Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Cosmos DB Security
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Muhammad Sajid
June 17, 2020
Technology
60
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Cosmos DB Security
Muhammad Sajid
June 17, 2020
More Decks by Muhammad Sajid
See All by Muhammad Sajid
When Stateful Serverless met Planet-scale Event-sourcing
msajid
0
150
Azure App configuration
msajid
2
880
Other Decks in Technology
See All in Technology
気づかぬうちにセキュリティ負債を生むAPIキー運用
sgwrmctk
0
180
ぼっちではじめた登壇が「51名」「241件」の発信に化けた
subroh0508
1
240
When Platform Engineering Meets GenAI
sucitw
0
130
FPGAの開発コンペでZephyrを使ってみた
iotengineer22
0
130
Agile and AI Redmine Japan 2026
hiranabe
3
240
自分が詳しくない領域でAIを使う #プロヒス2026
konifar
13
4.7k
不要なレビューをAIにまかせて AIコーディングの環境改善を加速した
shoota
1
220
200個のGitHubリポジトリを横断調査したかった
icck
0
140
2026TECHFRESH畢業分享會 - Lightning Talk - E起 See See : 電商推薦讀心術? 數據說了算
line_developers_tw
PRO
0
1.3k
Bucharest Tech Week 2026 - Reinventing testing practices in the AI era
edeandrea
PRO
1
170
10年間のブログ発信を振り返って見えたWebアプリケーションエンジニアとしての軌跡
stefafafan
0
160
2026年6月23日 Syncable Tech + Start Python Club にて
hamukazu
0
140
Featured
See All Featured
The #1 spot is gone: here's how to win anyway
tamaranovitovic
2
1.1k
30 Presentation Tips
portentint
PRO
1
330
Building Flexible Design Systems
yeseniaperezcruz
330
40k
What the history of the web can teach us about the future of AI
inesmontani
PRO
1
620
GraphQLの誤解/rethinking-graphql
sonatard
75
12k
GitHub's CSS Performance
jonrohan
1033
470k
The AI Revolution Will Not Be Monopolized: How open-source beats economies of scale, even for LLMs
inesmontani
PRO
3
3.5k
Ecommerce SEO: The Keys for Success Now & Beyond - #SERPConf2024
aleyda
1
2k
AI Search: Where Are We & What Can We Do About It?
aleyda
0
7.6k
Utilizing Notion as your number one productivity tool
mfonobong
4
320
B2B Lead Gen: Tactics, Traps & Triumph
marketingsoph
0
160
Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster
uxyall
1
1.7k
Transcript
#StockholmAzure Meetup Sponsors
Hardening Cosmos DB Security and Machine Learning In Microsoft Eco-System
Muhammad Sajid Mohammed Osman
Vi samarbeta med restaurang K-märkt och "Mattillvården". För varje anmäld
deltagare lagar restaurang K-Märkt en härlig lunch/middagslåda och levererar den till Danderyds Sjukhus.
Muhammad Sajid Cloud Solutions Architect with a passion for designing
and developing cloud-native solutions. Interested in DDD, Distributed Event-Driven systems, BIG data, and IoT. @sajid_nazeer linkedin.com/in/musa
None
Hardening Cosmos DB Security
Azure Policy support for Azure Cosmos DB
Encryption at Rest (on by default) • Service managed Keys
◦ 1st layer of encryption • Customer managed Keys ◦ 2nd layer of encryption
None
Get, Wrap, Unwrap
None
None
IP filter
Minimum TLS version? And Weak ciphers
None
None
None
Network Isolation using Private link Private access to Azure PaaS
Services
None
Demo
Takeaways • Use Azure policies • Use customer managed keys
feature only when required • Use Private link feature to reduce the attack surface • Contact Microsoft for TLS version • Don’t settle for the right solutions . Find new ones, and keep learning.
Questions?
@sajid_nazeer linkedin.com/in/musa
msajid
sgwrmctk
subroh0508
sucitw
iotengineer22
hiranabe
konifar
shoota
icck
line_developers_tw
edeandrea
stefafafan
hamukazu
tamaranovitovic
portentint
yeseniaperezcruz
inesmontani
sonatard
jonrohan
aleyda
mfonobong
marketingsoph
uxyall
