When using PaaS services in a hub-and-spoke architecture a best-practice approach is to use Private Endpoints for accessing those services. This allows us to ensure that these services are only available internally in the Azure VNET and not publicly available. Read more…
Last week I got contacted by a customer who was a bit stressed because someone had tampered with their environment in Azure, and they had no idea who it was and what they have been doing. Before I begin going Read more…
I was working on a customer project recently where we started to investigate Azure Container Apps which is a new service that is currently in preview from Microsoft. The feature provides developers with a way to deliver containerized applications without Read more…
One of the great things with Terraform is the wealth of support for different providers and platforms. For instance, you have support for the major cloud providers, SaaS services like Cloudflare, and virtualization layers such as VMware. So, when I’m Read more…
A while back a customer of ours got targeted with a phishing attack that came through Microsoft Teams. What happened was that the attackers created a new O365 organization and named the users in their tenant like the people working Read more…
This is a summary blog post on a presentation that I hosted on the Microsoft Security User Group Norway a few weeks back (You can view the presentation here –> community/MSUGC-securing-virtual-machines-english.pptx at main · msandbu/community (github.com)) There are many security features Read more…
A couple of weeks ago, Microsoft introduced a new preview feature for AVD called ShortPath for Public Networks. This allows us to get UDP-based connections to our AVD machines instead of the traditional Reverse TCP-based connections. NOTE: This feature is still in preview Read more…
One of the things I’ve been working a lot with the latest 6 months are projects related to cloud-native and delivered Container-based workloads. One of the things I find fascinating about this is the surrounding cloud-native ecosystem. As a kid, I (was Read more…
With more governmental requirements enforcing requirements that public-facing services need to support IPv6 a lot of customers that have started their cloud journey might be having some issues with adopting IPv6 on all their services. Especially with Microsoft Azure, not Read more…
Last week, a hacker group called LAPSUS had able to gain access to NVIDIA and was able to collect a large amount of data from the internal fileservers, including code signing certificates. Now this week they also claim that they Read more…