Azure Resource Manager (ARM) Quickstart Templates – Deploy Azure resources through ARM with community contributed templates to get more done. Deploy, learn, fork, and contribute back.
Best Practice, Checklists, and Recommendations
Azure Operational Security Best Practice – This Azure Operational Security Best Practices article is based on a consensus opinion, and Azure platform capabilities and feature sets, as they exist at the time this article was written. Opinions and technologies change over time and this article will be updated on a regular basis to reflect those changes.
Azure operational security checklist – Deploying an application on Azure is fast, easy, and cost-effective. Before deploying cloud application in production useful to have a checklist to assist in evaluating your application against a list of essential and recommended operational security actions for you to consider.
Deployment & Configuration
Build a multi-tenant SaaS web application using Azure AD & OpenID Connect – 11/22/2017 – This sample shows how to build a multi-tenant .Net MVC web application that uses OpenID Connect to sign up and sign in users from any Azure Active Directory tenant, using the ASP.Net OpenID Connect OWIN middleware and the Active Directory Authentication Library (ADAL) for .NET.
Azure Active Directory Developers Guide – The following guided setups walk you through building an app on your preferred platform using the Azure AD
Try Azure ATP – (Must be part of EMS E5). Trial valid for 90 days.
Azure ATP Frequently asked questions FAQ – This article provides a list of frequently asked questions about Azure ATP and provides insight and answers.
Best Practice & Recommendations
Azure ATP readiness guide – This article provides you with a readiness roadmap that gives you with a list of resources that assist you getting started with Azure Advanced Threat Protection.
Azure ATP Prerequisites – This article describes the requirements for a successful deployment of Azure ATP in your environment.
Deployment and Configuration
Special Use Cases
Configure the proxy – allow ATP sensor to report diagnostic data and communicate with Azure ATP when a computer is usually not permitted to connect to internet.
Configure Windows Event Forwarding – events can be forwarded in case the Azure ATP sensor is not deployed on endpoint
10-2-2018 – How Azure Advanced Threat Protection detects the DCShadow attack – DCShadow attack, discovered by Vincent LE TOUX and Benjamin Delpy, was presented at Microsoft BlueHat-IL in January. After the release of Azure Advanced Threat Protection (Azure ATP), and as part of our ongoing research for developing new detections, we were able to deploy this detection to the Azure ATP sensor.
Enable Azure Active Directory Identity Protection – Azure Active Directory Identity Protection is a capability of Azure Active Directory (Azure AD). With Azure AD Identity Protection, you are able to:
Get a consolidated view of flagged users and risk events detected using machine learning algorithms
Set risk-based Conditional Access policies to automatically protect your users
Improve security posture by acting on vulnerabilities
How to configure conditions for automatic and recommended classification for Azure Information Protection – For the best user experience and to ensure business continuity, we recommend that you start with user recommended classification, rather than automatic classification. This configuration lets your users accept the classification and any associated protection, or override these suggestions if they are not suitable for their document or email message.