Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Cosmos DB Security
Search
Muhammad Sajid
June 17, 2020
Technology
0
54
Cosmos DB Security
Muhammad Sajid
June 17, 2020
Tweet
Share
More Decks by Muhammad Sajid
See All by Muhammad Sajid
When Stateful Serverless met Planet-scale Event-sourcing
msajid
0
140
Azure App configuration
msajid
2
840
Other Decks in Technology
See All in Technology
Bill One 開発エンジニア 紹介資料
sansan33
PRO
4
13k
Digitization部 紹介資料
sansan33
PRO
1
4.5k
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
sansan33
PRO
0
2.7k
Snowflake Intelligenceという名のAI Agentが切り開くデータ活用の未来とその実現に必要なこと@SnowVillage『Data Management #1 Summit 2025 Recap!!』
ryo_suzuki
1
160
QuickSight SPICE の効果的な運用戦略~S3 + Athena 構成での実践ノウハウ~/quicksight-spice-s3-athena-best-practices
emiki
0
290
セキュアなAI活用のためのLiteLLMの可能性
tk3fftk
1
330
[SRE NEXT] ARR150億円_エンジニア140名_27チーム_17プロダクトから始めるSLO.pdf
satos
5
3k
IPA&AWSダブル全冠が明かす、人生を変えた勉強法のすべて
iwamot
PRO
2
230
ソフトウェアQAがハードウェアの人になったの
mineo_matsuya
3
200
衛星運用をソフトウェアエンジニアに依頼したときにできあがるもの
sankichi92
1
1k
60以上のプロダクトを持つ組織における開発者体験向上への取り組み - チームAPIとBackstageで構築する組織の可視化基盤 - / sre next 2025 Efforts to Improve Developer Experience in an Organization with Over 60 Products
vtryo
3
1.9k
毎晩の 負荷試験自動実行による効果
recruitengineers
PRO
5
180
Featured
See All Featured
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
18
990
Understanding Cognitive Biases in Performance Measurement
bluesmoon
29
1.8k
Designing Experiences People Love
moore
142
24k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Build The Right Thing And Hit Your Dates
maggiecrowley
37
2.8k
VelocityConf: Rendering Performance Case Studies
addyosmani
332
24k
Stop Working from a Prison Cell
hatefulcrawdad
271
21k
The Cost Of JavaScript in 2023
addyosmani
51
8.6k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
331
22k
Site-Speed That Sticks
csswizardry
10
700
Transcript
#StockholmAzure Meetup Sponsors
Hardening Cosmos DB Security and Machine Learning In Microsoft Eco-System
Muhammad Sajid Mohammed Osman
Vi samarbeta med restaurang K-märkt och "Mattillvården". För varje anmäld
deltagare lagar restaurang K-Märkt en härlig lunch/middagslåda och levererar den till Danderyds Sjukhus.
Muhammad Sajid Cloud Solutions Architect with a passion for designing
and developing cloud-native solutions. Interested in DDD, Distributed Event-Driven systems, BIG data, and IoT. @sajid_nazeer linkedin.com/in/musa
None
Hardening Cosmos DB Security
Azure Policy support for Azure Cosmos DB
Encryption at Rest (on by default) • Service managed Keys
◦ 1st layer of encryption • Customer managed Keys ◦ 2nd layer of encryption
None
Get, Wrap, Unwrap
None
None
IP filter
Minimum TLS version? And Weak ciphers
None
None
None
Network Isolation using Private link Private access to Azure PaaS
Services
None
Demo
Takeaways • Use Azure policies • Use customer managed keys
feature only when required • Use Private link feature to reduce the attack surface • Contact Microsoft for TLS version • Don’t settle for the right solutions . Find new ones, and keep learning.
Questions?
@sajid_nazeer linkedin.com/in/musa