Microsoft Azure Security covers the latest security features provided by Microsoft to identify different threats and protect your Azure cloud using innovative techniques. Cloud computing brings new security challenges, but you can overcome these with Microsoft Azure’s shared responsibility model. Azure cloud uses innovative techniques. This guide takes you through the built-in security controls and the multi-layered security features offered by Azure to protect cloud workloads across apps and networks. You’ll get to grips with using Azure Security Center for unified security management, building secure application gateways on Azure, protecting the cloud from DDoS attacks, safeguarding with Azure Key Vault, and much more.

Skills Covered
• Manage identity and access (30-35%)
• Implement platform protection (15-20%)
• Manage security operations (25-30%)
• Secure data and applications (20-25%)

Certification Name & Exam Code
Microsoft Certified: Azure Security Engineer Associate
Microsoft Azure Security AZ-500

Click to download

List of Awesome macOS Red Teaming Resources.

As more and more companies begin to adopt macOS as a daily office solution, we often encounter macOS operating system during our Pentest/Red Teaming process. How to hacking macOS, how to achieve Persistence under macOS, and using this as a starting point Lateral Movement to DC is a topic worth research.

This list is for anyone who wants to learn about Red Teaming for macOS but has no starting point.

You can help by sending Pull Requests to add more information.

Click to download

WHAT’S THE DIFFERENCE?

The threat level has never been higher for organizations charged with protecting valuable data. In fact, as recent headlines will attest, no company or agency is completely immune to targeted attacks by persistent, skilled adversaries.

The unprecedented success of these attacks against large and well-equipped organizations around the world has led many security executives to question the efficacy of traditional layered defenses as their primary protection against targeted attacks.

At the same time, many organizations have begun reviewing and revising their security best practices in advance of suffering a debilitating cyber attack. Based on extensive use of CrowdStrike’s next-generation endpoint protection platform to detect and prevent sophisticated attacks against large organizations, CrowdStrike’s in-house team of security experts, adversary hunters, intelligence analysts and incident responders have pooled their knowledge to produce this valuable guidebook and checklist for proactively enhancing your corporate information security procedures while avoiding common mistakes and pitfalls.

Click to download

As the Federal Government continues to adopt increasingly cutting-edge technologies and embrace large changes to existing Information Technology (IT) infrastructure, containers have become a growing topic of discussion throughout agencies. Some agencies already have budding containerization practices, other agencies are in the process of preparing for and building container capabilities and skills, and still others are early in the maturation process.

This guide provides a basic overview of container technologies to educate agencies that have limited to no containerization maturity. It will help agencies make informed and intelligent decisions on adopting container technologies. Intended as a “Container Readiness Guide,” the reader will first find an overview of container technology and references to external resources for additional learning to set a baseline of terms, definitions, and types of technologies.

Click to download

Over the past year the world has borne witness to a burgeoning cybercrime economy and the rapid rise of cybercrime services. We have watched this global market grow in both complexity and fervency. We’ve seen the cyberattack landscape becoming increasingly sophisticated as cybercriminals continue—and even escalate—their activity in times of crisis. New levels of supply chain and ransomware attacks were a powerful reminder that we must all work together, and in new ways, to protect the cybersecurity of the planet.

We see transparency and information sharing as essential to the protection of the ecosystem. Knowledge brings power, and to that end, security professionals need diverse and timely insights into the threats they are defending against.

Microsoft serves billions of customers globally, allowing us to aggregate security data from a broad and diverse spectrum of companies, organizations, and consumers. Informed by over 24 trillion security signals per day, our unique position helps us generate a high-fidelity picture of the current state of cybersecurity, including indicators that help us predict what attackers will do next. Our goal in creating the Microsoft Digital Defense Report is to bring together integrated data and insights from more teams, across more areas of Microsoft than ever before. We will share what we’re seeing to help the global community strengthen the defense of the digital ecosystem, and we will include actionable learnings that companies, governments, and consumers can use to further secure individuals and environments.

Click to download