Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Tomasz Onyszko Profile picture
@tonyszko
Sep 30, 2020 28 tweets 13 min read Read on X
THREAD: Yesterday I gave a talk at #ITechDays on #Security approach in a #Cloud with #Azure context.
Here is key points and promised links and references.
DISCLAIMER: I'm MVP and RD but it isn't based on NDA info. My opinions only.
It might be wrong. You are warned.

Pic (cc) visualhunt.com/re7/e60879a6 Image
John Boyd defined #OODA loop. It is not strongest or best equip who survive.
Rate of adaptation to change matters.

How it applies to #security? Image
#cloud and #security got complex. Number of entry points and attack vectors has increased.
Every user's identity is an attack vector now!

Process it!
Question is: How quickly you can detect an incident and react? Reaction doesn't have to be perfect at first. Image
It is not about how much protection you put in place and how many doors you will lock in your network.

It is about IF and HOW FAST you can respond. Image
Thinking in #OODA Loop applied in #security can help you speed up the pace you react to threats.
OBSERVE: Collect logs from your endpoints, devices and services.
HINT: #Cloud vendors collect massive amount of signals - think #AZURE #XBOX #Office365
ORIENT: Correlate, report, dashboards, queries and threat hunting analytics
DECIDE: Classify incidents with automated rules and playbooks, triage incidents with automation and collect evidence
ACT: Automated actions to isolate, re-configure or trigger risk-based response to the action
Security operations connected to OODA Loop concept derived from Jurgen Visser (linkedin.com/in/jurgenvisse…)
Link: correlatedsecurity.com/an-ooda-driven…
#Azure Services like #AzureAD @azuread with its signals, conditional access and risk-based identity protection are delivering its own smaller #OODA Loops
Same with other services - #Azure Security Center @AzureTeamSec works on its own OODA Loop (collect, orient, decide, act) to protect specific resources
#Azure delivers platform and tools to execute your own #security loop. Each of those tools runs its internal loop to mitigate threats.
#CLoud providers make commodity not not only from platform but also #security consulting.
Not perfect but compliance manager or Secure Score are good enough for most who don't do anything at all now.
ORIENT: Go check your Compliance Manager score for @Microsoft365 #Office365: compliance.microsoft.com/compliancemana…
ORIENT: Go Check your Secure Score: security.microsoft.com/securescore.
Both will give you a baseline. You will be surprised how low it typically is.
#Azure Security Center does the same for cloud infrastructure, now also for #AWS and #GCP.
Base security consulting knowledge was turned into commodity tools
What you need besides security knowledge is to learn new skills: KQL, Jupyter Notebooks, Python, #Azure security concepts.
How? Here are links
#Azure security - start with Azure Security Compass and TOP10 Azure Security practices:
aka.ms/azuresecurityc…
@MarkSimos did great job here.
Defender ATP Ninja - good general training: techcommunity.microsoft.com/t5/microsoft-d…
#Azure Security Ninja - another good curated resource list: techcommunity.microsoft.com/t5/azure-secur…
A big one - #AzureSentinel. Start with ninja training resources: techcommunity.microsoft.com/t5/azure-senti…
#AzureSentinel to go will speed up your lab creation and trainig - github.com/OTRF/Azure-Sen…
KQL Ninja will help you master queries and analytics in it: security-tzu.com/2020/08/07/bec…
Be Good! Buy @DebugPrivilege a coffee!
#Cloud vendors will become (are) security vendors. It will level a playing field a bit (not totally) on defense side.
And a bonus - #WardleyMap on security area in #azure cloud I did some time ago. As every map it isn't perfect.
Challenge it.

/EOT Image

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Tomasz Onyszko

Tomasz Onyszko Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @tonyszko

Tomasz Onyszko Profile picture
Jul 22, 2022
Going live with "CTO Morning Coffee" 🎙️☕with @liveweird and @wjptak on Spaces: twitter.com/i/spaces/1OyKA…

This week - books and other sources. Convo is in Polish 🇵🇱 but I will keep list of books and sources mentioned in this thread.

