Microsoft Azure

Skill Me Up Provides comprehensive Microsoft training for Security Specialists focusing on Microsoft Azure that are responsible for locking down and securing workloads, infrastructure and identity.

learning path
4 (89)
6 Lectures | 2 Labs | 6h 54m | Intermediate | Certification Prep

In this learning path, you will learn key concepts about the cloud and various Microsoft Azure Services. From there, you will learn core concepts such as various PaaS and IaaS services including management tools. This course will also cover several key concepts for security and compliance, as well as a brief look at a Azure pricing and support. This course will help you prepare for AZ 900 Microsoft Azure Fundamentals.

learning path
4 (105)
4 Lectures | 14 Labs | 22h 12m | Intermediate | Certification Prep

This learning path contains a collection of courses and hands-on labs designed to help you pass the exam AZ - 500 Microsoft Azure Security Technologies.

learning path
4 (6)
1 Lectures | 2 Labs | 5h 30m | Intermediate

In this path, you will find courses and hands-on labs that will teach you how to manage and automate common tasks in Azure Active Directory using PowerShell and Azure Automation.

learning path
5 (21)
7 Lectures | 2 Labs | 11h 28m | Advanced

In this learning path, you will learn the ins-and-outs of implementing governance on your Microsoft Azure subscription. Topics will include Azure Policy, Role Based Access Control (RBAC), Cost Management, Management Groups, Blue Prints, and much more.

learning path
4 (2)
10 Lectures | 0 Labs | 8h 36m | Intermediate

This track contains a collection of expert talks recorded by Azure Security Experts.

learning path
5 (2)
2 Lectures | 0 Labs | 4h 4m | Intermediate

In this learning path, you will get a deep dive understanding of why organizations are challenged when it comes to managing security threats and risks. From there you will learn how to leverage Azure security center to protect your cloud and on-premises infrastructure. After that you will learn how to leverage Azure Sentinel which is Microsoft's born in the cloud security information event management (SIEM) solution to collect data respond to security threats that impact your organization.

lecture
0 (0)
45m | Beginner | Jul 31 2020 |

In this session, Karl Ots presents a deep dive on Azure authentication and authorization models. After this session, you will be able to design secure access control solutions for your Azure administrative access, as well as Azure application access.

lecture
5 (1)
3h 40m | Beginner | Dec 20 2018 |

The course will educate you on the details you need to know to be able to start writing PowerShell for Azure AD. By the end, our objective is to make you feel comfortable writing PowerShell to automate common management tasks for Azure AD. We’ll also provide you some real-world examples for where you can use PowerShell to be more consistent and save time.

lecture
5 (2)
1h 53m | Intermediate | Nov 8 2019 |

This is course seven of seven in the Implementing Azure Governance learning path. Cost management and cost optimization are key concerns of all Azure customers. In this class, students will first learn the principles of how Azure accounts are managed and billed. Next, students learn how a variety of commonly-used IaaS and PaaS resources are priced. This is followed by a deep-dive on cost optimization techniques you can to reduce your bill without impacting your applications. Finally, the class includes a deep-dive on Azure Cost Management, which enables you to track, analyze and forecast your Azure spend to providing accurate cost estimates and reduced billing risk.

lecture
0 (0)
23m | Beginner | Sep 16 2020 |

In this course, you will learn to identity ways to plan and manage costs and purchase services within Azure, how to understand the Azure Service Level Agreements and calculating a composite SLA for more than one service combination, and understanding the service lifecycle within Azure. This course covers one of the objective areas that help you in preparing for the AZ-900 Azure Fundamentals exam.

lecture
0 (0)
58m | Beginner | Aug 26 2020 |

Securing and maintaining data in flight and at speed is always a major concern in any environment. In this Expert Talk, we will go over how Azure Firewall turnkey capabilities and high-availability scale can provide you secure reliable communications for cloud solutions. In addition, we’ll cover the newer capabilities such as Manager, Policies, and IP Groups, as well as integrating with Monitor and Sentinel - all to help manage multiple environments at scale. We'll wrap the session with a look at upcoming capabilities, such as DNS options.

lecture
0 (0)
45m | Beginner | Aug 12 2020 |

In this session, Karl Ots presents an overview of the Azure Key Vault service and operational best practices on how to integrate Azure Key Vault with other Azure services. After the session, you will be able to implement Azure Key Vault in your Azure PaaS projects.

lecture
0 (0)
46m | Beginner | Sep 21 2020 |

The multitude of security controls and guidelines for Azure can be overwhelming. Based on real-life experiences from securing applications running on Azure, Karl has compiled a list of best practices that bring these worlds together. In this session, you will learn how to secure your applications using Azure native security controls. After this session, you will know which security controls are available, how effective they are and what will be the cost of implementing them.

lecture
0 (0)
51m | Beginner | Jul 23 2020 |

Join Karl Ots as he walks through key Azure security controls to protect your Azure environment. After this session, you will be able to list key Azure security controls, and implement identity and encryption controls andAccess Control in Azure.

lecture
4 (1)
1h | Beginner | Apr 15 2020 |

Azure Sentinel is a new Microsoft Security Information and Event Management (SIEM) service. It is fully cloud-based, requiring no additional infrastructure, and unlimited scale to gather and process data across both on-premises and cloud environments. It also offers AI-based detection and investigative capabilities.Join us for this session to learn more about Azure Sentinel and what it can offer your business.

lecture
5 (1)
15m | Beginner | Sep 16 2020 |

In this course, you will learn about the core solutions within Azure and the management tools that are available. These include Internet of Things (IoT), big data and analytics, artificial intelligence, serverless computing, and DevOps. You will get a high-level understanding of the tools available to create resources, automate, and govern resources within Azure. This course covers one of the objective areas that help you in preparing for the AZ-900 Azure Fundamentals exam.

