Azure Security Documentation – Security is integrated into every aspect of Azure. Azure offers you unique security advantages derived from global security intelligence, sophisticated customer-facing controls, and a secure hardened infrastructure. This powerful combination helps protect your applications and data, support your compliance efforts, and provide cost-effective security for organizations of all sizes.

Azure Cloud

Azure Resource Manager (ARM) Quickstart Templates – Deploy Azure resources through ARM with community contributed templates to get more done. Deploy, learn, fork, and contribute back.

Azure AD


Azure Roadmaps and Updates – Go here for the latest news and roadmap updates
Azure Blog
Azure Security Partners – Security partners in Azure Marketplace

Best Practice, Checklists, and Recommendations

Azure Operational Security Best Practice – This Azure Operational Security Best Practices article is based on a consensus opinion, and Azure platform capabilities and feature sets, as they exist at the time this article was written. Opinions and technologies change over time and this article will be updated on a regular basis to reflect those changes.
Azure operational security checklist – Deploying an application on Azure is fast, easy, and cost-effective. Before deploying cloud application in production useful to have a checklist to assist in evaluating your application against a list of essential and recommended operational security actions for you to consider.

Deployment & Configuration

Build a multi-tenant SaaS web application using Azure AD & OpenID Connect – 11/22/2017 – This sample shows how to build a multi-tenant .Net MVC web application that uses OpenID Connect to sign up and sign in users from any Azure Active Directory tenant, using the ASP.Net OpenID Connect OWIN middleware and the Active Directory Authentication Library (ADAL) for .NET.


Azure Active Directory Developers Guide – The following guided setups walk you through building an app on your preferred platform using the Azure AD

Azure ATP


Try Azure ATP – (Must be part of EMS E5). Trial valid for 90 days.
Azure ATP Frequently asked questions FAQ – This article provides a list of frequently asked questions about Azure ATP and provides insight and answers.

Best Practice & Recommendations

Azure ATP readiness guide – This article provides you with a readiness roadmap that gives you with a list of resources that assist you getting started with Azure Advanced Threat Protection.
Azure ATP Prerequisites – This article describes the requirements for a successful deployment of Azure ATP in your environment.

Deployment and Configuration

Step by Step guide on deploying Azure ATP
Integration Azure ATP with Windows Defender ATP

Special Use Cases

Configure the proxy – allow ATP sensor to report diagnostic data and communicate with Azure ATP when a computer is usually not permitted to connect to internet.
Configure Windows Event Forwarding – events can be forwarded in case the Azure ATP sensor is not deployed on endpoint


10-2-2018 – How Azure Advanced Threat Protection detects the DCShadow attack – DCShadow attack, discovered by Vincent LE TOUX and Benjamin Delpy, was presented at Microsoft BlueHat-IL in January. After the release of Azure Advanced Threat Protection (Azure ATP), and as part of our ongoing research for developing new detections, we were able to deploy this detection to the Azure ATP sensor.



Enable Azure Active Directory Identity Protection – Azure Active Directory Identity Protection is a capability of Azure Active Directory (Azure AD). With Azure AD Identity Protection, you are able to:

Get a consolidated view of flagged users and risk events detected using machine learning algorithms
Set risk-based Conditional Access policies to automatically protect your users
Improve security posture by acting on vulnerabilities

How to configure conditions for automatic and recommended classification for Azure Information Protection – For the best user experience and to ensure business continuity, we recommend that you start with user recommended classification, rather than automatic classification. This configuration lets your users accept the classification and any associated protection, or override these suggestions if they are not suitable for their document or email message.