C2 Infra on Azure
submitted by /u/digicat [link] [comments]
Articles tagged with: #azure
Clear filter
Recommendations for a framework? NIST CSF/800-53?
Hi all, We are a small company with the following: Employees in the UK and US. The cybersecurity team consists of just me, so no CISO, no CTO, no official IR documentation, Controls Library, or centralised policy location. We currently use Azure Need to start getting security of the ground and thinking of using frameworks such as NIST 800-53 or NIST CSF, or something similar. For those in the field, which would u use and why? (Also, I'm new to GRC!) submitted by /u/Cyber_Lord345 [link]...
Learning Terraform in Azure as a Security Admin - Feedback Welcome
Hey everyone, Firstly, this is probably shit so bear with me. I've got just over 1 year of experience in security, mainly as a Security Admin in Azure. Recently, I decided to spend some time learning Terraform and applying it to a personal project. What I did: • Provisioned an Ubuntu VM in Azure using Terraform. • Configured SSH key-based authentication and disabled password logins. • Set up UFW on the VM and an Azure NSG for network-level firewalling. • Installed and configured Nginx,...
Learning Terraform in Azure as a Security Admin - Feedback Welcome
Hey everyone, Firstly, this is probably shit so bear with me. I've got just over 1 year of experience in security, mainly as a Security Admin in Azure. Recently, I decided to spend some time learning Terraform and applying it to a personal project. What I did: • Provisioned an Ubuntu VM in Azure using Terraform. • Configured SSH key-based authentication and disabled password logins. • Set up UFW on the VM and an Azure NSG for network-level firewalling. • Installed and configured Nginx,...
Anyone here with experience in implementing DAM tool in cloud heavy setup?
We're in the middle of evaluating options for HIPAA compliance. Insider risk and a related incident are the main drivers. We moved to multi-cloud Azure/AWS/GCP and some on-prem Nutanix. We were heavy Imperva users on our datacenters, but it's not working well on cloud and we are evaluating alternates. The logs are delayed, and there's no user identity attribution that caused us issues while understanding the incident. Team is under pressure from management because we paid up high 6 figures to...
Cyber Security Certs
I currently work as an IT Risk Manager which works in risk and compliance mainly, and I want to pick up certs. I have plans to start the CISSP this year. However, I want to know what else is trending and I should pick up on certs wise that would be beneficial in the American, Canadian, and/or European job markets. Another one I want to do is an Azure cloud cert. I'm looking at certs that can leverage new opportunities, especially in leadership. I currently have an MBA as well. submitted by...
SOC Analyst Interviews
Hey Everyone, I've managed to land two SOC interviews (one with Chuck E Cheese and one with a Dr.Pepper company). I come from a front-end web dev background. I've done some TryHackMe, vuln management, threat hunting, and incident response in Azure. I have Security+. Any hiring managers or people involved in the hiring process willing to give some advice? I've never worked an actual cyber role yet and I'm actually nervous and a little doubtful since I got rejected for a help desk role two weeks...
OmniProx: IP Rotation from different providers - Like FireProx but for GCP, Azure, Alibaba and CloudFlare
submitted by /u/digicat [link] [comments]
Where are you preventing/detecting Prompt Injection ?
Hey all, For those Utilizing AI/LLMs in house, where are you focusing your efforts to prevent/detect prompt injection attacks ? Given there's various locations, I'm curious as to where people are deploying the capability. Via an internet proxy service like Zscaler or Cloudflare. (Ai gateways preview) At the AI gateway, or enhanced API gateway between app <> AI service. At source via something like azure content safety. Via log ingestion into SIEM, detecting patterns. Thanks all submitted by...
What conferences, roundtables, or events are you finding to be worth attending?
tldr: there are too many events, off sites, and bs roundtables. not talking about re invent or fal.con but what local or regional events (east coast preferably) are actually helpful - ai, AWS/azure security, ASPM are all topics of interest for us at the moment. submitted by /u/CandyCloud919 [link] [comments]
Wiz vs CrowdStrike for cloud security - which one actually works
My company is looking at cloud security platforms and we're down to Wiz and CrowdStrike. Budget isn't really the issue but we need something that actually catches stuff without drowning us in false positives Anyone here used both? From what I can tell Wiz is more cloud-native but CrowdStrike has that whole endpoint thing going for it too. Our infrastructure is mostly AWS with some Azure mixed in Really need something that integrates well and doesn't require a PhD to configure. The last solution...
Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants
A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra. There is no
Usurpation d'Identités managées dans Azure
submitted by /u/MobetaSec [link] [comments]
Azure Application Gateway protection against CVE-2025-8671 (MadeYouReset)
submitted by /u/DerBootsMann [link] [comments]
SANS course for DevSecOps
My company offered to sponsor one SANS course, and I can choose between: SEC540: Cloud Security and DevSecOps Automation SEC510: Public Cloud Security (AWS, Azure, GCP) SEC549: Enterprise Cloud Security Architecture SEC401: Security Essentials My main goal is to advance in my career. I have no previous certifications, and I am new in the field. Has anyone here taken these courses? Which one would you recommend as the best starting point for, and why? submitted by /u/Educational-Ship6451 [link]...
New Malware Using Azure Functions For Hosting Command And Control Infrastructure
A new, sophisticated malware campaign has been uncovered that leverages Microsoft's Azure Functions for its command-and-control (C2) infrastructure, a novel technique that complicates detection and takedown efforts. According to the Dmpdump report, the malware, first identified from a file uploaded to VirusTotal on August 28, 2025, from Malaysia, employs a multi-stage infection process involving DLL
How can we cut Spark job costs on Azure without killing speed?
Running Spark on Azure feels like you're always stuck picking your poison. You either throw money at it to keep jobs fast or cut resources and suddenly everything crawls. The dashboards don't really help either they give you metrics but not the actual why behind high costs or slow jobs. Digging through logs to figure out one shuffle is brutal. Does anyone actually know a way to get both lower cost and decent speed without guessing every time? submitted by /u/SweetHunter2744 [link] [comments]
Automatic Identity Management for Entra ID is now Generally Available in Azure Databricks
Automatic Identity Management (AIM) for Entra ID on Azure Databricks is now Generally Available.
Unknown Malware Using Azure Functions as C2
submitted by /u/digicat [link] [comments]