create a DevOps project, from scratch, and publish to the internet. (20-30 mins)
• Turn on Security Centre (5 mins)
• Check your security configurations and settings to ensure your new app is safe. (10 mins)
• More as time permits.

What you will need if you want to participate after the demo:
▪ A laptop running any modern operating system (Mac OS, Windows, Linux)
▪ Modern web browser (Safari, Edge, Chrome, FireFox)
▪ Wi-fi and internet
▪ An activated Azure Trial. Please activate your trial before the workshop. The workshop will not wait if you have not activated your trail.

To activate your free Azure trail for this workshop please go here: https://aka.ms/Azure-Cloud-Security-Workshop

** If you have previously used your free Azure Trail you will not be able to have another one for this workshop.
**You will need to use a credit card to activate your trial, but the trial itself is free for 30 days, up to $200. We will use up to $30 of your credit with this workshop.