Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Cosmos DB Security
Search
Muhammad Sajid
June 17, 2020
Technology
0
55
Cosmos DB Security
Muhammad Sajid
June 17, 2020
Tweet
Share
More Decks by Muhammad Sajid
See All by Muhammad Sajid
When Stateful Serverless met Planet-scale Event-sourcing
msajid
0
140
Azure App configuration
msajid
2
850
Other Decks in Technology
See All in Technology
Unlocking the Power of AI Agents with LINE Bot MCP Server
linedevth
0
120
Oracle Base Database Service 技術詳細
oracle4engineer
PRO
10
75k
Aurora DSQLはサーバーレスアーキテクチャの常識を変えるのか
iwatatomoya
1
1.2k
Platform開発が先行する Platform Engineeringの違和感
kintotechdev
4
590
2つのフロントエンドと状態管理
mixi_engineers
PRO
3
160
Apache Spark もくもく会
taka_aki
0
140
Firestore → Spanner 移行 を成功させた段階的移行プロセス
athug
1
500
Modern Linux
oracle4engineer
PRO
0
160
2025/09/16 仕様駆動開発とAI-DLCが導くAI駆動開発の新フェーズ
masahiro_okamura
0
140
開発者を支える Internal Developer Portal のイマとコレカラ / To-day and To-morrow of Internal Developer Portals: Supporting Developers
aoto
PRO
1
480
職種の壁を溶かして開発サイクルを高速に回す~情報透明性と職種越境から考えるAIフレンドリーな職種間連携~
daitasu
0
190
機械学習を扱うプラットフォーム開発と運用事例
lycorptech_jp
PRO
0
670
Featured
See All Featured
Thoughts on Productivity
jonyablonski
70
4.8k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Java REST API Framework Comparison - PWX 2021
mraible
33
8.8k
Why You Should Never Use an ORM
jnunemaker
PRO
59
9.5k
Designing for Performance
lara
610
69k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
1.6k
For a Future-Friendly Web
brad_frost
180
9.9k
Docker and Python
trallard
46
3.6k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
15
1.7k
Site-Speed That Sticks
csswizardry
10
820
Building Better People: How to give real-time feedback that sticks.
wjessup
368
19k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
44
2.5k
Transcript
#StockholmAzure Meetup Sponsors
Hardening Cosmos DB Security and Machine Learning In Microsoft Eco-System
Muhammad Sajid Mohammed Osman
Vi samarbeta med restaurang K-märkt och "Mattillvården". För varje anmäld
deltagare lagar restaurang K-Märkt en härlig lunch/middagslåda och levererar den till Danderyds Sjukhus.
Muhammad Sajid Cloud Solutions Architect with a passion for designing
and developing cloud-native solutions. Interested in DDD, Distributed Event-Driven systems, BIG data, and IoT. @sajid_nazeer linkedin.com/in/musa
None
Hardening Cosmos DB Security
Azure Policy support for Azure Cosmos DB
Encryption at Rest (on by default) • Service managed Keys
◦ 1st layer of encryption • Customer managed Keys ◦ 2nd layer of encryption
None
Get, Wrap, Unwrap
None
None
IP filter
Minimum TLS version? And Weak ciphers
None
None
None
Network Isolation using Private link Private access to Azure PaaS
Services
None
Demo
Takeaways • Use Azure policies • Use customer managed keys
feature only when required • Use Private link feature to reduce the attack surface • Contact Microsoft for TLS version • Don’t settle for the right solutions . Find new ones, and keep learning.
Questions?
@sajid_nazeer linkedin.com/in/musa