Secure your Web App in Azure at DDD14

by Frans Lytzen | 16/10/2019

I had the great pleasure of giving an updated version of my "Secure your Web App in Azure" talk talk at Developer Developer Developer 14 in Reading on 12 October 2019.

A video of the whole talk is available below.

I touch on a whole range of Azure technologies, but mostly I introduce and expand on a simple framework to think about and manage your exposure.

Example of exposure and mitigation

External ActorsInternal Actors
PREVENT
  • Secure your code – see Troy Hunt’s courses as a starting point.
  • Lock down your servers
  • Use Firewalls and Intrusion Detection/Prevention Systems
  • Encrypt everything in transit
  • Protect your passwords/secrets
  • Process for granting and removing access
  • Use Azure AD for all access, including SQL
  • Audit who has access on a regular basis and remove unnecessary access
DETECT
  • Log and alert on any unusual application activity
    • 403s and 404s
    • Failed logins
    • High CPU/memory, increased load
    • Etc
  • Use Advanced Threat Protection
  • Log and alert on all access to the backend by internal users
  • Log and alert on unusual access patterns by application users
  • Consider DLP tools
MITIGATE
  • Encrypt sensitive data at the application layer
  • Have ways of locking out certain users or IP addresses
  • For very sensitive systems, consider multi-layered architectures to contain breaches

Video of the whole talk


Slides

View the slides on Slide Share:

... or download from GitHub


Share this article

You Might Also Like

Explore more articles that dive into similar topics. Whether you’re looking for fresh insights or practical advice, we’ve handpicked these just for you.

Design, Code, AI: Behind the Scenes of Our Craft IT Logo Generator and Gallery

by Marcin Prystupa | 07/07/2025

A behind-the-scenes look at how we built two interactive apps for the Craft IT conference booth – and how I, a UX designer, ended up deep in React code with a little help from AI.

AI Isn’t Magic: Why Predictive Accuracy Can Be Misleading

by Frans Lytzen | 15/04/2025

One of the biggest misconceptions in AI today is how well it can actually predict things – especially things that are rare. This is most directly applicable to Machine Learning (as they are just statistical models) but the same principle applies to LLMs. The fundamental problem is the same and AI is not magic. In reality, AI’s predictive power is more complicated. One of the key challenges? False positives—incorrect detections that can significantly undermine the value of AI-driven decision-making. Let’s explore why this happens and how businesses can better understand AI’s limitations.

From Figma Slides to Svelte Page in Under an Hour – How I Accidentally Proved My Own Point

by Marcin Prystupa | 10/04/2025

A quick case study on how I went from a Figma presentation to a working Svelte page in less than an hour – with the help of AI and some clever tooling.

Contact Us

NewOrbit Ltd.
Hampden House
Chalgrove
OX44 7RW


020 3757 9100

NewOrbit Logo

Copyright © NewOrbit Ltd.