Attack services are cheap Highest average price Exploit kits: Zero-days: Ransomware: Loads (compromised device): Spearphishing services: Compromised accounts: Breaching services on a per job basis: Denial of Service: Attack services are cheap Zero-days: Price: $5,000 to $350,000 Exploit kits: Price: $1,400 per month Ransomware: Price: $66 upfront or 30% of the profit (affiliate model) Loads (compromised device): Price: PC - $0.13 to $0.89 Mobile - $0.82 to $2.78 Spearphishing services: Price: $100 to $1,000 per successful account take over Compromised accounts: Breaching services on a per job basis: Price range: $250 or much more Denial of Service: Price: $766.67 per month https://aka.ms/CyberHygiene Agenda What is Azure Security compass? Extensive Visualizations aka.ms/AzureSecuri tyArchitecture aka.ms/AzureSecuri tyCompass aka.ms/AzureSecuri tyCompass-Videos Visibility Across Your Estate with Secure Score NEW (Private Preview) – Percentage based reporting for easier tracking/benchmarking NEW (Private Preview) – Recommendation Grouping for Clarity (attack vectors/security controls) Top 10 Best Practices Best Practices 1 - 5 1 2 3 4 5 Operationalize Secure Score for cleaning up risk Passwordless or MFA for admins Enterprise segmentation & Zero Trust preparation Enable Threat Protection for Azure Resources Follow guidance to secure your DevOps Best Practices 6 - 10 6 7 8 9 10 Assign and Publish Roles/ Responsibilities Choose Firewall Strategy Implement Web Application Firewalls Choose DDoS Mitigation for Critical Apps Consider Retiring Legacy/Classic Technology Calls To Action Follow Best Practices Learn More aka.ms/AzureSecurityCompass-Videos aka.ms/AzureSecurityCompass aka.ms/AzureSecurityArchitecture Share Provide Feedback https://aka.ms/SecurityCommunity https://aka.ms/MicrosoftSecurityPreviewProgram 1 Operationalize Secure Score SUGGESTED PROCESS OWNERS OPERATIONALIZE AZURE SECURE SCORE Monitor Secure Score Improve Score Area Compute and Apps Resources • Vulnerability Management (or Governance/Risk/Compliance team) Responsible Technical Team App Services ▪ Application Development/Security Team(s) Containers ▪ Application Development and/or Infrastructure/IT Operations VMs/Scale sets/compute ▪ IT/Infrastructure Operations NOTE: Each DevOps team may be responsible for their application resources Gamify the activity if possible to increase engagement. https://docs.microsoft.com/ en-us/azure/security-center/ security-center-secure-score Important: The score you see depends on which subscriptions you have permission to Data & Storage Resources SQL/Redis/Data Lake Analytics/Data Lake Store ▪ Database Team Storage Accounts ▪ Storage/Infrastructure Team Identity and Access Resources Subscriptions ▪ Identity Team(s) Key Vault ▪ Information/Data Security Team Networking Resources ▪ Networking Team ▪ Network Security Team IoT Security ▪ IoT Operations Team 2 CRITICAL BEST PRACTICES https://channel9.msdn.com/events/Ignite/Microsoft-Ignite-Orlando-2017/BRK3016 http://aka.ms/HelloForBusiness https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authenticationphone-sign-in https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates Note: Text Message based MFA is now relatively inexpensive for attackers to bypass, so focus on passwordless & stronger MFA http://aka.ms/secureworkstation 3 Enterprise segmentation & Zero Trust preparation Public IP Monitor for Attacks 4 Monitor for Potential Attacks ▪ VMs on Azure (Windows, ▪ ▪ ▪ ▪ Linux, and Installed Applications) VMs on 3rd party clouds and IaaS Azure Container and Azure Kubernetes Services (AKS) Azure SQL Database and Azure SQL Data Warehouse Azure Storage Accounts ▪ Azure Cosmos DB ▪ SQL Server running on IaaS ▪ ▪ ▪ ▪ VMs IoT Devices On-premises servers (via Windows Admin Center (WAC)) Azure App Service And more… As Required, Export to or integrate with your SIEM / analytics 5 FOLLOW DEVOPS SECURITY GUIDANCE https://azsk.azurewebsites.net/ https://www.owasp.org/index.php/OWASP_AppSec_Pipelin e#tab=Main Securing DevOps: Integrate security into the process Reduce risk natively in Continuous Integration / Continuous Delivery (CI/CD) with real-time developer guidance, build checks, and more Regular risk reduction and governance activities like Threat modelling, Training, etc. Monitoring and Response processes to ensure cl

pdf文档 微软 Top 10 Azure安全最佳实践Top 10 Azure Security Best Practise

文档预览
中文文档 25 页 50 下载 1000 浏览 0 评论 0 收藏 3.0分
温馨提示:本文档共25页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
微软 Top 10 Azure安全最佳实践Top 10 Azure Security Best Practise 第 1 页 微软 Top 10 Azure安全最佳实践Top 10 Azure Security Best Practise 第 2 页 微软 Top 10 Azure安全最佳实践Top 10 Azure Security Best Practise 第 3 页
下载文档到电脑,方便使用
本文档由 思安 于 2022-10-19 12:25:28上传分享
站内资源均来自网友分享或网络收集整理,若无意中侵犯到您的权利,敬请联系我们微信(点击查看客服),我们将及时删除相关资源。