lecture
0 (0)
43m | Beginner | Sep 16 2020 |

In this course, you will get an understanding of the security challenges to an organization within the cloud. You will learn some ways to build a defense in depth strategy utilizing Azure security tools, such as Azure Security Center, Azure Sentinel, Azure Key Vault, and other network security services. This course covers one of the objective areas that help you in preparing for the AZ-900 Azure Fundamentals exam.

lecture
0 (0)
58m | Beginner | Sep 16 2020 |

In this course, you will learn about the various tools for Identity and Access Management, governing Azure resources with role-based access control and resource locks and using Azure Policy for cost and resource compliance. We will discuss how Azure can assist in regulatory and governmental compliance. This course covers one of the objective areas that help you in preparing for the AZ-900 Azure Fundamentals exam.

lecture
5 (3)
3h 17m | Intermediate | Jul 15 2019 |

This course is the 2nd in a series around Azure Security, reflecting on the Microsoft exam objectives as a starting point, but also covering broader topics than wat is required for the exam.This course has a core focus on what it takes to implement overall Azure platform protection. In the first module, we touch on several aspects of Azure Networking security, like custom routing, Network Security Groups, Application Security Groups and Azure Firewall. You will also learn about optimizing security of remote management to your Azure Virtual Machines. In the next module, we pinpoint the topic of host security, which covers endpoint protection deployment and configuration, Azure virtual machine hardening best practices and how to enable and configure system updates for your Azure-running virtual machines. The 3rd module brings you up to speed on containerizing applications and running them in different Azure container service resources like Azure Container Registry and Azure Container Instance, always focusing on the security aspect of these. Last, we also talk about Azure Kubernetes Services networking and security control. In the 4th and last module, you learn about Azure governance using Azure Policies, Role Based Access Control and how to set up subscription permissions.

lecture
5 (1)
2h 29m | Intermediate | Apr 13 2020 |

With the continuous adoption of digital transformation and exposure of more and more business-critical workloads to the cloud, getting a clear view on your organization’s security posture is critical.If your organization gets compromised, your business can lose trust, customers, and revenue. Cyber defense is not good enough anymore, and security officers and IT departments need to step up their game. But how do you handle security when using a public cloud environment like Azure, and even more, how can you provide an integration between your Azure workload security and your hybrid-running workloads?That’s exactly what Azure Security Center is built for, providing you a clear view on your real-time, active security posture, for both cloud and hybrid-running workloads. Leveraging the power of Azure Log Analytics, Azure Security Center provides insights on overall Azure subscription governance, as well as specific guidance our compliance standards such as PCI DSS 3.2.1, SOC TSP and ISO 27001.Next, Azure Security Center comes with easy-to-understand dashboards, compelling diagram views, and recommendations on how to optimize the security of your running Azure resources, ordered by criticality and priority in risk. Other features that come with Azure Security Center include threat protection, providing you again a clear view on security threats happening against your environment. From an advanced cloud defense perspective, Azure Security Center provides you Adaptive Application Control, Just-in-Time VM Access, Adaptive Network Hardening, and File Integrity Monitoring.Besides the dashboard views and recommendations, one can take it even further by integrating Azure Security Playbooks, relying on the logic flows in Azure Logic Apps, allowing organizations to not only detect threats and security risks, but also take appropriate action to mitigate risk automatically.

lecture
5 (1)
1h 35m | Intermediate | May 11 2020 |

With the continuous adoption of digital transformation and exposure of more and more business-critical workloads to the cloud, getting a clear view on your organization’s security posture is critical.If your organization gets compromised, your business can lose trust, customers, and revenue. Cyber defense is not good enough anymore, and security officers and IT departments need to step up their game. Instead of relying on a defensive strategy, switching to a more proactive approach to detect and mitigate risk will get you there. Organizations must have the possibility to connect to cloud and on-premises running workloads and collect system and security-related data from all systems.The more traditional Security Information and Event Management (SIEM) solutions that have been around in the on-premises data centers just cannot keep up with today’s challenges, with the fast pace of data center expansion and the massive amounts of structured and unstructured telemetry generated by various workloads. And even more important, they cannot keep up with detecting and identifying near-future threats. Because of the lack of flexibility and scale, together with the high cost of implementing and configuring, these SIEM solutions are often becoming a threat themselves, giving organizations a fake impression of their security posture.That’s where Microsoft’s cloud-born Azure Sentinel comes in: a cloud-based Security Information and Event Management (SIEM) solution, built for growth, capable of absorbing large amounts of different data sources, powered by machine learning, to provide accurate, to-the-point views on your organization’s security posture. Starting from collecting data, it allows for detecting known threats, but also providing investigation engines to detect unknown threats and patterns. Next, it starts from a proactive approach in mind, bringing features like hunting and responding to incidents to the table.It’s that exact process flow we use as the structure for this condensed, yet complete course on how to implement and manage Azure Sentinel.

lecture
5 (1)
1h 31m | Intermediate | Dec 3 2019 |

This is course five of seven in the Implementing Azure Governance learning path.In this course, you will deep dive into the Azure Blueprints service, which is one of the more advanced governance services in Azure. You will learn what Blueprints are, and the scenarios they are designed to address. The course then takes you on a in-depth journey through each stage of the Blueprints life cycle: creating the Blueprint, adding artifacts, publishing, assigning to a subscription, and managing later updates. The final section of the course provides detailed coverage of Blueprints features not exposed in the Azure portal, such as controlling dependencies and avoiding use of the subscription Owner role. The course include in-depth demos using both the Azure Portal and command-line tools.

lecture
5 (2)
35m | Intermediate | Nov 14 2019 |

This is course four of seven in the Implementing Azure Governance learning path.Azure Management Groups enable many of Azure’s governance and reporting features to be centrally managed using an organization-wide hierarchy, rather than being managed on each individual subscription. This enables an efficient and reliable approach to implementing governance at scale across an organization.In this class, you will learn how to design and build a management group hierarchy, and how to use management groups to implement governance and reporting across an organization.

