Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cosmos DB Security

Avatar for Muhammad Sajid Muhammad Sajid
June 17, 2020
Technology
0
55

Cosmos DB Security

Avatar for Muhammad Sajid

Muhammad Sajid

June 17, 2020
Tweet

More Decks by Muhammad Sajid

See All by Muhammad Sajid
When Stateful Serverless met Planet-scale Event-sourcing
Avatar for Muhammad Sajid msajid
0
150
Azure App configuration
Avatar for Muhammad Sajid msajid
2
850

Other Decks in Technology

See All in Technology
なぜAWSを活かしきれないのか?技術と組織への処方箋
Avatar for NRI Netcom nrinetcom
PRO
5
900
大規模サーバーレスAPIの堅牢性・信頼性設計 〜AWSのベストプラクティスから始まる現実的制約との向き合い方〜
Avatar for maimyyym maimyyym
10
4.7k
Introduction to Sansan, inc / Sansan Global Development Center, Inc.
Avatar for Sansan, Inc. sansan33
PRO
0
2.8k
LLMアプリの地上戦開発計画と運用実践 / 2025.10.15 GPU UNITE 2025
Avatar for Shumpei Miyawaki smiyawaki0820
1
570
Railsの話をしよう
Avatar for Yasuo Honda yahonda
0
140
Oracle Base Database Service 技術詳細
Avatar for oracle4engineer oracle4engineer
PRO
12
80k
サイバーエージェント流クラウドコスト削減施策「みんなで金塊堀太郎」
Avatar for Kurochan kurochan
3
1.8k
「使い方教えて」「事例教えて」じゃもう遅い! Microsoft 365 Copilot を触り倒そう!
Avatar for Taichi Nakamura taichinakamura
0
390
リセラー企業のテクサポ担当が考える、生成 AI 時代のトラブルシュート 2025
Avatar for kazzpapa3 kazzpapa3
1
340
ComposeではないコードをCompose化する case ビズリーチ / DroidKaigi 2025 koyasai
Avatar for Visional Engineering & Design visional_engineering_and_design
0
110
Claude Code Subagents 再入門 ~cc-sddの実装で学んだこと~
Avatar for Gota gotalab555
3
2.4k
オープンソースでどこまでできる?フォーマル検証チャレンジ
Avatar for msyksphinz msyksphinz
0
140

Featured

See All Featured
Context Engineering - Making Every Token Count
Avatar for Addy Osmani addyosmani
6
250
The MySQL Ecosystem @ GitHub 2015
Avatar for Sam Lambert samlambert
251
13k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
697
190k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
431
66k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
162
15k
How To Stay Up To Date on Web Technology
Avatar for Chris Coyier chriscoyier
791
250k
How GitHub (no longer) Works
Avatar for Zach Holman holman
315
140k
Faster Mobile Websites
Avatar for Dean Hume deanohume
310
31k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
Avatar for Morgane Peng morganepeng
132
19k
The Invisible Side of Design
Avatar for Vitaly Friedman smashingmag
302
51k
Building an army of robots
Avatar for Kyle Neath kneath
306
46k
JavaScript: Past, Present, and Future - NDC Porto 2020
Avatar for David Neal reverentgeek
52
5.6k

Transcript

  1. #StockholmAzure Meetup Sponsors

  2. Hardening Cosmos DB Security and Machine Learning In Microsoft Eco-System

    Muhammad Sajid Mohammed Osman

  3. Vi samarbeta med restaurang K-märkt och "Mattillvården". För varje anmäld

    deltagare lagar restaurang K-Märkt en härlig lunch/middagslåda och levererar den till Danderyds Sjukhus.

  4. Muhammad Sajid Cloud Solutions Architect with a passion for designing

    and developing cloud-native solutions. Interested in DDD, Distributed Event-Driven systems, BIG data, and IoT. @sajid_nazeer linkedin.com/in/musa
  5. None

  6. Hardening Cosmos DB Security

  7. Azure Policy support for Azure Cosmos DB

  8. Encryption at Rest (on by default) • Service managed Keys

    ◦ 1st layer of encryption • Customer managed Keys ◦ 2nd layer of encryption
  9. None

  10. Get, Wrap, Unwrap

  11. None
  12. None

  13. IP filter

  14. Minimum TLS version? And Weak ciphers

  15. None
  16. None
  17. None

  18. Network Isolation using Private link Private access to Azure PaaS

    Services
  19. None

  20. Demo

  21. Takeaways • Use Azure policies • Use customer managed keys

    feature only when required • Use Private link feature to reduce the attack surface • Contact Microsoft for TLS version • Don’t settle for the right solutions . Find new ones, and keep learning.

  22. Questions?

  23. @sajid_nazeer linkedin.com/in/musa