I've heard this question come up a few times so I thought it would be a good blog topic: what's the difference between "STIX" and "TAXII"?

It's actually pretty straight-forward:

• STIX stands for "Structured Threat Information Expressions" and is a structured data format for . . .

Read More

This was another topic that was a little confusing: what's the difference between Azure Blueprints and Azure Landing Zone?

I came across various Microsoft documentation but it was still a little... vague.

Here's a nice table, provided courtesy of Google Bard:

(usual disclaimer about AI-provided . . .

Read More

Azure Subscriptions are (to me at least) an interesting concept/term. I've taken several Microsoft exams involving the topic but to date, I haven't necessarily found a succinct way to describe them. This description in SC-100 training documentation is one of the best I've seen:

Everything starts with a subscription, . . .

Read More

Maybe it's just me, but I was starting to get a little confused on the differences in Azure workload security options. There's essentially three elements:

• "Security Recommendations"
• "Alerts"
• "Vulnerability Assessment"

What's the difference though? Just for the heck . . .

Read More

While studying for the SC-100, there's a few terms that kept coming up:

• "Cloud Workload Protection Platform" (CWPP)
• "Cloud Security Posture Management" (CSPM)

I can infer some context based on the names but I was curious to know exactly what the difference was between them. Thankfully, . . .

Read More

Just a note and friendly reminder that summaries for the Microsoft Cloud Security Benchmark (MCSB) control domains are available here. The table on this page does a great job of summarizing what each of the domains do.

Read More