Posts

At Ignite 2025, Microsoft announced that Defender for Cloud is now available in the Microsoft Defender unified security portal (security.microsoft.com). This integration brings a single pane of glass experience across the Microsoft security product line. Security teams who don’t necessarily work directly with Azure workload deployments can now view important security metrics concerning: asset vulnerabilities attack paths secure scores prioritized security recommendations Prerequisites Before enabling this feature, ensure you have: ...

Welcome! I’m Craig Forshaw, a Microsoft MVP specializing in cloud security and Azure Infrastructure as Code (IaC). I’m also an organizer of the Microsoft Security User Group, and I’m passionate about helping organizations build secure, scalable cloud solutions. What You’ll Find Here This blog is my space to share insights, tutorials, and real-world experiences from working with: Microsoft Defender for Cloud - Security posture management and DevOps security Azure Security - Best practices and implementation guides Infrastructure as Code - Secure IaC with Bicep, Terraform, and ARM templates DevSecOps - Integrating security into your development workflows Cloud Architecture - Designing secure and efficient Azure solutions Why This Blog? Security in the cloud is constantly evolving, and staying ahead requires continuous learning and sharing knowledge. Through this blog, I aim to: ...

Using container app jobs for self-hosted Azure DevOps agents allows for more control over what is running on your DevOps agents. Both VMSS and the newer managed DevOps pools give you the option to run agents on your own virtual network which is excellent for securing network traffic but if you also need to have control what is running on them then configuring the agents with docker in a container app job is a good option. You also have the added security of Defender for containers integration to ensure you can keep your images secure. ...

Regulatory compliance Azure has a feature in Microsoft Defender for Cloud called regulatory compliance that allows you to start getting your cloud compliance under control. Central to this feature is the Microsoft Cloud Security Benchmark. What is the Microsoft Cloud Security Benchmark? The MCSB for short, is a set of practices that form a track of the Cloud adoption framework for Azure from Microsoft. This has been traditionally a set of best practices and guidelines for cloud deployments but more recently it has been integrated into the Defender for Cloud portal to provide that bridge from the adoption framework to reporting on resources against best practices. ...

In my previous blog DevOps Security with Microsoft Defender for Cloud I introduced the DevOps Security features in Defender for Cloud and how you can link and scan your GitHub code repositories for vulnerabilities before they hit your infrastructure platforms. In this blog I am going to focus on the options for fixing code issues based on the reporting findings from Defender for Cloud. Findings As mentioned previously, all of the reporting from your connected repositories appears under findings in the security overview dashboard of DevOps Security. ...