lecture
5 (1)
1h 29m | Intermediate | Oct 23 2019 |

This is course three of seven in the Implementing Azure Governance learning path.In this course, you will deep dive into the Azure Policy service, which is one of the fundamental governance services in Azure. You will learn how to apply Azure Policy to your subscriptions and the wide range of scenarios it supports. You will also deep dive on the policy definition language, so you can fully understand built-in policies and create your own custom policies. You will also learn how to use Azure Policy compliance reports, and how to investigate and re-mediate non-compliant resources. The course closes with an overview of Azure VM guest policy and overall policy management best practices.

lecture
5 (1)
49m | Intermediate | Nov 11 2019 |

This is course two of seven in the Implementing Azure Governance learning path. Role-based access control is a fundamental pillar of good governance in Azure. Properly deployed, it enables an organization to control how users access and administer the organization’s Azure resources, implementing a ‘least privilege’ model in which users have only the permissions they need, to only the resources they need. This course provides a deep-dive into role-based access control in Azure. The course starts by explaining how user and system identities are managed in Azure AD, and how Azure roles are defined. It then explains how roles can be assigned, and how multiple role assignments interact. Finally, the course shows how you can implement tailored access control policies by creating and assigning your own custom role definitions.

lecture
5 (1)
38m | Intermediate | Dec 2 2019 |

This is course one of seven in the Implementing Azure Governance learning path. This short course provides a brief introduction to key governance concepts and technologies in Azure. Students learn about the Azure governance architecture and the importance of good governance to successful enterprise cloud adoption.This course also serves as an introduction to the Azure Governance learning path.

lecture
5 (5)
1h 42m | Intermediate | Jul 15 2019 |

This course is the first in a series around Azure Security, reflecting on the Microsoft exam objectives as a starting point, but also covering broader topics than wat is required for the exam.This course has a core focus on managing Azure Identity and Access control, relying on Azure Active Directory as the main vehicle for these. In the first module, where we start with an introduction to Azure Active Directory, we dive into the topic of AD Connect synchronization, discuss several authentication architectures available today for hybrid identity, and zoom in on several of Azure AD’s built-in security features. The 2nd module covers Azure AD Privileged Identity Management, a separate service in Microsoft Azure, allowing you to define and control admin-level privileges. The 3rd and last module in this course touches on how to migrate Azure resources across different subscriptions and what impact this might have, ending with describing and walking you through Azure API Management capabilities.

lecture
5 (2)
1h 19m | Intermediate | Jul 15 2019 |

This course is the 3rd in a series around Azure Security, reflecting on the Microsoft exam objectives as a starting point, but also covering broader topics than wat is required for the exam.This course has a core focus on managing security operations, mainly describing what different Azure monitoring and operations tools are available, and how they can help in managing your Azure environment from a security operations perspective. You will learn about Azure Monitor, Azure Log Analytics and Azure Security Center. Next, you will also learn about Azure alert management and Azure Security Center alerts specifically.

lecture
5 (1)
1h 20m | Intermediate | Dec 5 2019 |

This is course six of seven in the Implementing Azure Governance learning path. Resource organization is critical for organizations using Azure at scale. This course begins by discussing resource organization in Azure, explaining both the technical capability of the platform and best practices you can use to manage resources effectively. The second part of the course focuses on the Azure Resource Graph, showing how you can use this feature to explore your resources in many powerful ways.

lecture
0 (0)
55m | Intermediate | Apr 27 2020 |

With the current worldwide situation taking place, organizations that traditionally operate in an office environment are forced to move to a remote workforce strategy for business continuity. This change in business creates challenges. This expert talk will provide guidance on planning and executing secure and collaborative capabilities to your mobile workforce.This presentation will provide insight into how to build a secure mobility strategy for your organization. We will discuss the pros and cons for the various mobile access options for your workforce; demonstrate how users can collaborate and stay connected to co-workers, partners, and customers; and how to secure and manage these environments by utilizing the proper licenses and best practices. Demo will be providing on using 365 tools and Teams for collaboration.

lecture
5 (3)
2h 7m | Intermediate | Jul 15 2019 |

This course is the 4th and last in a series around Azure Security, reflecting on the Microsoft exam objectives as a starting point, but also covering broader topics than wat is required for the exam.This course has a core focus on deploying, configuring and managing security of your data that is stored in Azure, as well as how to secure your business-critical application workloads. You will learn about securing Azure SQL, covering different built-in and sometimes unique to public cloud features of SQL Server. Next, you will also learn the basics of securing other data solutions like HD Insights, Azure Data Lake and Cosmos DB. Another part of the course discusses on how to enable and configure data encryption, using Azure Key Vault as secrets store. Last, you will also learn about several security features of Azure App Services, optimizing security for Azure Web Apps and Azure App Services Environment.

lecture
0 (0)
57m | Intermediate | May 8 2020 |

 An organization is expected to provide an environment where information is available from anywhere at any time for users. The growth of cloud technologies has provided a means and a challenge to organizations as they enrich the accessibility of information and applications. Attending this presentation will provide guidance on how to enable best practices within the organization to secure data and application access through the tools provided within cloud environments. These best practices will allow an organization to excel in the ability to provide an expanded ability to enrich user experience and attract talent with the availability of information, while maintaining organizational confidentiality and integrity.

lecture
5 (1)
38m | Intermediate | Sep 21 2020 |

Karl Ots has assessed the security of over 100 solutions built on the Microsoft Azure cloud. He has found that there are 10 key security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.

lecture
5 (1)
54m | Beginner | Sep 16 2020 |

In this course, you will learn the evolution of computing to cloud computing. The course will guide you through the various types of cloud services, cloud deployment models, and how to understand shared responsibility between the cloud provider and the consumer. This course covers one of the objective areas that help you in preparing for the AZ-900 Azure Fundamentals exam.

lecture
5 (1)
43m | Beginner | Sep 16 2020 |

In this course, you will learn about the Azure service components and products. This course will familiarize you with the Azure geographic regions and zones, resources, and core Azure products, such as compute, app services, networking, containers, storage, and database services. This course covers one of the objective areas that help you in preparing for the AZ-900 Azure Fundamentals exam.

