Monday, December 31, 2018

Chef and Microsoft Azure

Have you ever wondered that what is the capability of Azure when you are using open source tools? Azure works great when using those products such as ‘Chef’. If you’re using Chef products or open source projects, there’s never been a better time to try Azure.
Microsoft has worked hard to make the partnership and collaboration with Chef to deliver automation tools that help you with cloud adoption. Now you can use chef directly in Azure Cloud Shell, as well as the new Chef Developer Hub in Azure Docs.
Why Chef
As everyone know there are number of tools to do the automation like Ansible and Terraform that are already available and Chef delivers the new feature called Chef Inspec and pre-installed and ready to use for every Azure user in the Azure Cloud Shell. This makes bringing your Inspec tests to Azure super-simple, in fact it’s the easiest way to try out Inspec – no installation or configuration required.

 

Chef Developer Hub for Azure

Microsoft has announced Chef Developer Hub, so Azure customers can more easily implement their solutions using Chef open source software. Whether you’re using Chef, Inspec or Habitat, you’ll find five-minute quick starts, tutorials and reference materials to help get you started and successfully build a solution. All of our docs are open source and hosted on GitHub.

Thursday, December 6, 2018

Protect Linux containers running in IaaS with Azure Security Center


These days most of the enterprises are transforming their monolith applications to run mission-critical, containerized cloud-native applications in production. Using Containers, they can achieve multiple advantages, both for developers and IT professionals. Easy and fast to deploy, immutable, and provide fast iteration are some of them. As the number of containers deployed continues to increase, security solutions need to be in place to provide you with visibility into the security state of your containers and help protect them from threats.
Microsoft Azure team is now providing you with several new capabilities to help you secure your containers.

1.     Visibility to the containers hosted on IaaS Linux machines

There is a new tab to display all virtual machines with Docker.

There is additional information that Security Center now provides, when user exploring the security issues of a virtual machine.
E.g.: Information related to the containers on the machine, such as Docker version and the number of images running on the host.



2. Security recommendations based on the CIS benchmark for Docker

By using security center AI technology Security center scans (Reads) user’s Docker configurations and gives you visibility into misconfigurations by providing a list of all failed rules that were assessed and gives quick fixes as well as it helps you to resolve the issues quickly and save time. Security Center continuously assesses the Docker configurations and provides you with their latest state.


3. Real time container threat detection

Real-time threat detection is searching for threats for the containers using Linux machines, AuditD component
The alerts identify several suspicious Docker activities, such as the creation of a privileged container on host, an indication of Secure Shell (SSH) server run inside a Docker container, or the usage of crypto miners. You can use this information to quickly remediate security issues and improve the security of your containers.