Azure Security Services Consulting

  • I'm looking for someone who can spend a couple of hours coaching me on Azure security services and architecture.  I come from an AWS and Open Source background and I'm struggling to understand how the security on Azure fits together so I can provide Azure security services to my clients.

    Sample questions I'd like someone to help me answer are below:

    I've examined the Azure Security Center Assessments and Alerts APIs, but what other Azure APIs would be needed for complete detection and remediation?
    - Part of what I'm looking for is a way to identify and tag each MS cloud data source, as I want to know what the information that it is bringing in pertains to, i.e. Admin/Config or Incident Response.

    For Security Alerts in Azure ATP, Microsoft Defender ATP, or other MS cloud security services, where would the data/events that triggered the Alert be found?

    What permissions or access would be needed, and under what scope/audience, would I need the Azure Client to have in order to pull the information that I needed for the above use cases?

    For alert/incident investigation, or for incident response, what would be the best approach:
    - Direct access to the customer's Azure environment (possibly a shared account)
    - An Azure service (possibly Lighthouse?) that provides an equivalent to direct access?

     

    • Project Type:One-time project

     

    Skills and expertise

     

    Information Security Deliverables
    Information Security Consultation
    Information Security Skills
    Systems Security
    Other
    Cloud Security Azure

Ask A Question