Real world business tracks leading towards Azure Services
Microsoft Ignite 2025 delivered transformative updates across cloud computing, security, and architectural best practices. This year’s announcements emphasize AI-driven optimization, zero-trust security, and hybrid cloud strategies, alongside AzureTracks, a structured learning initiative for cloud professionals. An incredible week for Microsoft Cloud yet again this year!
Today we start the second phase of our DDoS protection journey—where visibility becomes your superpower, and raw telemetry transforms into strategic insight.
You’ve done the hard work: diagnostic logging is enabled, your DDoS protection plan is active, and telemetry is flowing into Log Analytics. Now it’s time to elevate your defense posture from reactive to predictive. Because in cloud security, knowing what happened isn’t enough—you need to know what’s happening now, and what’s likely to happen next.
Today we start a journey into the heart of Azure’s DDoS protection capabilities—not just to check a box, but to build a resilient, observable, and defensible cloud perimeter.
DDoS attacks are no longer rare anomalies. They’re persistent, evolving threats that target everything from public-facing APIs to mission-critical web apps; and while Azure offers built-in protection, the real value comes when you configure it with intention—enabling diagnostics, routing telemetry, and preparing your environment to respond intelligently.
In today’s article, we explore the digital landscape that businesses face, there are strict regulatory requirements for securing sensitive data, ensuring privacy, and maintaining compliance with industry and government mandates. Whether you’re a startup, enterprise, or regulated entity, Microsoft Azure offers a robust suite of security and compliance solutions designed to simplify compliance management and enhance security posture. We’ll explore some foundations and remove the complexity of how to track your compliance in Microsoft Azure.
In today’s post we will look at some different ways to automate incident triage in Microsoft Sentinel. Organizations face an ever-increasing volume of security threats. Cyberattacks are becoming more sophisticated, and the sheer number of alerts can overwhelm even the most seasoned security teams. Automated triage in Microsoft Sentinel emerges as a crucial solution, empowering organizations to respond swiftly and efficiently to potential threats. This is where Microsoft Sentinel’s automated triage capabilities are…
In today’s post we will look at a targeted way to harness the full potential of your Azure security by integrating Microsoft Defender for Cloud with Microsoft Sentinel. This powerful combination allows for advanced threat detection, seamless monitoring, and a unified view of your security posture. We want to select our Sentinel data connectors while being thoughtful. The Microsoft Defender XDR data connector is the modern connector version that we should all use in most cases; but the legacy connector is useful when we have only specific subscriptions that we want to bring into Sentinel. The older, legacy connector, requires the manual selection of the subscriptions to include in the data ingestion; it is the perfect solution if you have a tenant that you only want 2 of the many subscriptions provisioned.
In this post, we examine how to review and master your data connectors to optimize ingestion. Organizations worldwide are investing […]
Join me this week to gain an in-depth understanding on how to clearly define what data to retain. Data retention is not just a regulatory box to tick; it’s the backbone of a robust security posture. In the realm of Microsoft Sentinel, understanding how to manage your data retention is key to leveraging the full potential of your SIEM system. From cost management to compliance, the way you handle data can make or break your security operations.
In this post we continue our exploration of enabling multitenant management with scalability, higher automation, and enhanced governance across resources. Let’s jump right in this week and learn about the best practices and security baseline of using Azure Lighthouse. This is the last in a mini-series of three posts about Azure Lighthouse and Sentinel at scale; we have looked in detail at delegated permissions, what Azure Lighthouse is all about, and now we look at the best practices and how to deploy!
In this post we continue our exploration of enabling multitenant management with scalability, higher automation, and enhanced governance across resources. Let’s jump right in this week and learn about delegation using Azure Lighthouse in enterprise scenarios and how an MSP might use delegation to optimize SOC operations. Join me for a good look at delegation & Lighthouse!
