Learn how Microsoft supports secure software development as part of a cybersecurity solution

By the end of this module, you'll be able to:

• Develop a defense-in-depth approach to securing your architecture
• Choose the technologies to secure your Azure infrastructure
• Develop a strategy for secure identity management

After completing this module, you'll be able to:

• Identify what separates elite performers from low performers
• List what services Azure DevOps provides
• Create an Azure DevOps organization

In this module, you will:

• Communicate with the project community in issues
• Manage notifications for project events
• Create branches to manage work in parallel
• Make commits to update project source
• Introduce changes with pull requests
• Deploy a web page to GitHub Pages

In this module, you will:

• Identify the tools and GitHub features to establish a secure development strategy
• Enable vulnerable dependency detection for private repositories
• Detect and fix outdated dependencies with security vulnerabilities
• Automate the detection of vulnerable dependencies with Dependabot
• Add a security policy with a SECURITY.md file
• Remove a commit exposing sensitive data in a pull request
• Keep sensitive files out of your repository by applying the use of a .gitignore file
• Remove historical commits exposing sensitive data deep in your repository

In this module, you will:

• Learn Azure platform security baselines and how they were created
• Create and validate a security baseline for the most commonly used Azure services

In this module, you will:

• Explore what types of information can be stored in Azure Key Vault
• Create an Azure Key Vault and use it to store secret configuration values
• Enable secure access to the vault from an Azure App Service web app with managed identities for Azure resources
• Implement a web application that retrieves secrets from the vault

After completing this module, you'll be able to:

• Explain the difference between authentication and authorization.
• Describe how Azure Active Directory provides identity and access management.
• Explain the role single sign-on (SSO), multifactor authentication, and Conditional Access play in managing user identity.

In this module, you will:

• View security alerts in Microsoft Defender for Cloud
• Define an incident response plan
• Use a Workflow automation to automate a security response

• Introduction
• Defense in depth
• Identity management
• Infrastructure protection
• Encryption
• Network security
• Application security
• Summary

• Introduction
• What is DevOps?
• What is Azure DevOps?
• Exercise - Create an Azure DevOps organization
• Summary

• Introduction
• What is GitHub?
• Exercise - A guided tour of GitHub
• Knowledge check
• Summary

• Introduction
• How to maintain a secure GitHub repository
• Exercise - Add a .gitignore file
• Automated security
• Knowledge check
• Summary

• Create a platform security baseline
• Understand the Azure platform security baseline
• Create an Identity & Access Management (IAM) baseline
• Create a Microsoft Defender for Cloud baseline
• Create an Azure storage accounts baseline
• Create an Azure SQL Database baseline
• Create a logging and monitoring baseline
• Create a Networking baseline
• Create an Azure VM baseline
• Other baseline security considerations
• Summary

• Introduction
• What is Azure Key Vault?
• Exercise - Create a Key Vault and store secrets
• Vault authentication with managed identities for Azure resources
• Exercise - Access secrets stored in Azure Key Vault
• Exercise - Configure, deploy, and run your app in Azure
• Summary

• Introduction
• Compare authentication and authorization
• What is Azure Active Directory?
• What are multifactor authentication and Conditional Access?
• Knowledge check
• Summary

• Introduction
• View security alerts
• Respond to alerts
• Define a security incident response plan
• Use a workflow automation to automate responses
• Exercise - Configure a Playbook for a security event
• Summary