lecture
0 (0)
57m | Beginner | Sep 8 2020 |

In this Expert Talk, we will review the regulatory compliance policies and initiatives in Azure. You will learn how to enable policy and compliance in Security Center and how to use workflow automation to monitor compliance.

real-time lab
2 (2)
30m | Beginner | Apr 9 2020 |

Data discovery classification provides advanced capabilities built into Azure SQL Database for discovering, classifying, labeling reporting the sensitive data in your databases. In this lab, you will learn the basics of how to classify your Azure SQL Database.

real-time lab
5 (9)
1h | Intermediate | Jun 25 2020 |

In this lab, an Azure Virtual Machine disk will be encrypted. You will deploy a VM into Azure that is not encrypted, obtain and run the Azure Disk Encryption Prerequisites Azure PowerShell script, and you will then encrypt your virtual machine.

real-time lab
4 (51)
1h 40m | Beginner | Apr 28 2020 |

In this lab, you will create a virtual network that will allow the virtual machines you create to securely connect with each other. You will then create two virtual machines and specify the virtual network configuration and the availability set configuration along with storage for the virtual machine.

real-time lab
5 (12)
1h 10m | Beginner | Sep 10 2020 |

In this lab, you will practice using Azure Policy and Azure Role-Based Access Control (RBAC) to implement some simple governance scenarios in Azure. You will use Azure Policy to apply a permitted locations rule to an Azure resource group, and RBAC to grant permissions to a new user. You will also create and assign a custom RBAC role.

real-time lab
5 (35)
1h 15m | Intermediate | May 21 2020 |

In this lab, you will create an Azure Web App and a SQL Database and configure the popular content management system (CMS) Orchard CMS. You will then configure the web app to automatically scale based on actual CPU usage.

real-time lab
5 (14)
1h | Beginner | Aug 28 2020 |

This lab is designed to help you become familiar with several features of Microsoft Azure Log Analytics. You will learn how to setup a Log Analytics workspace and install the agent on several VMs. From there, you will configure data sources from Azure as well as diagnostic data from the VMs and learn the fundamentals of querying data and events using the Log Analytics query language.This lab pre-provisions several resources in Microsoft Azure and will take 15-20 minutes to start before it is ready.

real-time lab
0 (0)
2h | Advanced | Jan 19 2020 |

In this lab you will learn how to create, publish and assign an Azure Blueprint. You will also learn how to update a Blueprint draft, publish additional Blueprint versions, and update a Blueprint assignment.In addition, this lab will explore Blueprint locks and how they are implemented by the Blueprints service.This lab also shows how to export your Blueprint as JSON files, and how to edit these files to configure deployment dependencies and to streamline Blueprint parameters.In this lab, you will assign your Blueprint using a user-assigned Managed Identity. This provides you with full control over the Azure RBAC permissions used for Blueprint assignment. It also avoids the need for the user to have have subscription Owner permissions, which are required when using system-assigned Managed Identity.

real-time lab
5 (9)
1h | Beginner | Aug 24 2020 |

In this lab, you learn about the deploying A Test VM and configuring Azure Monitor on that VM by applying some condition and action items. If the VM reaches the defined thresholds, Azure Monitor will generate alerts.

real-time lab
4 (4)
1h 16m | Beginner | Apr 22 2020 |

In this lab, you will deploy a simulated environment with an Azure Virtual Network and two virtual machines. From there you will learn how to deploy Azure Firewall in the environment to protected the simulated workload.

real-time lab
4 (8)
1h 10m | Intermediate | May 26 2020 |

In this lab, you will get started with Azure Key Vault to create a hardened container (a vault) in Azure, to store and manage cryptographic keys and secrets in Azure. First you will use Azure PowerShell. Then you will store a password as a secret that could then be used with an Azure application.

real-time lab
5 (18)
3h | Intermediate | Jul 7 2020 |

In this lab, you will create 3 virtual networks in two different regions. You will configure site-to-site connectivity between the regions using a VPN Gateway. Finally, you will configure virtual network to virtual network connectivity using virtual network peering. This will also allow traffic from the 3rd virtual network to transit over the VPN gateway.

real-time lab
3 (4)
30m | Beginner | Jul 21 2020 |

In this lab you will learn how to enable and disable distributed denial of service (DDoS) protection, and use telemetry to mitigate a DDoS attack with Azure DDoS Protection Standard. DDoS Protection Standard protects Azure resources such as virtual machines, load balancers, and application gateways that have an Azure public IP address assigned to it.

real-time lab
3 (3)
30m | Beginner | Jun 25 2020 |

In this lab, you will learn to manage web traffic using application gateways by configuring a back end pool, health probes, and listeners to forward traffic through the gateway to an Azure Virtual Machine. From there, you will enable the Azure Web App Firewall and simulate traffic that is blocked by the WAF. Finally, you will review WAF logs to see what traffic was blocked.

real-time lab
4 (4)
50m | Intermediate | Jul 3 2020 |

In this lab, you will install the required components to connect to Azure Active Directory. You will then initiate a connection to Azure Active Directory, as well as review common administration tasks and commands.

real-time lab
5 (1)
1h | Beginner | Jul 3 2020 |

In this lab, you will learn how to manage Users and Groups using both MSOnline and AzureAD PowerShell Modules. You will create, manage and remove both users and groups, followed by managing permissions within Azure Active Directory.

real-time lab
4 (2)
25m | Beginner | May 12 2020 |

In this lab, you will learn to use a Managed Identity with Azure PowerShell by creating a virtual machine with a system managed identity. You will then assign the identity to a resource group using role-based access control (RBAC).Down for maintenance. 

real-time lab
4 (2)
25m | Beginner | Jul 2 2020 |

In this lab, you will learn to use service principals with Azure PowerShell by first creating a service principal, assigning permissions to that principal, and finally logging into Azure with the service principal.