Join us! Enjoy 🖖
@liveweird @wjptak First from @wjptak - @lexfridman podcast for 🚲rides
@liveweird @wjptak @liveweird "The Quick Fix" - debunks a lot of psychological myths but also provides insights on it amazon.com/dp/B088DRB12V/…
Read 23 tweets
Tomasz Onyszko Profile picture
Jul 23, 2020
Recently I was asked by couple of people (including @joshva_jebaraj) for advice where to start or what direction to take in professional life.

If they asked it - most likely others are looking for it too.

Not a guide but where I would start right now?

1/n
@joshva_jebaraj #1 - Build and maintain your profiles in a clear way.

- under full name (build it)
- clearly state what you do (you build up)
- where (area of focus)
- what you can help with or what you seek

Use your profiles to document work and build portfolio (proof).

2/n
#2 - Decide what you want to be known for/develop

Don't do 100 things at once (but it is OK to change if you will not enjoy it).

Make a habit of putting on your profile:
- what you do and progress
- summary of what you learned and sources

There are others on this path

3/n
Read 7 tweets
Tomasz Onyszko Profile picture
Jun 29, 2020
I needed a space to deploy simple web page over weekend. Requirements:
- static web page
- custom domain (apex)
- HTTPS enabled.

I gave a try to #Azure storage as a web hosting. Thread: (hint: documentation sucks at least a bit).
1/
Storage: simple, yet useful service in all #cloud. #Azure storage host static website:
Pro: simple, cheap, custom domain
Con: No HTTPS for custom domain
Basic setup:
docs.microsoft.com/en-us/azure/st…
- Create storage account
- Enable web hosting
- Change public access level
Done. Works.
I have DNS zone on #Azure DNS. No apex ("naked") domain support. How to overcome HTTPS and custom zone support?
Go for #Azure CDN service - in my case, Verizon premium (rules). It might take some time to provision it.
Basic setup: docs.microsoft.com/en-us/azure/cd…
Read 16 tweets
Tomasz Onyszko Profile picture
Jun 2, 2020
Hi, in 3 min I'm going live with @PredicaExperts on short AMA. If you have questions about tech, company, running business, meaning of life ... join us :)!

Link to YouTube stream:
@PredicaExperts Some links used during the #AMA:

Books:
Manager's Path - amazon.com/dp/B06XP3GJ7F/…

An Elegant Puzzle - amazon.com/dp/B07QYCHJ7V/…
Tool I'm using for notes taking - @RoamResearch - roamresearch.com
Read 4 tweets
Tomasz Onyszko Profile picture
May 7, 2020
I reflected over coffee about my learning process today. It changed and formed into a funnel process:

👉 discover and acquire
👉 refine
👉research go deep

The most significant change over the years: go wider than deep.

(short thread)
Acquire has changed. Mostly get initial information and news from my info-bubble:
👉 Twitter (very efficient)
👉 Linkedin feeds
👉 Direct media feeds (very little)
👉 Peers recommendation (a lot)

It feeds my refinement funnel.
Then filtering it into refining funnel:
👉 Watch/Read
👉 Ideas
👉 Research.

Watch/Read - I started to store it in @RoamResearch recently.

Very efficient for my personality and the way I save and consume information.
Read 7 tweets
Tomasz Onyszko Profile picture
Apr 11, 2020
@patoarchitekci @marekgrabarz @rwitkowski_asc No więc tak, przesłuchałem w drodze do ... Panie Władzo, to naprawdę moja krytyczna życiowa potrzeba ... tyle powiem w temacie wyjścia. To teraz o odcinku.

1/n
@patoarchitekci @marekgrabarz @rwitkowski_asc @marekgrabarz temat zna tak i to z praktyki, że aż mi trochę głupio że co nie powiem wyjdzie na hejt :), ale mam nadzieje że raczej będzie konstruktywnie i rzeczowo.

2/n
@patoarchitekci @marekgrabarz @rwitkowski_asc Główna rzecz (to samo było na #AzuredayPL - to do czego mam zastrzeżenie to przekazywanie że #OpenIDCOnnect to jest część #Oauth - tak nie jest. Ogólnie temat odcinka nie powinien brzemieć #OAUth i nie o to powinny być pytania.

3/n
Read 19 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(