A practical application experience to demonstrate improvement of security posture and increase in visibility of assets and applications. When a system designed for on-premises operation is migrated to a public cloud, it is exposed to additional vulnerabilities and risks of exploitation. This workshop will delve into the realm of cloud native security solutions and techniques, to demonstrate how it is possible to protect such systems that are otherwise considered indefensible particularly in the case of ‘Lift and Shift’.
Learning Objectives
Identify gaps in visibility for web application and storage platform
Activate Insights for app visibility
Deploy and configure Log Analytics, Defender
Learn how to deploy Application Gateway to defend both the Web App and the Storage accounts
Implement WAF technologies
System Requirements
A modern web browser*
An Azure account with full administrative ownership
If you have been assigned an Azure account by SANS for a course this is fine to use for this workshop.
If you have an Azure account already, you can use this but be aware you will be hosting a vulnerable web application created by the workshop code.
If you need to register a new Azure account, you can create a Pay-As-You-Go Azure subscription from here. A valid email address and credit card are required to subscribe to Microsoft Azure.
You are liable for any expenses associated with hosting objects and services within your azure account.
For this workshop, the costs will be less than $5 US.
A full teardown script is provided at the end of the workshop to delete all assets created.
Steps to delete subscriptions at the end are also provided.
Simon Vernon brings more than a quarter century of experience to his role as Head of Research and Development for SANS Institute where he is responsible for the creation and operations of all Jupiter Rockets, BootUP, and Community Cyber Ranges.