learning path
4 (89)
6 Lectures | 2 Labs | 6h 54m | Intermediate | Certification Prep

In this learning path, you will learn key concepts about the cloud and various Microsoft Azure Services. From there, you will learn core concepts such as various PaaS and IaaS services including management tools. This course will also cover several key concepts for security and compliance, as well as a brief look at a Azure pricing and support. This course will help you prepare for AZ 900 Microsoft Azure Fundamentals.

learning path
4 (105)
4 Lectures | 14 Labs | 22h 12m | Intermediate | Certification Prep

This learning path contains a collection of courses and hands-on labs designed to help you pass the exam AZ - 500 Microsoft Azure Security Technologies.

learning path
4 (6)
1 Lectures | 2 Labs | 5h 30m | Intermediate

In this path, you will find courses and hands-on labs that will teach you how to manage and automate common tasks in Azure Active Directory using PowerShell and Azure Automation.

learning path
5 (21)
7 Lectures | 2 Labs | 11h 28m | Advanced

In this learning path, you will learn the ins-and-outs of implementing governance on your Microsoft Azure subscription. Topics will include Azure Policy, Role Based Access Control (RBAC), Cost Management, Management Groups, Blue Prints, and much more.

learning path
4 (2)
10 Lectures | 0 Labs | 8h 36m | Intermediate

This track contains a collection of expert talks recorded by Azure Security Experts.

learning path
5 (2)
2 Lectures | 0 Labs | 4h 4m | Intermediate

In this learning path, you will get a deep dive understanding of why organizations are challenged when it comes to managing security threats and risks. From there you will learn how to leverage Azure security center to protect your cloud and on-premises infrastructure. After that you will learn how to leverage Azure Sentinel which is Microsoft's born in the cloud security information event management (SIEM) solution to collect data respond to security threats that impact your organization.

lecture
0 (0)
45m | Beginner | Jul 31 2020 |

In this session, Karl Ots presents a deep dive on Azure authentication and authorization models. After this session, you will be able to design secure access control solutions for your Azure administrative access, as well as Azure application access.

lecture
5 (1)
3h 40m | Beginner | Dec 20 2018 |

The course will educate you on the details you need to know to be able to start writing PowerShell for Azure AD. By the end, our objective is to make you feel comfortable writing PowerShell to automate common management tasks for Azure AD. We’ll also provide you some real-world examples for where you can use PowerShell to be more consistent and save time.

lecture
5 (2)
1h 53m | Intermediate | Nov 8 2019 |

This is course seven of seven in the Implementing Azure Governance learning path. Cost management and cost optimization are key concerns of all Azure customers. In this class, students will first learn the principles of how Azure accounts are managed and billed. Next, students learn how a variety of commonly-used IaaS and PaaS resources are priced. This is followed by a deep-dive on cost optimization techniques you can to reduce your bill without impacting your applications. Finally, the class includes a deep-dive on Azure Cost Management, which enables you to track, analyze and forecast your Azure spend to providing accurate cost estimates and reduced billing risk.

lecture
0 (0)
23m | Beginner | Sep 16 2020 |

In this course, you will learn to identity ways to plan and manage costs and purchase services within Azure, how to understand the Azure Service Level Agreements and calculating a composite SLA for more than one service combination, and understanding the service lifecycle within Azure. This course covers one of the objective areas that help you in preparing for the AZ-900 Azure Fundamentals exam.

lecture
0 (0)
58m | Beginner | Aug 26 2020 |

Securing and maintaining data in flight and at speed is always a major concern in any environment. In this Expert Talk, we will go over how Azure Firewall turnkey capabilities and high-availability scale can provide you secure reliable communications for cloud solutions. In addition, we’ll cover the newer capabilities such as Manager, Policies, and IP Groups, as well as integrating with Monitor and Sentinel - all to help manage multiple environments at scale. We'll wrap the session with a look at upcoming capabilities, such as DNS options.

lecture
0 (0)
45m | Beginner | Aug 12 2020 |

In this session, Karl Ots presents an overview of the Azure Key Vault service and operational best practices on how to integrate Azure Key Vault with other Azure services. After the session, you will be able to implement Azure Key Vault in your Azure PaaS projects.

lecture
0 (0)
46m | Beginner | Sep 21 2020 |

The multitude of security controls and guidelines for Azure can be overwhelming. Based on real-life experiences from securing applications running on Azure, Karl has compiled a list of best practices that bring these worlds together. In this session, you will learn how to secure your applications using Azure native security controls. After this session, you will know which security controls are available, how effective they are and what will be the cost of implementing them.

lecture
0 (0)
51m | Beginner | Jul 23 2020 |

Join Karl Ots as he walks through key Azure security controls to protect your Azure environment. After this session, you will be able to list key Azure security controls, and implement identity and encryption controls andAccess Control in Azure.

lecture
4 (1)
1h | Beginner | Apr 15 2020 |

Azure Sentinel is a new Microsoft Security Information and Event Management (SIEM) service. It is fully cloud-based, requiring no additional infrastructure, and unlimited scale to gather and process data across both on-premises and cloud environments. It also offers AI-based detection and investigative capabilities.Join us for this session to learn more about Azure Sentinel and what it can offer your business.

lecture
5 (1)
15m | Beginner | Sep 16 2020 |

In this course, you will learn about the core solutions within Azure and the management tools that are available. These include Internet of Things (IoT), big data and analytics, artificial intelligence, serverless computing, and DevOps. You will get a high-level understanding of the tools available to create resources, automate, and govern resources within Azure. This course covers one of the objective areas that help you in preparing for the AZ-900 Azure Fundamentals exam.

lecture
0 (0)
43m | Beginner | Sep 16 2020 |

In this course, you will get an understanding of the security challenges to an organization within the cloud. You will learn some ways to build a defense in depth strategy utilizing Azure security tools, such as Azure Security Center, Azure Sentinel, Azure Key Vault, and other network security services. This course covers one of the objective areas that help you in preparing for the AZ-900 Azure Fundamentals exam.

