Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cosmos DB Security

Avatar for Muhammad Sajid Muhammad Sajid
June 17, 2020
Technology
0
54

Cosmos DB Security

Avatar for Muhammad Sajid

Muhammad Sajid

June 17, 2020
Tweet

More Decks by Muhammad Sajid

See All by Muhammad Sajid
When Stateful Serverless met Planet-scale Event-sourcing
Avatar for Muhammad Sajid msajid
0
140
Azure App configuration
Avatar for Muhammad Sajid msajid
2
840

Other Decks in Technology

See All in Technology
怖くない!はじめてのClaude Code
Avatar for Shinya Masadome(東京AI祭) shinya337
0
400
United airlines®️ USA Contact Numbers: Complete 2025 Support Guide
Avatar for heron31238 unitedflyhelp
0
310
PO初心者が考えた ”POらしさ”
Avatar for (Ha)rady nb_rady
0
210
品質と速度の両立:生成AI時代の品質保証アプローチ
Avatar for odasho odasho
1
370
B2C&B2B&社内向けサービスを抱える開発組織におけるサービス価値を最大化するイニシアチブ管理
Avatar for Belong inc. belongadmin
2
7.1k
生まれ変わった AWS Security Hub (Preview) を紹介 #reInforce_osaka / reInforce New Security Hub
Avatar for MasahiroKawahara masahirokawahara
0
480
オーティファイ会社紹介資料 / Autify Company Deck
Avatar for Autify autifyhq
10
130k
事業成長の裏側:エンジニア組織と開発生産性の進化 / 20250703 Rinto Ikenoue
Avatar for SHIFT EVOLVE shift_evolve
PRO
3
22k
FOSS4G 2025 KANSAI QGISで点群データをいろいろしてみた
Avatar for kou_kita kou_kita
0
400
改めてAWS WAFを振り返る~業務で使うためのポイント~
Avatar for モブエンジニア masakiokuda
2
260
Delegating the chores of authenticating users to Keycloak
Avatar for Alexander Schwartz ahus1
0
140
Sansanのデータプロダクトマネジメントのアプローチ
Avatar for SansanTech sansantech
PRO
0
160

Featured

See All Featured
How to Ace a Technical Interview
Avatar for Jacob Kaplan-Moss jacobian
278
23k
Fashionably flexible responsive web design (full day workshop)
Avatar for Andy Clarke malarkey
407
66k
What’s in a name? Adding method to the madness
Avatar for Product Marketing Alliance productmarketing
PRO
23
3.5k
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
53
7.7k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
49
14k
Practical Tips for Bootstrapping Information Extraction Pipelines
Avatar for Matthew Honnibal honnibal
PRO
20
1.3k
Build The Right Thing And Hit Your Dates
Avatar for Maggie C. maggiecrowley
36
2.8k
Balancing Empowerment & Direction
Avatar for Lara Hogan lara
1
430
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
6
300
Rails Girls Zürich Keynote
Avatar for Gregor Martynus gr2m
95
14k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
430
65k
Fantastic passwords and where to find them - at NoRuKo
Avatar for Phil Nash philnash
51
3.3k

Transcript

  1. #StockholmAzure Meetup Sponsors

  2. Hardening Cosmos DB Security and Machine Learning In Microsoft Eco-System

    Muhammad Sajid Mohammed Osman

  3. Vi samarbeta med restaurang K-märkt och "Mattillvården". För varje anmäld

    deltagare lagar restaurang K-Märkt en härlig lunch/middagslåda och levererar den till Danderyds Sjukhus.

  4. Muhammad Sajid Cloud Solutions Architect with a passion for designing

    and developing cloud-native solutions. Interested in DDD, Distributed Event-Driven systems, BIG data, and IoT. @sajid_nazeer linkedin.com/in/musa
  5. None

  6. Hardening Cosmos DB Security

  7. Azure Policy support for Azure Cosmos DB

  8. Encryption at Rest (on by default) • Service managed Keys

    ◦ 1st layer of encryption • Customer managed Keys ◦ 2nd layer of encryption
  9. None

  10. Get, Wrap, Unwrap

  11. None
  12. None

  13. IP filter

  14. Minimum TLS version? And Weak ciphers

  15. None
  16. None
  17. None

  18. Network Isolation using Private link Private access to Azure PaaS

    Services
  19. None

  20. Demo

  21. Takeaways • Use Azure policies • Use customer managed keys

    feature only when required • Use Private link feature to reduce the attack surface • Contact Microsoft for TLS version • Don’t settle for the right solutions . Find new ones, and keep learning.

  22. Questions?

  23. @sajid_nazeer linkedin.com/in/musa