18 free Microsoft Azure cybersecurity resources you should check out
Far exceeding a traditional public cloud platform, Azure is a comprehensive suite of over 200 products and cloud services engineered to solve current challenges and pave the way for the future. Whether you’re looking to build, run, or manage applications, Azure’s extensive offerings span multiple clouds, on-premises setups, and even the edge, allowing you the flexibility to use the tools and frameworks you’re most comfortable with.
Here’s a list of free Azure cybersecurity resources that Microsoft offers to anyone interested in learning.
The cloud fundamentally changes everything. Traditionally, ownership and responsibility for all aspects of the technology you use, from infrastructure to software, has fallen to enterprises. When you move to the cloud, you can instead provision and consume just the resources you need, when you need them. Although the cloud offers tremendous flexibility, to get the most benefit out of your move to the cloud, you need a proven and consistent methodology for adopting cloud technologies. The Microsoft Cloud Adoption Framework for Azure meets that need, helping guide decisions throughout cloud adoption.
Organizations moving to the cloud often need to modernize security practices and tooling to keep up with continuous changes in cloud platforms, business requirements, and security threats.
The Microsoft Cloud Adoption Framework for Azure provides guidance for this security modernization journey by providing clarity on processes, best practices, models, and experiences. This guidance is based on zero-trust principles, lessons learned, and real-world experiences of Microsoft’s security work. It’s also based on work with organizations like NIST, the Open Group, and the Center for Internet Security.
1 hr 12 min
Explore how to configure and administer your Azure Active Directory instance securely. By the end of this module, you will be able to:
- Configure Azure AD and Azure AD Domain Services for security
- Create users and groups that enable secure usage of your tenant
- Use MFA to protect user’s identities
- Configure passwordless security options
Describe whether you can use Azure Firewall Manager to provide central security policy and route management for your cloud-based security perimeters. Evaluate whether Azure Firewall Manager can help secure your cloud perimeters.
By the end of this module, you’re able to evaluate how Azure Firewall Manager can address your cloud-based security needs, and describe how Azure Firewall Manager provides central security policy and route management for cloud-based security perimeters.
1 hr 25 min
You learn how to design security posture management solutions that integrate into hybrid and multicloud scenarios using capabilities in Microsoft Defender for Cloud, Azure Arc and Microsoft Cloud Security Benchmark (MCSB). By the end of this module, you’re able to:
- Evaluate security posture by using Microsoft Cloud Security Benchmark, Microsoft Defender for Cloud, and Secure Scores
- Design integrated security posture management and workload protection solutions in hybrid and multicloud environments
- Design cloud workload protection solutions that use Microsoft Defender for Cloud
Securing Azure AI Services can help prevent data loss and privacy violations for user data that may be a part of the solution. After completing this module, you will know how to: consider authentication for Azure AI Services, and manage network security for Azure AI Services.
1 hr 17 min
Secure the traffic from your users all the way to your web servers by enabling TLS encryption on Application Gateway. In this module, you will implement TLS encryption between your users and Application Gateway, and implement TLS encryption between Application Gateway and your web servers
This module covers definitions and available services for identity provided in Azure AD to Microsoft 365. You start with authentication, authorization, and access tokens then build into full identity solutions. By the end of this module, you’ll be able to:
- Define common identity terms and explain how they’re used in the Microsoft Cloud
- Explore the common management tools and needs of an identity solution
- Review the goal of Zero Trust and how it’s applied in the Microsoft Cloud
- Explore the available identity services in the Microsoft Cloud
Protecting a user’s identity by monitoring their usage and sign-in patterns will ensure a secure cloud solution. Explore how to design and implement Azure AD Identity protection. By the end of this module you will be able to:
- Implement and manage a user risk policy
- Implement and manage sign-in risk policies
- Implement and manage MFA registration policy
- Monitor, investigate, and remediate elevated risky users
Explore how to use built-in Azure roles, managed identities, and RBAC-policy to control access to Azure resources. Identity is the key to secure solutions. By the end of this module, you will be able to:
- Configure and use Azure roles within Azure AD
- Configure and managed identity and assign it to Azure resources
- Analyze the role permissions granted to or inherited by a user
- Configure access to data in Azure Key Vault using RBAC-policy
1 hr 2 min
Ensuring that administrative roles are protected and managed to increase your Azure solution security is a must. Explore how to use PIM to protect your data and resources. By the end of this module, you will be able to:
- Define a privileged access strategy for administrative users (resources, roles, approvals, and thresholds)
- Configure Privileged Identity Management for Azure AD roles
- Configure Privileged Identity Management for Azure resources
- Assign roles
- Manage PIM requests
- Analyze PIM audit history and reports
- Create and manage emergency access accounts
Enterprise app deployment enables control over which users can access the apps, easily log into apps with single-sign-on, and provide integrated usage reports. By the end of this module, you’ll be able to:
- Discover apps by using MCAS or ADFS app report.
- Design and implement access management for apps.
- Design and implement app management roles.
- Configure pre-integrated (gallery) SaaS apps.
1 hr 31 min
Protect your keys, certificates, and secrets in Azure Key Vault. Learn to configure key vault for the most secure deployment. By the end of this module, you will be able to:
- Define what a key vault is and how it protects certificates and secrets
- Deploy and configure Azure Key Vault
- Secure access and administration of your key vault
- Store keys and secrets in your key vault
- Explore key security considers like key rotation and backup / recovery
Learn how Azure Storage provides multilayered security to protect your data. Find out how to use access keys, to secure networks, and to use Advanced Threat Protection to proactively monitor your system. In this module you will:
- Explore the Azure Data Lake enterprise-class security features.
- Understand storage account keys.
- Understand shared access signatures.
- Understand transport-level encryption with HTTPS.
- Understand Advanced Threat Protection.
- Control network access.
Learn how to use Azure RBAC to manage access to resources in Azure. In this module, you will:
- Verify access to resources for yourself and others.
- Grant access to resources.
- View activity logs of Azure RBAC changes.
1 hr 12 min
Learn how to use the foundation of threat modeling to identify enterprise risks and find ways to reduce or eliminate them. In this module, you will:
- Understand the importance of a well defined, open-ended questionnaire to get a better view of the infrastructure.
- Visualize how each component interacts with the other with a detailed data-flow diagram.
- Identify infrastructure security gaps using a combination of security policies and the threat modeling framework.
- Reduce or eliminate risk with known security requirements and controls.
Azure Arc-enabled SQL Managed Instance offers a secure and performant solution for deploying the SQL Server database engine in a wide range of hybrid scenarios. By the end of this module, you’ll be able to enhance the security of Azure Arc-enabled SQL Managed Instance, and monitor the performance of Azure Arc-enabled SQL Managed Instance.
1 hr 21 min
You learn techniques to design security operations capabilities including logging, auditing, Security Event Management (SIEM), Security Orchestration and Automated Response (SOAR), and security workflows. By the end of this module, you are able to:
- Design security operations capabilities in hybrid and multi-cloud environments
- Design centralized logging and auditing
- Design SIEM solutions
- Design a solution for detection and response that includes XDR
- Design a solution for SOAR
- Design security workflows
- Design and evaluate threat detection with the MITRE ATT&CK framework
- 17 free AWS cybersecurity courses you can take right now
- 11 search engines for cybersecurity research you can use right now
- 8 open-source OSINT tools you should try
- 12 open-source penetration testing tools you might not know about
- 20 cybersecurity projects on GitHub you should check out
- 6 free resources for getting started in cybersecurity