lecture
0 (0)
58m | Beginner | Sep 16 2020 |

In this course, you will learn about the various tools for Identity and Access Management, governing Azure resources with role-based access control and resource locks and using Azure Policy for cost and resource compliance. We will discuss how Azure can assist in regulatory and governmental compliance. This course covers one of the objective areas that help you in preparing for the AZ-900 Azure Fundamentals exam.

lecture
5 (3)
3h 17m | Intermediate | Jul 15 2019 |

This course is the 2nd in a series around Azure Security, reflecting on the Microsoft exam objectives as a starting point, but also covering broader topics than wat is required for the exam.This course has a core focus on what it takes to implement overall Azure platform protection. In the first module, we touch on several aspects of Azure Networking security, like custom routing, Network Security Groups, Application Security Groups and Azure Firewall. You will also learn about optimizing security of remote management to your Azure Virtual Machines. In the next module, we pinpoint the topic of host security, which covers endpoint protection deployment and configuration, Azure virtual machine hardening best practices and how to enable and configure system updates for your Azure-running virtual machines. The 3rd module brings you up to speed on containerizing applications and running them in different Azure container service resources like Azure Container Registry and Azure Container Instance, always focusing on the security aspect of these. Last, we also talk about Azure Kubernetes Services networking and security control. In the 4th and last module, you learn about Azure governance using Azure Policies, Role Based Access Control and how to set up subscription permissions.

lecture
5 (1)
2h 29m | Intermediate | Apr 13 2020 |

With the continuous adoption of digital transformation and exposure of more and more business-critical workloads to the cloud, getting a clear view on your organization’s security posture is critical.If your organization gets compromised, your business can lose trust, customers, and revenue. Cyber defense is not good enough anymore, and security officers and IT departments need to step up their game. But how do you handle security when using a public cloud environment like Azure, and even more, how can you provide an integration between your Azure workload security and your hybrid-running workloads?That’s exactly what Azure Security Center is built for, providing you a clear view on your real-time, active security posture, for both cloud and hybrid-running workloads. Leveraging the power of Azure Log Analytics, Azure Security Center provides insights on overall Azure subscription governance, as well as specific guidance our compliance standards such as PCI DSS 3.2.1, SOC TSP and ISO 27001.Next, Azure Security Center comes with easy-to-understand dashboards, compelling diagram views, and recommendations on how to optimize the security of your running Azure resources, ordered by criticality and priority in risk. Other features that come with Azure Security Center include threat protection, providing you again a clear view on security threats happening against your environment. From an advanced cloud defense perspective, Azure Security Center provides you Adaptive Application Control, Just-in-Time VM Access, Adaptive Network Hardening, and File Integrity Monitoring.Besides the dashboard views and recommendations, one can take it even further by integrating Azure Security Playbooks, relying on the logic flows in Azure Logic Apps, allowing organizations to not only detect threats and security risks, but also take appropriate action to mitigate risk automatically.

lecture
5 (1)
1h 35m | Intermediate | May 11 2020 |

With the continuous adoption of digital transformation and exposure of more and more business-critical workloads to the cloud, getting a clear view on your organization’s security posture is critical.If your organization gets compromised, your business can lose trust, customers, and revenue. Cyber defense is not good enough anymore, and security officers and IT departments need to step up their game. Instead of relying on a defensive strategy, switching to a more proactive approach to detect and mitigate risk will get you there. Organizations must have the possibility to connect to cloud and on-premises running workloads and collect system and security-related data from all systems.The more traditional Security Information and Event Management (SIEM) solutions that have been around in the on-premises data centers just cannot keep up with today’s challenges, with the fast pace of data center expansion and the massive amounts of structured and unstructured telemetry generated by various workloads. And even more important, they cannot keep up with detecting and identifying near-future threats. Because of the lack of flexibility and scale, together with the high cost of implementing and configuring, these SIEM solutions are often becoming a threat themselves, giving organizations a fake impression of their security posture.That’s where Microsoft’s cloud-born Azure Sentinel comes in: a cloud-based Security Information and Event Management (SIEM) solution, built for growth, capable of absorbing large amounts of different data sources, powered by machine learning, to provide accurate, to-the-point views on your organization’s security posture. Starting from collecting data, it allows for detecting known threats, but also providing investigation engines to detect unknown threats and patterns. Next, it starts from a proactive approach in mind, bringing features like hunting and responding to incidents to the table.It’s that exact process flow we use as the structure for this condensed, yet complete course on how to implement and manage Azure Sentinel.

lecture
5 (1)
1h 31m | Intermediate | Dec 3 2019 |

This is course five of seven in the Implementing Azure Governance learning path.In this course, you will deep dive into the Azure Blueprints service, which is one of the more advanced governance services in Azure. You will learn what Blueprints are, and the scenarios they are designed to address. The course then takes you on a in-depth journey through each stage of the Blueprints life cycle: creating the Blueprint, adding artifacts, publishing, assigning to a subscription, and managing later updates. The final section of the course provides detailed coverage of Blueprints features not exposed in the Azure portal, such as controlling dependencies and avoiding use of the subscription Owner role. The course include in-depth demos using both the Azure Portal and command-line tools.

lecture
5 (2)
35m | Intermediate | Nov 14 2019 |

This is course four of seven in the Implementing Azure Governance learning path.Azure Management Groups enable many of Azure’s governance and reporting features to be centrally managed using an organization-wide hierarchy, rather than being managed on each individual subscription. This enables an efficient and reliable approach to implementing governance at scale across an organization.In this class, you will learn how to design and build a management group hierarchy, and how to use management groups to implement governance and reporting across an organization.

