Best Practices
High Level Documentation¶
| Link | Notes |
|---|---|
| Map the Cloud |
|
| cmd.ms | Shortlinks for every Azure service |
| Security documentation | Central Docs site from Microsoft |
| Azure security best practices and patterns | Security best practices and patterns for different Azure resources |
| Microsoft Azure Well-Architected Framework |
|
| Azure Security Center Learning Path | |
| Azure Sentinel Learning Path | Learning path describing basic architecture, core capabilities, and primary use cases of Azure Sentinel |
| Overview of the Microsoft cloud security benchmark | The Microsoft cloud security benchmark (MCSB) provides prescriptive best practices and recommendations to help improve the security of workloads, data, and services on Azure and your multi-cloud environment |
IAM¶
| Link | Notes |
|---|---|
| Permissions Reference for Azure IAM | A website built in order to provide an alternate, community-driven source of truth for Azure identity |
| Untangling Azure Active Directory Principals & Access Permissions | Who has access to what in an Azure Active Directory environment |
| azure-security-survival-kit | A simple framework to explain how to centralize logs and detect a bare minimum of potential threats in Microsoft Azure |
Operational Guides¶
| Link | Notes |
|---|---|
| Azure security best practices and patterns | Security best practices to use when designing, deploying, and managing cloud solutions by using Azure |
| Azure operational security checklist | Checklist to assist in evaluating applications against a list of essential and recommended operational security actions |
| aks-checklist |
|
| 8 easy steps to improve your security posture in Azure | Slides from the equally named talk recorded at the Virtual Azure Community Day. Video is also available |
Office 365¶
| Link | Notes |
|---|---|
| Free Microsoft 365 subscriptions for learning purposes | You can get a free Microsoft 365 subscription with 25 user licenses to learn and create automations |
| Purchased Microsoft 365 E5, Now What? | Microsoft 365 E5 suite is a large amount of products Microsoft offers for the Enterprise environment, more focused towards the security and compliance areas |
| How to Protect Office 365 with Azure Sentinel | Approaches to onboard Office 365 and related services into Azure Sentinel |
| Protecting Microsoft 365 from on-premises attacks | How to configure your systems to protect your Microsoft 365 cloud environment from on-premises compromise |
| Forensic artifacts in Office 365 and where to find them | Some explanations and tips for investigators so to be able to easily understand, in any situation, what data is available, and in which portal |
| Microsoft Defender for Office 365 Security Operations Guide | An overview of the requirements and tasks for successfully operating Microsoft Defender for Office 365 |
| ScubaGear | Automation to assess the state of your M365 tenant against CISA's baselines |