How to change associate an Azure Active Directory to a Subscription

I created an Azure Active Directory some time ago and found that it was not linked to a subscription, because when I changed between my Azure Active Directory domains, as seen in Figure 1, when I tried to create some resources within it, I got the message shown in Figure 2. Figure 1, how to…


Join a Virtual Machine to Existing Domain with Key Vault and ARM templates

One of my customers is building a set of ARM templates for their internal users.  They wanted to remove the burden for users to specify the local administrator’s credentials, but wanted to store the credentials securely. To skip the explanation and just go to the code, see https://github.com/kaevans/vm-domain-join-key-vault. The problem is that you cannot reference…


Compliance on Azure Government

In this episode of the Azure Government video series, Zach Kramer talks with Matt Rathbun (CISO, Azure Government) about compliance in Azure Government. Matt and Zach discuss the various compliance regimes offered by Azure Government including FedRAMP High and Moderate, DISA Level 4 and 5 for DoD workloads, CJIS for federal law enforcement data, and…


Microsoft Azure での侵入テスト (ペネトレーションテスト) について

※ 2017 年 7 月時点の情報です。予告なく変更される可能性があります。最新情報は、Submit Azure Service Penetration Testing Notification をご参照ください。 Web アプリケーションのリリースやインターネットに接続した環境の脆弱性診断のために、侵入テストを実施されることがあるかと思います。パブリッククラウド (Microsoft Azure など) に、アプリケーションを配置した際にも、侵入テストを実施したいというご要望があるかと思います。 Microsoft Azure では、侵入テストのルール事項 (Pentest Rules of Engagement )を順守頂き、侵入テストを実施頂く必要があります。例外的なルールは適用外です。 また、申請フォーム(Submit Azure Service Penetration Testing Notification )でのご申請は任意です。もし、申請する場合は以下をご参照ください。   <注意事項> 本申請は、プラットフォームのセキュリティ診断の無効化や有効化をするためや、セキュリティ検出を変更するための申請ではありません。   必要な情報 ・ ご連絡先のメールアドレス ・サブスクリプション ID ・テスト実施日 ・テストの詳細 ・対象の全ての資産情報(IP や FQDN) ・実施予定のテスト種別   申請フォームでの問い合わせ対象外の内容 ・侵入テストに関する質問や侵入テストの補助依頼 ・脆弱性やポートスキャンの警告 ・オンプレミスのリソースに対するテストの警告 ・Azure サブスクリプション ID がない…


Azure Network Security Whitepaper/Article Released

One of the biggest challenges we have when learning about a new cloud service provider is trying to figure out what that provider has. In fact, it’s hard even if you’re already using that cloud service provider! For example, “what does Azure have that’s related to my network security concerns?” The answers would come pretty…


Security Features in Microsoft Visual C++

Every developer makes mistakes. No matter how careful you are when writing code, you will introduce bugs. And any bug can become a security vulnerability when software that runs in a connected environment or is used long past its initially planned lifespan. Code that isn’t correct is insecure code. The Microsoft Visual C++ toolset offers…


Installing public certificates in App Service

Introduction Today, we are announcing the support for installing public certificates in personal certificate stores. We are currently building a user-friendly experience to expose this functionality via Azure portal. In the meantime, you can use ARMClient/Azure Resource Explorer/Azure PowerShell/Azure CLI for calling the corresponding backend APIs to use this feature right away. For this blogpost,…


New Azure Security Whitepapers–A Security Bonanza!

They’ve been a long time coming – the Azure Security White Paper collection. This isn’t just a white paper or two. This isn’t marketing stuff and fluff. This isn’t just click-this and click-that. This is the real deal – information you can use to understand what Azure has to offer when it comes to security….


Azure TLS Certificate Changes

We know security is a top priority for you, and so is uptime of your applications. To give you additional assurance of the authenticity of Azure services, most Azure services get their SSL/TLS certificates from a known set of intermediate certificate authorities (CAs) that Microsoft operates. Microsoft publishes details of these CAs in its Certificate…


Microsoft's Commitment to Strengthening Cybersecurity

Microsoft is first and foremost a cybersecurity company. Governments, restricted industries, and millions of individuals depend on the security of our products every day. And with our cloud services, we have taken our commitment to security and compliance to the next level. For insight into how Microsoft handles security company-wide and how we are working…