You’ve read a blog post or Microsoft documentation on how to run your project in Azure.

You are about to publish your application to the public. STOP!

In this demo, we review Azure Security tips for a typical web application that uses IaaS, PaaS, and FaaS [serverless] resources.

#Audience Level - ALL
#Duration - 45 minutes

#Intro

As technologists, we have to often move fast and learn fast to get our jobs done. We search out content that gets us started. We confirm the basic functionality and look to move on to the next item. While blogs and Microsoft documentation is great it is ultimately demoware. Demoware is not production ready! In this talk, we cover how to improve the security for common Azure resources.

I will review a typical demoware website application that uses Azure SQL. I will show the components and functionality of the solution.
Then I will secure the solution with an overview of the security recommendations.

#Azure RBAC

* How this impacts Azure Resource Group organization

#Security for IaaS

* Azure Virtual Machines
* VNET's
* Azure Storage

#Security for PaaS

* Azure SQL
* Azure Web Apps

#Security for FaaS

* Azure Functions
* Azure Logic Apps