When you complete this professional certificate, you will have skills that enable you to confidently attempt the AZ-500 Microsoft Azure Security Technologies exam. No prior knowledge is required to enroll in this program, however, having a familiarity with Azure technologies and a solid understanding of computer networking and hybrid environments is highly recommended. Azure security engineers are responsible for implementing, managing, and overseeing security measures across Azure, multi-cloud, and hybrid environments to safeguard the entire infrastructure. In September, cybersecurity research firm Wiz disclosed that 38TB of data had accidentally been exposed by Microsoft AI researchers thanks to an Azure feature called SAS tokens. “Account SAS tokens are extremely hard to manage and revoke,” said Wiz researchers at the time.

It’s the biggest change to security efforts inside Microsoft since the company announced its Security Development Lifecycle (SDL) in 2004 after Windows XP fell victim to a huge Blaster worm attack that knocked PCs offline in 2003. That push came just two years after co-founder Bill Gates had called on a trustworthy computing initiative in an internal memo. Microsoft Azure security engineers are in high demand due to the increasing adoption of Microsoft Azure as a cloud computing platform. Employers require skilled professionals to ensure the secure configuration and protection of Azure resources and data, as well as to detect and respond to security incidents in Azure environments. Part of the criticism leveled at Microsoft in recent months has been focused on the amount of time it takes the company to respond to major security vulnerabilities. Cybersecurity company Tenable originally discovered an Azure flaw in March, but it says it took Microsoft “more than 90 days to implement a partial fix” that only applied to new Azure applications.

Professional Certificate – 7 course series

In an internal memo to Microsoft’s engineering teams today, the company’s leadership has outlined its new cybersecurity approach. It comes just months after Microsoft was accused of “blatantly negligent” cybersecurity practices related to a major breach that targeted its Azure platform. Microsoft has faced mounting criticism of its handling of a variety of cybersecurity issues in recent years.

An Azure security engineer oversees the security aspects of Azure, multi-cloud, and hybrid environments. Their job entails managing the overall security posture, proactively identifying and addressing vulnerabilities, conducting threat modeling, and implementing threat protection measures. In addition, they collaborate with architects, administrators, and developers to design and implement secure solutions that align with security and compliance standards. Azure security engineers may also play a role in incident response activities, effectively mitigating and resolving security incidents as needed. Each course has a scenario-based project, enabling you to practice skills in a realistic setting.

Microsoft is overhauling its software security after major Azure cloud attacks

In terms of job responsibilities, you will be able to implement and manage security controls ensuring proper access management, network security, and data protection. You would have gained the skills to monitor security events, investigate incidents, and respond promptly to mitigate potential risks or breaches. In addition, the skills gained will help you identify vulnerabilities and gaps in an organization’s Azure infrastructure and provide recommendations to enhance the security posture. You will be able to conduct risk assessments and ensure compliance within Azure environments.

• Microsoft doesn’t specifically mention SAS tokens in its new security initiative, but hopefully it’s something the company is looking at, too.
• You would have gained the skills to monitor security events, investigate incidents, and respond promptly to mitigate potential risks or breaches.
• These projects allow you to deepen your skills in protecting identity, access, data, applications, and networks in cloud and hybrid environments.

These projects allow you to deepen your skills in protecting identity, access, data, applications, and networks in cloud and hybrid environments. The program content aligns with the AZ-500 microsoft azure security Technologies exam, validating your preparedness to implement, manage, and monitor security. Additionally, the final projects, based on real-life scenarios, demonstrate your ability to utilize tools and services to complete tasks expected by employers. “We plan to cut the time it takes to mitigate cloud vulnerabilities by 50 percent,” says Bell in his memo. Microsoft is now announcing a huge cybersecurity effort, dubbed the Secure Future Initiative (SFI). This new approach is designed to change the way Microsoft designs, builds, tests, and operates its software and services.