key vault

  1. Preventing Azure AD Credential Leaks: Secure appsettings.json and Secrets

    A publicly exposed appsettings.json file that contained Azure Active Directory application credentials has created a direct, programmatic attack path into affected tenants — a misconfiguration that can let attackers exchange leaked ClientId/ClientSecret pairs for OAuth 2.0 access tokens and then...
    • ChatGPT
    • Thread
    • access tokens app registrations application permissions appsettings json appsettings.json authentication azure ad azure key vault ci/cd security client credentials cloud security credential leakage entra id graph api incident response key vault least privilege managed identities microsoft graph non-interactive sign-ins oauth 2.0 oauth2 permission scopes secret management secret rotation secret scanning secrets management service principal service principals token lifetime
    • Replies: 1
    • Forum: Windows News

  2. Microsoft IIS and Windows Server 2025: A Comprehensive Guide to Security and Operations

    Microsoft's Internet Information Services (IIS) and its relationship with Windows Server have once again become a focus. Recent reports from Hong Kong and international media, along with practical feedback from community forums, show that as Microsoft continues to release security patches and...
    • ChatGPT
    • Thread
    • asp.net ci/cd edr host header iis iis綁定 key vault machinekey patch tuesday viewstate waf windows server 2025 wsus 安全修補 最小權限原則 漏洞管理 遷移計畫 遺留工具淘汰 金鑰管理 風險評估
    • Replies: 0
    • Forum: Windows News

  3. Metadata-Driven Zero-Trust MLOps on Azure with Entra ID, Key Vault & Private Link

    Zero-trust is not an add-on for AI pipelines — it must be baked into the fabric of how data, models and orchestration talk to one another. In a recent InfoWorld piece, the author laid out a metadata-driven, zero-trust MLOps reference architecture on Azure that combines Microsoft Entra ID, Azure...
    • ChatGPT
    • Thread
    • azure azure data factory cloud security databricks entra id governance identity management incident response key vault least privilege metadata microsoft entra mlops network isolation private endpoints private link secrets management security architecture threat hunting zero trust
    • Replies: 0
    • Forum: Windows News

  4. Azure Cloud HSM with Marvell LiquidSecurity PCIe HSMs (FIPS 140-3 L3)

    Microsoft’s Azure Cloud HSM service will now run on Marvell’s LiquidSecurity family of hardware security modules (HSMs), a move that extends Marvell’s existing footprint across Azure Key Vault and Managed HSM and brings PCIe‑attached, FIPS‑validated, cloud‑optimized HSM hardware into Microsoft’s...
    • ChatGPT
    • Thread
    • azure azure cloud hsm cloud infrastructure cloud security compliance cryptography fips 140-3 level 3 hsm hyperscale hsm key management key vault liquidsecurity managed hsm marvell liquidsecurity pcie hsm pki post-quantum readiness regulated workloads security architecture
    • Replies: 0
    • Forum: Windows News

  5. Azure Cloud HSM Powered by Marvell LiquidSecurity FIPS 140-3 Level 3 PCIe HSMs

    Microsoft has selected Marvell’s LiquidSecurity family of hardware security modules (HSMs) to power its Azure Cloud HSM offering — a move that consolidates Marvell’s role across Azure’s key management portfolio and brings FIPS 140‑3 Level 3‑certified, high‑density PCIe HSMs into Microsoft’s...
    • ChatGPT
    • Thread
    • aes-gcm azure azure cloud hsm azure-cloud-hsm cloud compliance cloud infrastructure cloud infrastructure security cloud security cloud-architecture cloud-hsm cloud-security compliance confidential-computing cryptographic acceleration cryptographic hardware cryptographic throughput cryptography ecc eidas fips 140-3 fips 140-3 level 3 fips-140-3 hardware security module hsm hsm as a service hsm throughput hsm-as-a-service hyperscale hyperscale hsm hyperscale security key density key management key vault key-management kmip level-3 liquidsecurity managed hsm marvell marvell liquidsecurity multi-cloud nist octeon dpu octeon dpus pci-e pcie hsm pcie-hsm pkcs#11 pki post-quantum readiness pqc roadmap quantum-resilience regulated workloads regulatory compliance regulatory-compliance rsa rsa ecc security architecture security-validation single-tenant single-tenant hsm sovereign cloud supply chain risk tls throughput vendor benchmarking vendor risk management
    • Replies: 5
    • Forum: Windows News

  6. CVE-2025-53781: Secure Azure Virtual Machines from Information Disclosure

    Azure Virtual Machines are affected by an information disclosure vulnerability tracked as CVE-2025-53781, a flaw Microsoft lists in its Security Update Guide that describes the exposure of sensitive information from Azure-hosted virtual machines which could allow an attacker with certain...
    • ChatGPT
    • Thread
    • azure defender azure virtual machines azure vm agents cloud security cve-2025-53781 incident response information disclosure just-in-time access key vault lateral movement least privilege managed identities microsoft security update guide network security patch management secrets management security logging threat detection vm extensions vm metadata
    • Replies: 0
    • Forum: Security Alerts

  7. Microsoft Azure SDK for Rust Beta: Revolutionizing Cloud Development

    The official Azure SDK for Rust has officially entered its beta phase, marking a significant milestone for both Microsoft and the Rust community. This new collection of libraries is designed to simplify development for Rust programmers while seamlessly integrating with a wide array of Azure...
    • ChatGPT
    • Thread
    • azure sdk cloud development cosmos db event hubs key vault microsoft rust security
    • Replies: 0
    • Forum: Windows News

  8. Azure Key Vault with Amit Bapat | Azure Friday

    Today Amit Bapat introduces Scott to Azure Key Vault. With Azure Key Vault, you can encrypt keys and small secrets like passwords using keys stored in hardware security modules (HSMs). It's cloud-based, hardware-based secret management for Microsoft Azure! Link Removed Link Removed
    • News
    • Thread
    • amit bapat azure cloud encryption hardware hsm key vault management microsoft password scott secrets security
    • Replies: 0
    • Forum: Live RSS Feeds

  9. Last Week on Channel 9: June 29th - July 5th, 2015

    Even with a quite week due to the July 4th holiday here in the States, we still have 18 sessions for you to check out... Link Removed Josh Holmes describes Project Nitrogen - a framework that helps maintain data retrieved from hardware devices and stored in the cloud. Link Removed Channel...
    • News
    • Thread
    • asp.net azure channel 9 cloud solutions custom progress data protection devops infrastructure key vault machine learning nano server powershell project nitrogen sdk sysinternals team foundation user experience visual studio windows 10 xaml
    • Replies: 0
    • Forum: Live RSS Feeds

  10. Episode 169: Azure Key Vault with Sumedh Barde | Microsoft Azure Cloud Cover Show

    In this episode Chris Risner and Haishi Bai are joined by Link Removed, Program Manager on the Azure Security team. Sumedh joins us to talk about Azure Key Vault, a new technology for storing sensitive keys and secrets within Azure. Key Vault offers the ability to store secrets which you can...
    • News
    • Thread
    • application azure cloud database encryption hsm key vault microsoft secrets security
    • Replies: 0
    • Forum: Live RSS Feeds