Amal Mammadov

Migrating n-premises infrastructure to the cloud often involves integrating existing Linux systems with cloud-based identity providers like Azure Entra ID (formerly Azure AD). This post explores various integration options, comparing and contrasting their strengths and weaknesses to help you choose the best approach for your needs. Current State and Target Goals Environment consists of approximately 200 VMs (mostly Oracle Linux 8, with a few pfSense firewalls) hosted in a data center. Access is currently managed via SSH certificates, with user…

Read More Read More

Network security is paramount in today’s interconnected world. A robust network security strategy involves multiple layers of defense, from segmentation and access control to monitoring and backups. This post provides a practical guide to hardening your network infrastructure. 1. Network Segmentation and Segregation: Limiting the Blast Radius Network segmentation divides your network into smaller, isolated zones, limiting the impact of a security breach. Segregation further categorizes these segments based on role, function, or criticality. Physical & Virtual Separation: Separate sensitive…

Read More Read More

I frequently get asked for CV and resume advice. So, I’ve compiled my personal checklist for creating a CV that gets noticed. These are the principles I follow, and I hope they help you too. Key Principles for a Winning CV: Tailor it: Your CV should be customized for every position you apply for. Highlight the skills and experiences most relevant to the specific job description. Don’t just send a generic CV. Focus on achievements: Quantify your accomplishments whenever possible….

Read More Read More

In order to carry out Azure Security Assessment with AZSK (Secure DevOps Kit for Azure) tool following Azure AD and IAM roles should be created. Global Reader and Security Reader in Azure AD Reader IAM RBAC Role in subscription scope Below is the detailed instruction for creating above mentioned two accounts Instruction to Create Account for AZSK Scans 1. Creating Account for Azure AD Navigate to Azure Active Directory >>> Users Create new or give permission to and existing account…

Read More Read More

Logging to storage account $resource = Get-AzResource -Name [resource name] -ResourceGroupName [resource group name] $storage = Get-AzResource -Name [resource name] -ResourceGroupName [resource group name] Set-AzDiagnosticSetting –ResourceId $resource.ResourceId –StorageAccountId $storage.ResourceId -Enabled $true Streaming of diagnostic logs to Event Hub $rule = Get-AzServiceBusRule -ResourceGroup [resource group name] -Namespace [namespace] -Topic [topic] -Subscription [subscription] -Name [rule name] Set-AzureRmDiagnosticSetting -ResourceId $resource.ResourceId -ServiceBusRuleId $rule.Id -Enabled $true Streaming of diagnostic logs to a Log Analytics workspace $workspace = Get-AzOperationalInsightsWorkspace -Name [workspace name]-ResourceGroupName [resource group name] Set-AzureRmDiagnosticSetting…

Read More Read More

https://MailScoop.io – Free Email Finder https://Yesware.com – Email Tracker https://ResyMatch.io – Free Resume Scanner https://ResyBullet.io – Free Resume Bullet Analyzer https://ResyBuild.io – Free Resume Builder https://Canva.com – Free Graphic Design Tool https://PhotoFeeler.com – Free LinkedIn Profile Pic Grader https://tagcrowd.com/ – Visual Text

az network vnet create \     –resource-group learn-176d3f64-8002-4e62-b762-ac3929d20952 \     –name SalesVNet \     –address-prefix 10.1.0.0/16 \     –subnet-name Apps \     –subnet-prefix 10.1.1.0/24 \     –location northeurope     az network vnet create \     –resource-group learn-176d3f64-8002-4e62-b762-ac3929d20952 \     –name MarketingVNet \     –address-prefix 10.2.0.0/16 \     –subnet-name Apps \     –subnet-prefix 10.2.1.0/24 \     –location northeurope     az network vnet create \     –resource-group learn-176d3f64-8002-4e62-b762-ac3929d20952 \     –name ResearchVNet \     –address-prefix 10.3.0.0/16 \     –subnet-name Data \     –subnet-prefix 10.3.1.0/24 \     –location westeurope     az network vnet list –output table =============================================== az network vnet peering create \     –name…

Read More Read More

We will create Site to Site VPN connection with two VNETs. By this way we are simulating Cloud and On-Prem sites as in the following diagram az network vnet create \     –resource-group learn-ee8df1a4-1b8d-4bd1-86fc-7c05ca89bf17 \     –name Azure-VNet-1 \     –address-prefix 10.0.0.0/16 \     –subnet-name Services \     –subnet-prefix 10.0.0.0/24     az network vnet subnet create \     –resource-group learn-ee8df1a4-1b8d-4bd1-86fc-7c05ca89bf17 \     –vnet-name Azure-VNet-1 \     –address-prefix 10.0.255.0/27 \     –name GatewaySubnet     az network local-gateway create \     –resource-group learn-ee8df1a4-1b8d-4bd1-86fc-7c05ca89bf17 \     –gateway-ip-address 94.0.252.160 \     –name LNG-HQ-Network \     –local-address-prefixes 172.16.0.0/16     az network…

Read More Read More

1. SAME-ORIGIN POLICY INTRODUCED Same-Origin Policy (SOP) is a major security concept that is built-in in all contemporary browsers. Its main goal is to prevent access attempts of dynamic web page elements (like scripts) to data on resources of a different origin.In the security context, SOP prevents malicious web sites from retrieving confidential data from restricted locations on behalf of users and without their acknowledgment.User agents that are compliant with SOP, restrict requests issued from one origin to another origin….

Read More Read More

1. VULNERABILITY INTRODUCED Properly implemented data protection is an essential component of the security of any web application. It allows the users to know who they are communicating with, whether or not their communication channel is encrypted, and that the data is not manipulated in transit. Applications frequently fail to authenticate, encrypt, and protect the confidentiality and integrity of sensitive data transmitted through the network. For example, when HTTP protocol is used, the traffic (including cookies) is sent in plain…

Read More Read More