Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cosmos DB Security

Muhammad Sajid
June 17, 2020
Technology
0
49

Cosmos DB Security

Muhammad Sajid

June 17, 2020
Tweet

More Decks by Muhammad Sajid

See All by Muhammad Sajid
When Stateful Serverless met Planet-scale Event-sourcing
msajid
0
140
Azure App configuration
msajid
2
750

Other Decks in Technology

See All in Technology
ここがすごいよ! AWS Systems Manager!
saichan11
0
1.8k
地理情報とAPIのトレンド
nagix
0
160
Amazon FSx for NetApp ONTAPのパフォーマンスチューニング要素をまとめてみた #cm_odyssey #devio2024
non97
0
220
可視化プラットフォームGrafanaの基本と活用方法の全て
hamadakoji
0
230
AWSサービスメニュー開発をしていてAWSを好きだ!と感じた瞬間
toru_kubota
0
130
サービスの持続的な成長と技術負債について
siva_official
PRO
10
4.4k
コミュニティサービスに「あなたへ」フィードを リリースするまでの試行錯誤
takapy
1
150
20240725 LLMによるDXのビジョンと、今何からやるべきか @Azure OpenAI Service Dev Day
nrryuya
3
1.2k
フルリモートワークはエンジニアの夢を叶えたか? #cm_odyssey
mamohacy
2
600
ソフトウェアエンジニアリングの知見を活かして データ基盤をいい感じにする on Snowflake [MIERUNE BBQ #10]
mtpooh
2
150
CTOから見た事業開発とプロダクト開発 / My Perspective on Business and Product Development as CTO
keisuke69
4
960
GoとアクターモデルでES+CQRSを実践! / proto_actor_es_cqrs
ytake
1
150

Featured

See All Featured
How GitHub (no longer) Works
holman
305
140k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
17
1.5k
Building an army of robots
kneath
301
42k
Product Roadmaps are Hard
iamctodd
PRO
48
10k
Gamification - CAS2011
davidbonilla
78
4.9k
Ruby is Unlike a Banana
tanoku
96
10k
WebSockets: Embracing the real-time Web
robhawkes
59
7.2k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
12
3.8k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
662
120k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
129
32k
Building a Scalable Design System with Sketch
lauravandoore
458
32k
How to Ace a Technical Interview
jacobian
274
23k

Transcript

  1. #StockholmAzure Meetup Sponsors

  2. Hardening Cosmos DB Security and Machine Learning In Microsoft Eco-System

    Muhammad Sajid Mohammed Osman

  3. Vi samarbeta med restaurang K-märkt och "Mattillvården". För varje anmäld

    deltagare lagar restaurang K-Märkt en härlig lunch/middagslåda och levererar den till Danderyds Sjukhus.

  4. Muhammad Sajid Cloud Solutions Architect with a passion for designing

    and developing cloud-native solutions. Interested in DDD, Distributed Event-Driven systems, BIG data, and IoT. @sajid_nazeer linkedin.com/in/musa
  5. None

  6. Hardening Cosmos DB Security

  7. Azure Policy support for Azure Cosmos DB

  8. Encryption at Rest (on by default) • Service managed Keys

    ◦ 1st layer of encryption • Customer managed Keys ◦ 2nd layer of encryption
  9. None

  10. Get, Wrap, Unwrap

  11. None
  12. None

  13. IP filter

  14. Minimum TLS version? And Weak ciphers

  15. None
  16. None
  17. None

  18. Network Isolation using Private link Private access to Azure PaaS

    Services
  19. None

  20. Demo

  21. Takeaways • Use Azure policies • Use customer managed keys

    feature only when required • Use Private link feature to reduce the attack surface • Contact Microsoft for TLS version • Don’t settle for the right solutions . Find new ones, and keep learning.

  22. Questions?

  23. @sajid_nazeer linkedin.com/in/musa