Discover the tools that Azure provides to help you design a secure environment throughout your infrastructure, data, network, and applications.
By the end of this module, you'll be more familiar with the five principles of the Security pillar and learn three approaches for each principle. You'll learn how to:
- Create a security readiness plan that matches your business priorities.
- Handle confidentiality requirements properly.
- Strengthen your workload's integrity against security risks.
- Ensure that your workload stays available during security incidents.
- Maintain and improve your workload's security posture continuously.
Learn to use key GitHub features, including issues, notifications, branches, commits, and pull requests.
In this module, you'll:
- Identify the fundamental features of GitHub.
- Learn about repository management.
- Gain an understanding of the GitHub flow, which includes branches, commits, and pull requests.
- Explore the collaborative features of GitHub by reviewing issues and discussions.
- Recognize how to manage your GitHub notifications and subscriptions.
Learn best practices for building, hosting, and maintaining a secure repository on GitHub.
In this module, you will:
- Identify the tools and GitHub features to establish a secure development strategy.
- Enable vulnerable dependency detection for private repositories.
- Detect and fix outdated dependencies with security vulnerabilities.
- Automate the detection of vulnerable dependencies with Dependabot.
- Add a security policy with a SECURITY.md file.
- Remove a commit exposing sensitive data in a pull request.
- Remove historical commits exposing sensitive data deep in your repository.
In this module, you learn how to create security baselines for your Azure services by ensuring that your settings meet the minimum requirements described in CIS Benchmarks for Azure v. 1.3.0.
In this module, you will:
- Learn about Azure platform security baselines and how they were created.
- Create and validate a security baseline for the most commonly used Azure services.
Learn how to create an Azure Key Vault to store secret values and how to enable secure access to the vault.
In this module, you will:
- Explore what types of information can be stored in Azure Key Vault
- Create an Azure Key Vault and use it to store secret configuration values
- Enable secure access to the vault from an Azure App Service web app with managed identities for Azure resources
- Implement a web application that retrieves secrets from the vault

Syllabus

Microsoft Azure Well-Architected Framework - Security
- Introduction
- Plan your security readiness
- Design to protect confidentiality
- Design to protect integrity
- Design to protect availability
- Sustain and evolve your security posture
- Summary
Introduction to GitHub
- Introduction
- What is GitHub?
- Components of the GitHub flow
- GitHub is a collaborative platform
- GitHub platform management
- Exercise - A guided tour of GitHub
- Module assessment
- Summary
Maintain a secure repository by using GitHub best practices
- Introduction
- How to maintain a secure GitHub repository
- Automated security
- Exercise - Secure your repository's supply chain
- Module assessment
- Summary
Create security baselines
- Introduction
- Understand the Azure platform security baseline
- Create an Identity & Access Management baseline
- Create a Microsoft Defender for Cloud baseline
- Create an Azure storage accounts baseline
- Create an Azure SQL Database baseline
- Create a logging and monitoring baseline
- Create a Networking baseline
- Create an Azure VM baseline
- Other baseline security considerations
- Summary
Manage secrets in your server apps with Azure Key Vault
- Introduction
- What is Azure Key Vault?
- Exercise - Create a Key Vault and store secrets
- Vault authentication with managed identities for Azure resources
- Exercise - Access secrets stored in Azure Key Vault
- Exercise - Configure, deploy, and run your app in Azure
- Summary