Risk is part of doing business and you can’t eliminate the risk completely. Our job is the minimize the risk
Continue reading »Category: Azure
Security Automation based on Actionable Intelligence (AI)- Stop the bad actors at the gate before they can get to your public websites in near real-time.
The solution or the idea in this post can be commercialized by security product vendors or entrepreneurs. Even though this
Continue reading »Access Azure SQL Databases over Private Connection from Azure vNET and On-Premise
Azure SQL is a PaaS regional service and by default it is accessible over the internet from anywhere. So, why
Continue reading »Deciphering the security of Azure Storage Blob access with Access Key and HMAC Signature
First of all, don’t use shared access key to access Azure Storage Account. It’s not recommended for security reason. Instead,
Continue reading »Kubernetes Sidecar Security Pattern with NGINX+ for Reverse Proxy + TLS + Jwt
Security is everyone’s responsibility but it does not have to be super complex and super costly. Today, we are going
Continue reading »Azure DNS private zones is now GA
More than a year ago, I needed a private dns zone in Azure to test End to end TLS/SSL Offloading
Continue reading »ThinkPHP Remote Code Execution Vulnerability and why we need to employ WAF at the edge gateways
I had no idea what this ThinkPHP is about until I Googled it but I knew someone is trying to
Continue reading »An Architect’s Journey to Kubernetes in AWS (EKS)
This would be my second post since I joined Fannie Mae and like many other companies Fannie Mae is big
Continue reading »Scoring SSL Lab A+ Rating at Azure Application Gateway
The basic tenets of data security (confidentiality and integrity)- data must be protected while in motion and at storage (rest).
Continue reading »Upgrade Azure Kubernetes Cluster without downtime
Few weeks earlier I received an email from Microsoft asking me to upgrade my Kubernetes cluster running in Azure. “If
Continue reading »