lecture
5 (1)
1h 29m | Intermediate | Oct 23 2019 |

This is course three of seven in the Implementing Azure Governance learning path.In this course, you will deep dive into the Azure Policy service, which is one of the fundamental governance services in Azure. You will learn how to apply Azure Policy to your subscriptions and the wide range of scenarios it supports. You will also deep dive on the policy definition language, so you can fully understand built-in policies and create your own custom policies. You will also learn how to use Azure Policy compliance reports, and how to investigate and re-mediate non-compliant resources. The course closes with an overview of Azure VM guest policy and overall policy management best practices.

lecture
5 (1)
49m | Intermediate | Nov 11 2019 |

This is course two of seven in the Implementing Azure Governance learning path. Role-based access control is a fundamental pillar of good governance in Azure. Properly deployed, it enables an organization to control how users access and administer the organization’s Azure resources, implementing a ‘least privilege’ model in which users have only the permissions they need, to only the resources they need. This course provides a deep-dive into role-based access control in Azure. The course starts by explaining how user and system identities are managed in Azure AD, and how Azure roles are defined. It then explains how roles can be assigned, and how multiple role assignments interact. Finally, the course shows how you can implement tailored access control policies by creating and assigning your own custom role definitions.

lecture
5 (1)
38m | Intermediate | Dec 2 2019 |

This is course one of seven in the Implementing Azure Governance learning path. This short course provides a brief introduction to key governance concepts and technologies in Azure. Students learn about the Azure governance architecture and the importance of good governance to successful enterprise cloud adoption.This course also serves as an introduction to the Azure Governance learning path.

lecture
5 (5)
1h 42m | Intermediate | Jul 15 2019 |

This course is the first in a series around Azure Security, reflecting on the Microsoft exam objectives as a starting point, but also covering broader topics than wat is required for the exam.This course has a core focus on managing Azure Identity and Access control, relying on Azure Active Directory as the main vehicle for these. In the first module, where we start with an introduction to Azure Active Directory, we dive into the topic of AD Connect synchronization, discuss several authentication architectures available today for hybrid identity, and zoom in on several of Azure AD’s built-in security features. The 2nd module covers Azure AD Privileged Identity Management, a separate service in Microsoft Azure, allowing you to define and control admin-level privileges. The 3rd and last module in this course touches on how to migrate Azure resources across different subscriptions and what impact this might have, ending with describing and walking you through Azure API Management capabilities.

lecture
5 (2)
1h 19m | Intermediate | Jul 15 2019 |

This course is the 3rd in a series around Azure Security, reflecting on the Microsoft exam objectives as a starting point, but also covering broader topics than wat is required for the exam.This course has a core focus on managing security operations, mainly describing what different Azure monitoring and operations tools are available, and how they can help in managing your Azure environment from a security operations perspective. You will learn about Azure Monitor, Azure Log Analytics and Azure Security Center. Next, you will also learn about Azure alert management and Azure Security Center alerts specifically.

lecture
5 (1)
1h 20m | Intermediate | Dec 5 2019 |

This is course six of seven in the Implementing Azure Governance learning path. Resource organization is critical for organizations using Azure at scale. This course begins by discussing resource organization in Azure, explaining both the technical capability of the platform and best practices you can use to manage resources effectively. The second part of the course focuses on the Azure Resource Graph, showing how you can use this feature to explore your resources in many powerful ways.

lecture
0 (0)
55m | Intermediate | Apr 27 2020 |

With the current worldwide situation taking place, organizations that traditionally operate in an office environment are forced to move to a remote workforce strategy for business continuity. This change in business creates challenges. This expert talk will provide guidance on planning and executing secure and collaborative capabilities to your mobile workforce.This presentation will provide insight into how to build a secure mobility strategy for your organization. We will discuss the pros and cons for the various mobile access options for your workforce; demonstrate how users can collaborate and stay connected to co-workers, partners, and customers; and how to secure and manage these environments by utilizing the proper licenses and best practices. Demo will be providing on using 365 tools and Teams for collaboration.

lecture
5 (3)
2h 7m | Intermediate | Jul 15 2019 |

This course is the 4th and last in a series around Azure Security, reflecting on the Microsoft exam objectives as a starting point, but also covering broader topics than wat is required for the exam.This course has a core focus on deploying, configuring and managing security of your data that is stored in Azure, as well as how to secure your business-critical application workloads. You will learn about securing Azure SQL, covering different built-in and sometimes unique to public cloud features of SQL Server. Next, you will also learn the basics of securing other data solutions like HD Insights, Azure Data Lake and Cosmos DB. Another part of the course discusses on how to enable and configure data encryption, using Azure Key Vault as secrets store. Last, you will also learn about several security features of Azure App Services, optimizing security for Azure Web Apps and Azure App Services Environment.

lecture
0 (0)
57m | Intermediate | May 8 2020 |

 An organization is expected to provide an environment where information is available from anywhere at any time for users. The growth of cloud technologies has provided a means and a challenge to organizations as they enrich the accessibility of information and applications. Attending this presentation will provide guidance on how to enable best practices within the organization to secure data and application access through the tools provided within cloud environments. These best practices will allow an organization to excel in the ability to provide an expanded ability to enrich user experience and attract talent with the availability of information, while maintaining organizational confidentiality and integrity.

lecture
5 (1)
38m | Intermediate | Sep 21 2020 |

Karl Ots has assessed the security of over 100 solutions built on the Microsoft Azure cloud. He has found that there are 10 key security pitfalls that are common across all industry verticals and company sizes. In this session, he will share what these security pitfalls are, why do they matter and how to mitigate them.

lecture
5 (1)
54m | Beginner | Sep 16 2020 |

In this course, you will learn the evolution of computing to cloud computing. The course will guide you through the various types of cloud services, cloud deployment models, and how to understand shared responsibility between the cloud provider and the consumer. This course covers one of the objective areas that help you in preparing for the AZ-900 Azure Fundamentals exam.

lecture
5 (1)
43m | Beginner | Sep 16 2020 |

In this course, you will learn about the Azure service components and products. This course will familiarize you with the Azure geographic regions and zones, resources, and core Azure products, such as compute, app services, networking, containers, storage, and database services. This course covers one of the objective areas that help you in preparing for the AZ-900 Azure Fundamentals exam.

