Category: Information Protection

Join the session on How to secure small business in an hour with Cloud Marathoner and Tomasz

Hello Cloud Marathoner friends,

This week, we had an exciting session about what steps you could take in securing your environments for small businesses.

What was the focus of the session?

In this session, we had a conversation with Tomasz, who spoke and demonstrated tips and tricks for making significant and essential changes to secure your environments since the early days of inception.

Several Microsoft and Azure services have been used effectively in this session, which covered; Microsoft Entra ID, Intune, and Defender for Endpoint as your best friends when securing a small business company.



the Question that every SMB asks

A common question is: What is the critical setup to get the best result as soon as possible?

“In the beginning, we don’t need to build sophisticated solutions; there are some standard settings and recommendations to put in place to make significant steps forward for a good, secure posture.”

Thank you, Tomasz!

Tomasz Szulczewski is an ORS Microsoft 365 Cybersecurity Architect with extensive experience with Microsoft products and services. He has been in love with information technology for over 25 years, but still has an IT passion and feels like a geek.

He is a Microsoft 365 architect/cyber security guy and a curious problem solver who thinks that not all people must be IT experts.

Recorded Session

If you are intrigued to watch the entire session, then please visit the following YouTube link below on our Cloud Lunch and Learn channel.

[Book Review] What you need to know about Cloud Native Software πŸ” Security Handbook ⁉ πŸ€”

Hello, Cloud Marathoners!

A couple of days ago, I received a book from Packt – “Cloud Native Software Security Handbook”, authored by Mihir Shah and in this post, I will review and share my observations and impressions with the #cloud#community.

This book starts covering the Foundations of Cloud Native by exploring the tools and platforms offered by CNCF while providing a high-level stage for the rest of the book. Subsequently, the author dives into explaining AppSec culture and how to approach security implementation in cloud-native environments primarily using toolings like K8S, Calico, K9s, Falco, OPA Gateway, and others which I will be mentioning below.

I liked the Cloud Security Operation chapter where open-source tooling sets like Elasticsearch, Fluentd, Kibana, Prometheus, Helm, and K8S have been used to streamline security operations with automation playbooks to minimize human interventions and errors.

In addition, this book covers legal, compliance, and vendor management aspects of cloud-native software security by emphasizing its hidden cost and importance as important as mastering technical skills.

This book also provides code samples, available for online access which is a big plus.

My suggestion would be the addition of more advanced use cases and code samples in the second edition of this book.

Did you read any related book recently that made an impact on you❓
Please, share your feedback in the comments πŸ’¬

Please, check myΒ LinkedIn postΒ to share your feedback. Thanks!