(AZ-500) Microsoft Azure Security Technologies

9,2 Rated

This is a non-certified training, provided by hands-on experts in the field of DevSecOps, Cloud and Security. In case you are interested in combining the AZ-900 & AZ-500 get in touch with us to grab a combo-deal!

15+ Years Experience
Learn from industry leaders
Tailor-made Learning Journeys
Become the expert you want to be!
Hands-On Approach
Immediately start applying your craft
Rated 9,2
Highly reviewed by other participants

Upcoming courses

favicon
  • DevSecOps Engineer
Certified
Intermediate
  • English
2 days
09:00 - 17:00
Lunch incl.

Short summary

During this training, participants will gain the knowledge and skills needed to implement security controls, maintain the security posture, and identify and remediate vulnerabilities by using a variety of security tools. Secondly, the training covers scripting and automation, virtualization, and cloud N-tier architecture.

Our Trainer

siyam-500x

Mohammed Siyam
DevSecOps consultant

Mohammed Siyam is a Security Architect at DevOn. He works with various distributed Agile and Scrum teams in helping them deliver secure software sustainably at speed and scale. Siyam is passionate about Software Security, Cloud Security and enjoys sharing his knowledge through various trainings.

Course objectives

The learning objectives for (AZ-500) Microsoft Azure Security Technologies include an understanding of:

Course topics

Configuring Microsoft Azure AD

  • Understanding App Registrations & Types
  • Nuances between the new and old Azure portal for Azure AD
  • App Registration Permission Content
  • Configuring MFA in Azure AD
  • Configuring Authentication methods
  • Manage Azure AD Users and Groups
  • Configuring Azure AD Connect for directory sync bewteen ADDS and Azure AD
  • Implementing Conditional Access policies

Azure AD Privileged Access Management

  • Monitoring Privileged Access and Activating Privileged Identity Management

Azure Tenant Security

  • Azure subscriptions between Azure AD tenants and managing API access to Azure subscriptions and resources

Network Security

  • Configuring Virtual Network Connectivity
  • Configuring Network Service Groups
  • Configuring Azure Firewall
  • Configuring Application Security Groups
  • Configuring Remote Access Management
  • Configuring Resource Firewall

Host Security

  • Configuring endpoint security with the VM
  • Configuring VM Security
  • Hardening Virtual Machines in Microsoft Azure
  • Configuring system updates for Azure VMs
  • Configuring baselines for VMs

Container security

  • Configuring: network, authentication, container isolation, AKS security, container registry, container instance security
  • Configuring and implementing vulnerability management

Azure Resource Management Security

  • Microsoft Azure Resource Locks, Manage resource group security, Configure Microsoft Azure Policies, Custom RBAC role and subscription and resource perrmission

Security Services

  • Microsoft Azure Monitor, Microsoft Azure Log Analytics, Diagnostic Logging and Log retention, Vulnerability scanning

Security Policies

  • Centralized policy management with Azure Security Center and Just in time VM access with Azure Security Center

Security Alerts

  • Create and customize alerts
  • Review and respond to alerts and recommendations
  • Configure playbook for security events through Azure Security Center
  • Investigate escalated security incidents

Security policies to manage data

  • Data classification, data retention and data sovereignty

Security for Data Infrastructure

  • Database Authentication
  • Shared Access Signatures
  • Database Auditing
  • Security for HDInsights
  • Azure SQL database threat detection
  • Security for CosmosDB
  • Access control for storage accounts
  • Security for Azure Data Lake
  • Key management for storage accounts

Data encryption at rest

  • Database encryption
  • Storage service encryption
  • Disk encryption
  • Backup encryption
  • Microsoft Azure SQL Database Always Encrypted

Application Security

  • SSL/TLS
  • Azure Services to protect web apps
  • Application security baseline

Azure Key Vault

  • Managing access to key vault
  • Managing permissions to secrets, certificates and keys
  • Managing certificates
  • Managing secrets
  • Configuring key rolation

War stories: How we secure our Azure Cloud

Target audience

The target audience for the DevOps Foundation course include management, operations, developers, QA and testing professionals, such as:

  • Individuals involved in IT development, IT operations or IT service management
  • Individuals who require an understanding of DevOps principles
  • IT professionals working within, or about to enter, an Agile Service Design Environment
  • The following IT roles: Automation Architects, Application Developers, Business Analysts, Business Managers, Business Stakeholders, Change Agents, Consultants, DevOps Consultants, DevOps Engineers, Infrastructure Architects, Integration Specialists, IT Directors, IT Managers, IT Operations, IT Team Leaders, Lean Coaches, Network Administrators, Operations Managers, Project Managers, Release Engineers, Software Developers, Software Testers/QA, System Administrators, Systems Engineers, System Integrators, Tool Providers

Top reviews of our trainings

  • Good information structure

    Tirhovahu Ahisoara DevOps Foundation
  • Real-life examples with solid understanding and interaction

    Ahmed Bani Yassien / Researcher at The Netherlands Cancer Institute Quality Code using SOLID principles
  • Changing the mindset in the right direction

    Javid Majid
  • Workshop type

    Simon van Scheltinga / Managing Consultant at Carthago ICT Quality Code using SOLID principles
  • Really good structure, clean code part

    Pascal Piduhn TDD
  • Content

    Mitchel Hakvoort / Agile Coach at Prowareness DevOps Foundation

Training dates

Payment methods

Need help?

Please contact us via email or call us by the number stated below. We are more than happy to help you.

+31 (0)15 - 241 19 00
academy@devon.nl

What’s next for me?

Take a look at what trainings you should follow next to become a true expert in your field.

Certified DevOps Professional

2-days training
Intermediate
(CDP)® Certified DevOps Professional
Beginner

Security testing (coming soon)

1-day training
Advanced

FAQ

What if I book a date, but then have to reschedule?

After your registration has been confirmed, you are still able to change the date up to 20 days before the first day of the training. You are able to do this once. Please send your request to academy@devon.nl or call +31(0)15-24 11 900 for further assistance.

What if not enough people have signed up for the course?

Two weeks before each training, we will check if we have enough participants for the training course to be valuable and continue. If this is not the case, we will inform you by e-mail, with options for a new date and location. After this notification, you will have the right to cancel or change your registration within 5 working days.

How can I pay?

On the website you can choose to pay via iDeal, creditcard or by invoice with a payment period of 30 days.

Which languages do you offer your courses in?

Most of our courses are available in both English and Dutch. We have a selection of training courses which are only available in English, which will be on that training page. Our rule of thumb for courses in the Netherlands is – the course is in English unless everybody speaks Dutch, then the course is in Dutch. If you want to be sure you are in a Dutch course, please get in touch with academy@devon.nl in case the information on a specific date is not available on the course page.

What do the costs include?

Unless mentioned otherwise, the course fee includes the cost of training material, exam cost, the use of the location, catering and parking.

Not sure if this course is for you?