PolySécure Podcast

Teknik - Évaluer sa posture de sécurité avec Defender for Cloud - Parce que... c'est l'épisode 0x325!

Listen Later
Parce que… c’est l’épisode 0x325!
Shameless plug
  • 10 au 13 août 2023 - DEFCON
  • 25 au 27 août 2023 - Blue Team Con
  • 29 au 31 août 2023 - Google Next ‘23
  • 21 au 23 novembre 2023 - European Cyber Week
  • février 2024 - SéQCure
  • Formation Crise et résilience
    • Ateliers et conférences (Auto évaluation)
    • Formation PCA 2022
    • 4 Guides pour survivre à une CyberCrise
    • Formation PCA en ligne
      • Notes
      • (Azure AdvisorAzure Advisor (WAF assistant))[https://learn.microsoft.com/en-us/azure/architecture/framework/]
        • WHAT : Azure Well-Architected Framework assitant
        • (Microsoft Defender for Cloud (MDFC) - Cloud-native application protection platform (CNAPP))[https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-cloud-security-posture-management]
          • WHAT
            • CSPM - Cloud Security Posture Management
            • CWPP - Cloud Workload Protection
            • Multi-Cloud Protection
            • (Azure Policy (Compliance))[https://learn.microsoft.com/en-us/azure/governance/policy/]
              • WHAT : helps to enforce organizational standards and to assess compliance at-scale
              • (Details of the Canada Federal PBMM Regulatory Compliance built-in initiative)[https://learn.microsoft.com/en-us/azure/governance/policy/samples/canada-federal-pbmm]
              • (Azure Governance Visualizer aka AzGovViz (Dashboard for managers and architects))[https://github.com/JulianHayward/Azure-MG-Sub-Governance-Reporting]
                • (AzGovViz)[https://www.azadvertizer.net/azgovvizv4/demo/AzGovViz_demo.html]
                • (Cloud Adoption Framework)[https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/resources/tools-templates]
                • WHAT
                  • PowerShell script that captures Azure Governance related information such as Azure Policy, RBAC (a lot more) by polling Azure ARM, Storage and Microsoft Graph APIs.
                  • Tool listed in the Microsoft CAF : Tools and templates
                  • (Can include : PSRule.Rules.Azure)[https://github.com/Azure/PSRule.Rules.Azure]

                    • Azure Quick Review aka azqr (best practice review)

                    WHAT : high level assessment of an Azure Subscription or Resource Group
                    https://github.com/Azure/azqr

                    • (Azure AD Security - Identity Secure Score)[https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/identity-secure-score]
                      • WHAT : indicator for how aligned you are with Microsoft’s best practice recommendations for security.
                      • (Azure Template-analyzer (IaC analyzer))[https://github.com/Azure/template-analyzer]
                        • WHAT : Template scanner for security misconfiguration and best practices
                        • (Azure CCOInsights (Dashboard for managers and architects))[https://github.com/Azure/CCOInsights]
                          • WHAT : Dashboards PowerBI with insights about Azure advisor optimizations, Azure Security Center Alerts, Networking, Compute, RBAC, Idle resources and Subscriptions Quotas and Limits
                            • Collaborateurs
                            • Nicolas-Loïc Fortin
                            • Arnaud Landry
                              • Crédits
                              • Montage par Intrasecure inc
                              • Locaux virtuels par Riverside.fm
                                • ...more
                                View all episodesView all episodes
                                Download on the App Store
                                PolySécure PodcastBy Nicolas-Loïc Fortin et tous les collaborateurs

                                More shows like PolySécure Podcast

                                View all
                                Tech Café by Guillaume Vendé

                                Tech Café

                                12 Listeners

                                Silicon Carne, un peu de picante dans un monde de Tech ! by Carlos Diaz

                                Silicon Carne, un peu de picante dans un monde de Tech !

                                76 Listeners