lecture
0 (0)
57m | Beginner | Sep 8 2020 |

In this Expert Talk, we will review the regulatory compliance policies and initiatives in Azure. You will learn how to enable policy and compliance in Security Center and how to use workflow automation to monitor compliance.

real-time lab
2 (2)
30m | Beginner | Apr 9 2020 |

Data discovery classification provides advanced capabilities built into Azure SQL Database for discovering, classifying, labeling reporting the sensitive data in your databases. In this lab, you will learn the basics of how to classify your Azure SQL Database.

real-time lab
5 (9)
1h | Intermediate | Jun 25 2020 |

In this lab, an Azure Virtual Machine disk will be encrypted. You will deploy a VM into Azure that is not encrypted, obtain and run the Azure Disk Encryption Prerequisites Azure PowerShell script, and you will then encrypt your virtual machine.

real-time lab
4 (51)
1h 40m | Beginner | Apr 28 2020 |

In this lab, you will create a virtual network that will allow the virtual machines you create to securely connect with each other. You will then create two virtual machines and specify the virtual network configuration and the availability set configuration along with storage for the virtual machine.

real-time lab
5 (12)
1h 10m | Beginner | Sep 10 2020 |

In this lab, you will practice using Azure Policy and Azure Role-Based Access Control (RBAC) to implement some simple governance scenarios in Azure. You will use Azure Policy to apply a permitted locations rule to an Azure resource group, and RBAC to grant permissions to a new user. You will also create and assign a custom RBAC role.

real-time lab
5 (35)
1h 15m | Intermediate | May 21 2020 |

In this lab, you will create an Azure Web App and a SQL Database and configure the popular content management system (CMS) Orchard CMS. You will then configure the web app to automatically scale based on actual CPU usage.

real-time lab
5 (14)
1h | Beginner | Aug 28 2020 |

This lab is designed to help you become familiar with several features of Microsoft Azure Log Analytics. You will learn how to setup a Log Analytics workspace and install the agent on several VMs. From there, you will configure data sources from Azure as well as diagnostic data from the VMs and learn the fundamentals of querying data and events using the Log Analytics query language.This lab pre-provisions several resources in Microsoft Azure and will take 15-20 minutes to start before it is ready.

real-time lab
0 (0)
2h | Advanced | Jan 19 2020 |

In this lab you will learn how to create, publish and assign an Azure Blueprint. You will also learn how to update a Blueprint draft, publish additional Blueprint versions, and update a Blueprint assignment.In addition, this lab will explore Blueprint locks and how they are implemented by the Blueprints service.This lab also shows how to export your Blueprint as JSON files, and how to edit these files to configure deployment dependencies and to streamline Blueprint parameters.In this lab, you will assign your Blueprint using a user-assigned Managed Identity. This provides you with full control over the Azure RBAC permissions used for Blueprint assignment. It also avoids the need for the user to have have subscription Owner permissions, which are required when using system-assigned Managed Identity.

real-time lab
5 (9)
1h | Beginner | Aug 24 2020 |

In this lab, you learn about the deploying A Test VM and configuring Azure Monitor on that VM by applying some condition and action items. If the VM reaches the defined thresholds, Azure Monitor will generate alerts.

real-time lab
4 (4)
1h 16m | Beginner | Apr 22 2020 |

In this lab, you will deploy a simulated environment with an Azure Virtual Network and two virtual machines. From there you will learn how to deploy Azure Firewall in the environment to protected the simulated workload.

real-time lab
4 (8)
1h 10m | Intermediate | May 26 2020 |

In this lab, you will get started with Azure Key Vault to create a hardened container (a vault) in Azure, to store and manage cryptographic keys and secrets in Azure. First you will use Azure PowerShell. Then you will store a password as a secret that could then be used with an Azure application.

real-time lab
5 (18)
3h | Intermediate | Jul 7 2020 |

In this lab, you will create 3 virtual networks in two different regions. You will configure site-to-site connectivity between the regions using a VPN Gateway. Finally, you will configure virtual network to virtual network connectivity using virtual network peering. This will also allow traffic from the 3rd virtual network to transit over the VPN gateway.

real-time lab
3 (4)
30m | Beginner | Jul 21 2020 |

In this lab you will learn how to enable and disable distributed denial of service (DDoS) protection, and use telemetry to mitigate a DDoS attack with Azure DDoS Protection Standard. DDoS Protection Standard protects Azure resources such as virtual machines, load balancers, and application gateways that have an Azure public IP address assigned to it.

real-time lab
3 (3)
30m | Beginner | Jun 25 2020 |

In this lab, you will learn to manage web traffic using application gateways by configuring a back end pool, health probes, and listeners to forward traffic through the gateway to an Azure Virtual Machine. From there, you will enable the Azure Web App Firewall and simulate traffic that is blocked by the WAF. Finally, you will review WAF logs to see what traffic was blocked.

real-time lab
4 (4)
50m | Intermediate | Jul 3 2020 |

In this lab, you will install the required components to connect to Azure Active Directory. You will then initiate a connection to Azure Active Directory, as well as review common administration tasks and commands.

real-time lab
5 (1)
1h | Beginner | Jul 3 2020 |

In this lab, you will learn how to manage Users and Groups using both MSOnline and AzureAD PowerShell Modules. You will create, manage and remove both users and groups, followed by managing permissions within Azure Active Directory.

real-time lab
4 (2)
25m | Beginner | May 12 2020 |

In this lab, you will learn to use a Managed Identity with Azure PowerShell by creating a virtual machine with a system managed identity. You will then assign the identity to a resource group using role-based access control (RBAC).Down for maintenance. 

real-time lab
4 (2)
25m | Beginner | Jul 2 2020 |

In this lab, you will learn to use service principals with Azure PowerShell by first creating a service principal, assigning permissions to that principal, and finally logging into Azure with the service principal.