Join Lana as she shows us how to start with SecDevOps for Azure Functions and APIM in Hybrid cloud architecture.

Cloud services offer more freedom and flexibility, but they create huge blind spots for IT security. Similarly, the popularity of serverless applications comes with their own challenges. Coupled with heavy usage of APIs and microservices architecture does not make security simpler.

In this talk – How to mitigate modern security threats using APIM:

– Authorisation Key / Subscriptions

– Overview: what are subscriptions in Azure

– How to protect your Subscription Keys and not expose them to the whole development team? Keep audience small

– take advantage of Segregation of Duties model

– Azure Key Vault as a tool to keep your secrets including subscription keys

– Remove technical information from the response

– Secure your backend using OAuth2/JWT (json web tokens). Extract JWT Claims in Azure API Management Policy

– Pipelines as a code – why should everything be source controlled and no manual changes should be made in Azure Portal?

– Certificates on APIM

– In hybrid architecture connect on-premises APIs to cloud services by creating a façade that lets you safely integrate on-premises and cloud environments

– Do not allow to call Azure Functions directly – only via APIM

– Logging all calls to APIM and down to Azure Monitor as a consolidated place

– Firewalls/WAF

– Incidents response procedure

– Use 3rd party tools to tighten security in Azure – such as Netskope

 

|| Subscribe for more content from SSW TV ||

|| Press like and leave a comment below to let us know how we’re doing ||

Twitter ↴ https://twitter.com/ssw_tv

Facebook ↴ https://www.facebook.com/SSW.page

See more videos at http://tv.ssw.com

For more information about SSW’s web application consulting services, please visit https://www.ssw.com.au/ssw/Consulting…

Created by SSW TV | Videos By Developers, For Developers

About the speakers

Lana Vyshnivetska

https://www.linkedin.com/in/svitlana-vyshnivetska-4ba4ba10/

Lana spent her professional life building software applications of enterprise level. With the 20+ years of experience in software development and IT, she is experienced in software development lifecycle, architecture, SecDevOps, cloud and people management.

Academy

Related Videos

Get the most out of EF Core by avoiding these common mistakes

Do you know how to get the best performance from your EF Core projects? SSW Senior Software Architect Andreas Lengkeek speaks with SSW Solution Architect Jernej (JK) Kavka about common mistakes on EF Core projects and how to fix them. || Subscribe for more content from SSW TV || || Press like and leave a…

Why developers should build their public profile

SSW Chief Architect and Microsoft Regional Director Adam Cogan gives a bootcamp to developers on why they should build their public profile. Recorded at the opening of SSW Newcastle. Interested in working for us? Get in touch: ssw.com.au || Subscribe for more content from SSW TV || || Press like and leave a comment below…

Chewing The Fat Review – How ROI affects decision making

https://www.ssw.com.au/rules/return-on-investment SSW Chief Architect Adam Cogan reviews Chewing The Fat feedback from the SSW team on Return on Investment (ROI) best practices. He is joined by SSW Solution Architect Jean Thirion. || Subscribe for more content from SSW TV || || Press like and leave a comment below to let us know how we’re doing…

Why you should be making the most of extending your AD

https://www.ssw.com.au/rules/extending-AD Do you know how to make the most of your active directory? SSW Chief Architect Adam Cogan talks with SSW Solution Architect Jean Thirion about how to take advantage of extending AD with Microsoft SharePoint. || Subscribe for more content from SSW TV || || Press like and leave a comment below to let…

Chewing The Fat Review – Allowing multiple options on forms

https://www.ssw.com.au/rules/allow-multiple-options SSW Chief Architect Adam Cogan and SSW Senior Software Architect Piers Sinclair review feedback from the SSW team about allowing multiple options on forms instead of making them choose a single option. || Subscribe for more content from SSW TV || || Press like and leave a comment below to let us know how…

Logging in .NET Core can save you hours when debugging

https://www.ssw.com.au/rules/best-trace-logging SSW Solution Architect JK is a battle scared logging in .NET Core veteran. He shows Andreas Lengkeek his best practices for logging, gathered through his years of experience. When setup correctly, logging can save you hours in those moments when your code don’t run as planned. So take some notes on these best practices…

Do you know when to mock your API?

Sometimes you may not know what the backend technology for your API could be… perhaps it is a serverless Azure Functions App, a Logic App, or even a set of services running in Kubernetes. These questions may take time to answer, but you already made a choice on the frontend technology. You may already have…

The best tool to manage and document your API

Having a documented and discoverable API is fantastic. Your API consumers are able to easily understand and reason about your API to build their own integrations. Azure API Management provides us with everything we need to publish our APIs to the world. We can import one or more OpenAPI Spec docs, Swagger, WSDL, and other…

Do you know how to brand your API?

Consumers are very picky when it comes to choosing their favourite API. They don’t appreciate boring pages that lack images, colour and style. Branding your API Portal is important to make your organization and API stand out in the market. By adding some excitement to your API Portal (as well as a properly documented API)…

June Tech News – Windows event rumours, meat ransom and an internet history NFT

SSW Chief Architect Adam Cogan takes us through the latest news from the tech industry. 0:00 Introduction 0:24 Windows event invitation https://www.microsoft.com/en-us/windo… 0:54 Windows 11 rumours https://www.techradar.com/au/news/win… 3:22 Meat company pays hacker ransom https://www.smh.com.au/world/north-am… 4:10 World Wide Web inventor auctions internet history NFT https://arstechnica.com/tech-policy/2… 5:10 Visual Studio Code update https://code.visualstudio.com/updates… || Subscribe for more content…