Today I had the opportunity to speak at the Granite State Code Camp (#GSCC2021) in Manchester, NH. This was the first time I’ve given an in-person talk since the start of COVID and it was great to see so many smiling facing (even when partially obscured by a mask!). Last year my focus was a more in-the-weeds talk called Running Azure Securely – which of these Azure security features are for me?. This year I stepped back a level and focused on Compliance. In the session I discussed security vs. compliance, the shared responsibility model, and touched on a few other features, but spent ..read more

Tonight I had the opportunity to speak at #VirtualBostonAzure to talk about raising the visibility of security signals in your environment by turning on your WAF. In demos the WAF available in Azure Front Door was used. Slides: virtualbostonazure-billwilder-2020-dec-02.underattackandunaware-thewaf-1Download YouTube: https://www.youtube.com/watch?v=OWXTtCUNmes&feature=youtu.be ..read more

Yesterday I had the opportunity to speak at the Granite State Code Camp (#gscc) in Burlington, MA. As part of my series of talks on Running Azure Securely, my talk today was around defense in depth and was called Running Azure Securely – which of these Azure security features are for me?. The session was interactive, engaging a third-of-a-dozen folks in the audience in a discussion of how to defend various workloads using the (fictitious) page of photos app as a foil. Slide deck attached. GraniteStateCodeCamp-BillWilder-2019-Nov-02.AllTheseSecurityFeatures.PUBLISHED Also perhaps of interest ..read more

On 22-Oct-2019 I spoke at Boston Azure about network security and focused on some of the edges of using Azure DNS, and included some DNS subdomain hijacking awareness. The command dig CNAME bostonazuredemo.azuresecurely.com +short will check public DNS records for a CNAME, returning whatever it is mapped to, if anything. In the above screenshot: nothing returned from dig – this is before any DNS entry was created for the demo subdomain a cascade of CNAMES are returned from dig – this is after a DNS entry was created for the demo subdomain – and it pointed at an Azure Web App — the cascade her ..read more

Today I had the opportunity to speak at VT Code Camp #11 in Burlington, VT. As part of my series of talks on Running Azure Securely, my talk today was around defense in depth and was called Running Azure Securely – which of these Azure security features are for me?. The session was interactive, engaging a half-dozen folks in the audience in a discussion of how to defend various workloads using the (fictitious) page of photos app as a foil. Some Resources Mentioned Azure is in 54 regions around the world Which services support Managed Identities? (works with Azure Active Directory – AAD) Azure ..read more

Today I had the opportunity to speak at SQL Saturday #877 in Burlington, MA. As part of my series of talks on Running Azure Securely, my talk today was Running Azure SQL Database Securely and applied to Azure SQL DB and Azure SQL DB Managed Instances. Some Resources Mentioned Azure is in 54 regions around the world Azure has met so many compliance standards, they had to get the UX team involved! #goodproblemtohave Who logged into my Azure SQL Database? Setting up Azure SQL Database auditing (prerequisite for the above technique to figure out who logged in) Enable baseline protection policies ..read more

On Tuesday July, 30, 2019 I had the opportunity to speak at North Boston Azure. The talk was part of a series on Running Azure Securely and was called Are all these Azure security features for me? and was not really a “talk” in that it was highly interactive. For those who attended, you will recall we filled in some slides collaboratively. Thus, they may not appear so polished for those of you who did not join live. Either way, please find the slides (“collaborative” and all) below. This was an experimental approach for me and the feedback from the audience tells me it worked pretty well. The ..read more