[SC-100] Sensitive Operations Report Workbook

August 16, 2023

Just a friendly reminder that the Microsoft sensitive operations report workbook exists and can be super helpful.

For those unfamiliar, it's an Azure Monitor workbook designed to capture activities/events that could be critical or impactful for Azure AD. Examples include:

  • Modified application and service . . .

Read More

[SC-100] Data Residency Exceptions For Azure

Exceptions you say? Hmm...

August 15, 2023

This is just a quick note to remind folks that cloud service providers can (and often do) have exceptions to data residency. As an example, check out Microsoft Azure's platform notes here.

Operational statements like this change from moment to moment but, for the purpose of illustration, here's an example line:

. . .

Read More

[SC-100] Azure Blueprints vs Azure Landing Zone

August 13, 2023

This was another topic that was a little confusing: what's the difference between Azure Blueprints and Azure Landing Zone?

I came across various Microsoft documentation but it was still a little... vague.

Here's a nice table, provided courtesy of Google Bard:

sb_float_center

(usual disclaimer about AI-provided . . .

Read More

[SC-100] The purpose of Azure Subscriptions

August 13, 2023

Azure Subscriptions are (to me at least) an interesting concept/term. I've taken several Microsoft exams involving the topic but to date, I haven't necessarily found a succinct way to describe them. This description in SC-100 training documentation is one of the best I've seen:

Everything starts with a subscription, . . .

Read More

[SC-100] Defender for Cloud - Recommendations vs Alerts vs Vulnerability Assessment

August 13, 2023

Maybe it's just me, but I was starting to get a little confused on the differences in Azure workload security options. There's essentially three elements:

  • "Security Recommendations"
  • "Alerts"
  • "Vulnerability Assessment"

What's the difference though? Just for the heck . . .

Read More

[SC-100] CWPP vs CSPM

Gotta love acronyms and abbreviations, right?

August 12, 2023

While studying for the SC-100, there's a few terms that kept coming up:

  • "Cloud Workload Protection Platform" (CWPP)
  • "Cloud Security Posture Management" (CSPM)

I can infer some context based on the names but I was curious to know exactly what the difference was between them. Thankfully, . . .

Read More

[SC-100] MCSB Compliance Control Overview

August 12, 2023

Just a note and friendly reminder that summaries for the Microsoft Cloud Security Benchmark (MCSB) control domains are available here. The table on this page does a great job of summarizing what each of the domains do.

Read More

Archive
   Subscribe by email and never miss a post.

This update link alerts you to new Silvrback admin blog posts. A green bubble beside the link indicates a new post. Click the link to the admin blog and the bubble disappears.

Got It!