Generic placeholder image

Injecting your VNETs with Azure Databricks

In a previous post I talked a bit about automation concerns and Azure databricks. One of the key considerations, from a security perspective anyways, when deploying Azure databricks is VNET injection. The goal of this post is to chat a bit more about that feature. Many azure PaaS services are offering VNET injection type features. Effectively, this feature allows the “service” to deploy it’s resources directly in to one of your VNETs, allowing you to use the service while providing your own security “around” that service.

Read more
Generic placeholder image

Infrastructure as Config

Infrastructure as Code This is one of those buzz terms that is all the rage with the advent of public clouds, but the idea has been in practice for a while in the VMware world (PowerCLI). It is the ability to programmatically provision resources using templates, commands, loops, and conditionals. It encompasses both deployments based on templates and pure code, but is often used when referring to the simplified frameworks for template deployment.

Read more
Generic placeholder image

Notes on Azure Databricks Automation

The best explanation for databricks is that it is a commercial offering of spark implementations. If you are doing anything in the big data or ML world, you are likely using (or have used) some type of processing engine for large datasets. Effectively, spark is a distributed data processing engine that is built for speed, ease of use, and flexibility. Databricks takes spark to the next level by bundling in cluster and job automation.

Read more
Generic placeholder image

Protecting Your Backups

Nearline, Geo-Replicated, and Protected Backups We have all heard the importance of making backups. You may have even heard of disaster recovery planning. Hopefully you have listened to that advice and are well prepared. Now the question is, have you protected your backups from someone deleting them? Cloud providers do things at scale and they have built in an impressive amount of redundancy and reliability. To offer these services as simple, neat packages, they hide away the complexity behind them.

Read more
Generic placeholder image

AZ500 - Identity - Part 3

I am currently studying for the AZ 500 exam which focuses on Microsoft Azure Security Technologies. This is the next blog post in that series. The first major section in the Az500 exam is focused on managing identity and access. The goal of this post is to talk about multi-factor authentication. Passwords are so 1990 In his talk (https://1990.sambego.tech/), Sam Bego discusses that the glory days of passwords are behind us.

Read more
Generic placeholder image

AZ500 - Identity - Part 2

I am currently studying for the AZ 500 exam which focuses on Microsoft Azure Security Technologies. This is the next blog post in that series. The first major section in the Az500 exam is focused on managing identity and access. The goal of this post is to talk about apps and app registrations. It would be hard to dive in to a discussion on apps without talking about OATH 2.

Read more