John Alves: Exploring Microsoft Azure Security Platforms and Capabilities
10/12/22 • 42 min
Brandon Evans is joined by John Alves of CyberOne, who is also an up-and-coming instructor for SANS SEC510: Public Cloud Security: AWS, Azure, and GCP, to take a deep-dive into Microsoft Azure security platforms, creating cloud security learning paths for those you manage, and getting involved with the SANS community.
Our Guest - John Alves
Twitter: @cyberlowdown
LinkedIn: https://www.linkedin.com/in/alves-john/
Resources mentioned in this episode:
For Sentinal Training - https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/become-a-microsoft-sentinel-ninja-the-complete-level-400/ba-p/1246310
Tool specific training around Microsoft tools (Sentinel, Defender for Cloud, Sentinal Automation, etc) - https://azurecloudai.blog/2021/05/12/all-the-microsoft-ninja-training-i-know-about/
Sponsor's Note:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Discord | Twitter | LinkedIn | YouTube
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Brandon Evans is joined by John Alves of CyberOne, who is also an up-and-coming instructor for SANS SEC510: Public Cloud Security: AWS, Azure, and GCP, to take a deep-dive into Microsoft Azure security platforms, creating cloud security learning paths for those you manage, and getting involved with the SANS community.
Our Guest - John Alves
Twitter: @cyberlowdown
LinkedIn: https://www.linkedin.com/in/alves-john/
Resources mentioned in this episode:
For Sentinal Training - https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/become-a-microsoft-sentinel-ninja-the-complete-level-400/ba-p/1246310
Tool specific training around Microsoft tools (Sentinel, Defender for Cloud, Sentinal Automation, etc) - https://azurecloudai.blog/2021/05/12/all-the-microsoft-ninja-training-i-know-about/
Sponsor's Note:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Discord | Twitter | LinkedIn | YouTube
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Previous Episode
Panel Discussion: Cloud Identity and Access Management
This episode features a panel of three of the top Cloud Identity and Access Management experts in the world. Kat Traxler, Karl Fosaaen, and Kyler Middleton are incredibly knowledgable about how IAM works in all three cloud providers, but Kyler specializes in AWS, Karl spends most of his time with Azure, and Kat is our resident GCP guru. Each panelist will represent their primary cloud’s strengths and weaknesses. Which provider will come out on top? Will any cloud provider leave this conversation unscathed? Join Brandon Evans and the panel to find out.
Resources mentioned in this episode
AWS STS assume theory video - https://www.iampulse.com/resources/videos/aws-sts-primer-why
AWS STS how-to video: https://www.iampulse.com/resources/videos/aws-sts-primer-demo
Restricting Hop Limits with your AWS tokens: https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/configuring-instance-metadata-service.html
https://pumasecurity.io/resources/blog/cloud-security-instance-metadata/
https://www.netspi.com/blog/technical/cloud-penetration-testing/extract-credentials-from-azure-kubernetes-service/
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html
Sponsor's Note:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Revie
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Next Episode
Aaron Hutson: Breaking into Cloud Security as a SysAdmin
Aaron Hutson walks Brandon Evans through his journey from being an on-prem SysAdmin and cloud skeptic to a cloud security student, consultant, and educator who has worked on the Defense Information Systems Agency (DISA) Secure Cloud Computing Architecture initiative.
Our Guest - Aaron Hutson
Aaron is a passionate advocate for cybersecurity, information technology and education. Aaron holds a Master of Science in Cybersecurity and numerous certifications, such as CISSP, AWS CSAP, GCIH, OSCP and many more. He has worn many hats and is backed by diverse professional experience across the IT, cybersecurity, and education fields. Aaron believes in the constant pursuit of knowledge to stay relevant and stay informed, and when he’s not learning something new, he’s sharing what he knows as an educator to help others understand the many intricacies in IT and cybersecurity.
Sponsor's Note:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
Discord | Twitter | LinkedIn | YouTube
SPONSER NOTE:
Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs.
Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.
Review and Download Cloud Security Resources: sans.org/cloud-security/
Join our growing and diverse community of cloud security professionals on your platform of choice:
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/cloud-ace-215853/john-alves-exploring-microsoft-azure-security-platforms-and-capabiliti-24264415"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to john alves: exploring microsoft azure security platforms and capabilities on goodpods" style="width: 225px" /> </a>
Copy