Chapter 9. Azure Security, Identity Management, and DevSecOps

As cybersecurity has become a field of rising concern, a growing number and variety of threats and attacks are becoming an everyday reality. In this security battle, attackers are after the lowest hanging fruit, and they need to win only one attack attempt, while defenders need to win every time. Therefore, security is not a group of tasks that defenders must complete; it is not pulling a few levers to raise security posture. Defenders must embrace a holistic approach to security, including and considering everything to succeed and win the battle—architecture, identities, devices, applications, infrastructure, networking, development, lifecycles, operations, management, and, perhaps most importantly, a security mindset. Remember, a conscious security journey traveler must wear many different hats on this voyage that never ends.

Sasha Kranjac, CEO at Kloudatech, MCT, Microsoft MVP for Microsoft Security and Microsoft Azure, MCT Regional Lead, Microsoft RD, Certified EC-Council Instructor, CompTIA Instructor, and Security Architect

In Chapter 8, you learned about developing solutions with IoT and Maps services in Azure. You learned that the challenges of IoT include security, data privacy, and the challenges of building secured IoT applications and solutions. In this chapter, we dive into how to increase awareness about cybersecurity, specifically on the cloud, to develop reliable, robust, and secure Azure applications. ...