2022/08/29 Microsoft Cloud Solutions 706 visit(s) 6 min to read
DevSecOps are a major and important part of the Microsoft Azure cloud, and it can get a bit confusing for any user or developer since there are many components to grasp and understand before working with them.
Here is all you need to know about DevSecOps in Azure, to make things easier for you and your IT team to take full advantage and benefit from the features and services offered here.
Security is the most important thing in any organization, so you need to begin with authentication and authorization. Azure Active Directory allows you to create and manage multiple users and accounts by assigning each its own username and password, and optionally, a method of multi-factor authentication.
However, the most important thing actually is that Azure can use federated authentication to synchronize and access your AD accounts using credentials from your corporate directory.
As mentioned above you can create role assignments that consist of three elements:
Moreover, you can create and manage roles assignments in the Azure portal for each service using Access Control (IAM) blade, through PowerShell, Azure CLI, REST API, or by simply using a resource template.
Azure AD also provides an advanced feature for access control beyond simple RBAC called Conditional Access, where you can define the conditions or signals that must be met before granting access.
Azure Sentinel is Microsoft’s SIEM service - cloud-native security information and event management. This service collects and aggregates log and configuration data from both on-premise devices and applications and the cloud.
Why do you need to understand it? Because DevOps largely depends on automation for success, that means it's vital that the proper tools are set up for monitoring and alerting.
Incorporating security into an Azure DevOps pipeline demands preparation and planning, however, even a small commitment to security leveraging these best practices can lead to great improvements across the whole process.
Azure Policy provides a framework for developing policies, ensuring compliance, and managing remediation since one of the goals of integrating security onto DevOps is to achieve the three aforementioned components along with continuous deployment.
Using either built-in policy definitions or creating policy definitions, you can control resource allocations and configurations, enforce resource tagging, or configure resource monitoring.
Azure Active Directory offers PIM, which allows granting just-in-time temporary privileges access to Azure resources based on start and end dates, in addition to manual approval and multi-factor authentication MFA.
This way you can avoid giving developers or users access to everything and by using time frames, the possibility of compromise and damage gets really low.
Here, the first you need to make sure of is that both the infrastructure and security configuration is treated as any other code in the CI/CD pipeline in order to make sure you have a well-documented and repeatable Azure architecture.
Azure facilitates this through two key services:
Your DevSecOps pipeline should provide feedback to each of the development, security, and operations teams. The feedback and metrics require insights that can be obtained through the Azure Security Center.
Now, what is Azure Security Center? In a nutshell, it's a unified infrastructure security management service that provides advanced threat protection, monitoring, and remediation across cloud resources and workloads.
This service allows you to monitor cloud infrastructure in order to identify configurations that are not compliant to selected standards.
In addition to that, it provides an overview of the security posture and allows viewing non-compliant resources along with recommendations.
Moreover, you can develop custom policies in addition to the built-in standards and recommendations.
Also, to respond to ever-evolving threats, Azure Security Center provides advanced protections and alerts based on Microsoft’s ongoing security research, telemetry, and threat intelligence. And through threat intelligence, behavioral analysis, and anomaly detection, Azure Security Center will continuously monitor and alert emerging threats.
Ctelecoms is a proud Microsoft partner, helping SMBs in Saudi Arabia develop and grow their work environment.
Our team is ready to help you with anything related to Microsoft, whether it’s a consultation or help in deploying the solutions. Just contact our team and they’ll be there to help: https://www.ctelecoms.com.sa/en/Form15/Contact-Us