Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Cosmos DB Security
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Muhammad Sajid
June 17, 2020
Technology
0
56
Cosmos DB Security
Muhammad Sajid
June 17, 2020
Tweet
Share
More Decks by Muhammad Sajid
See All by Muhammad Sajid
When Stateful Serverless met Planet-scale Event-sourcing
msajid
0
150
Azure App configuration
msajid
2
860
Other Decks in Technology
See All in Technology
Azure Durable Functions で作った NL2SQL Agent の精度向上に取り組んだ話/jat08
thara0402
0
110
学生・新卒・ジュニアから目指すSRE
hiroyaonoe
1
370
あたらしい上流工程の形。 0日導入からはじめるAI駆動PM
kumaiu
4
680
茨城の思い出を振り返る ~CDKのセキュリティを添えて~ / 20260201 Mitsutoshi Matsuo
shift_evolve
PRO
1
100
Azure SRE Agent x PagerDutyによる近未来インシデント対応への期待 / The Future of Incident Response: Azure SRE Agent x PagerDuty
aeonpeople
0
270
変化するコーディングエージェントとの現実的な付き合い方 〜Cursor安定択説と、ツールに依存しない「資産」〜
empitsu
4
1.1k
しろおびセキュリティへ ようこそ
log0417
0
250
toCプロダクトにおけるAI機能開発のしくじりと学び / ai-product-failures-and-learnings
rince
6
5.1k
エンジニアとマネジメントの距離/Engineering and Management
ikuodanaka
3
700
Amazon Bedrock AgentCore EvaluationsでAIエージェントを評価してみよう!
yuu551
0
210
~Everything as Codeを諦めない~ 後からCDK
mu7889yoon
3
180
【5分でわかる】セーフィー エンジニア向け会社紹介
safie_recruit
0
41k
Featured
See All Featured
DevOps and Value Stream Thinking: Enabling flow, efficiency and business value
helenjbeal
1
89
My Coaching Mixtape
mlcsv
0
45
How to Talk to Developers About Accessibility
jct
2
120
Building AI with AI
inesmontani
PRO
1
660
The B2B funnel & how to create a winning content strategy
katarinadahlin
PRO
0
260
4 Signs Your Business is Dying
shpigford
187
22k
Utilizing Notion as your number one productivity tool
mfonobong
2
210
Facilitating Awesome Meetings
lara
57
6.7k
Lessons Learnt from Crawling 1000+ Websites
charlesmeaden
PRO
1
1.1k
Leading Effective Engineering Teams in the AI Era
addyosmani
9
1.5k
Prompt Engineering for Job Search
mfonobong
0
150
Chasing Engaging Ingredients in Design
codingconduct
0
110
Transcript
#StockholmAzure Meetup Sponsors
Hardening Cosmos DB Security and Machine Learning In Microsoft Eco-System
Muhammad Sajid Mohammed Osman
Vi samarbeta med restaurang K-märkt och "Mattillvården". För varje anmäld
deltagare lagar restaurang K-Märkt en härlig lunch/middagslåda och levererar den till Danderyds Sjukhus.
Muhammad Sajid Cloud Solutions Architect with a passion for designing
and developing cloud-native solutions. Interested in DDD, Distributed Event-Driven systems, BIG data, and IoT. @sajid_nazeer linkedin.com/in/musa
None
Hardening Cosmos DB Security
Azure Policy support for Azure Cosmos DB
Encryption at Rest (on by default) • Service managed Keys
◦ 1st layer of encryption • Customer managed Keys ◦ 2nd layer of encryption
None
Get, Wrap, Unwrap
None
None
IP filter
Minimum TLS version? And Weak ciphers
None
None
None
Network Isolation using Private link Private access to Azure PaaS
Services
None
Demo
Takeaways • Use Azure policies • Use customer managed keys
feature only when required • Use Private link feature to reduce the attack surface • Contact Microsoft for TLS version • Don’t settle for the right solutions . Find new ones, and keep learning.
Questions?
@sajid_nazeer linkedin.com/in/musa
msajid
thara0402
hiroyaonoe
kumaiu
shift_evolve
aeonpeople
empitsu
log0417
rince
.jpg){kind=avatar}
ikuodanaka
yuu551
mu7889yoon
safie_recruit
.png){kind=avatar}
helenjbeal
mlcsv
jct
inesmontani
katarinadahlin
shpigford
mfonobong
lara
charlesmeaden
addyosmani
codingconduct
