Microsoft Events presents a comprehensive session on harnessing Azure native security features to create secure-by-design cloud environments, including policy management and cross-cloud security standards.

Building Secure-By-Design Environments with Azure Capabilities

Presented by: Gal Gideon Ordo (Microsoft Ignite 2025)

This session covers:

Introduction

  • Importance of leveraging cloud provider security features
  • Common organizational challenges in maximizing security potential

Session Chapters Breakdown

1. Experience from AWS Security Hub and Customer Insights (0:00)

  • Discusses learnings from AWS Security Hub
  • Shares insights based on customer experiences across providers

2. Defining Cloud Security Standards and Requirements (1:25)

  • Steps to establish clear security standards
  • Strategic approach to multi-cloud security

3. Implementing Preventive Policies for Storage Accounts (2:40)

  • How to apply preventive security at the storage account level in Azure
  • Examples of practical configurations

4. Defining Security Standards and Environment Guardrails (5:41)

  • Setting guardrails for consistent and compliant environments
  • Utilizing policies to maintain predictable security posture

5. Refining Requirement Statements (6:31)

  • Translating ambiguous or complex requirements into actionable policies
  • Best practices for policy refinement

6. Translating Requirements into Azure Policies (7:17)

  • Addressing the challenges of mapping requirements to Azure-native policies
  • Tips for customizing policies to organizational needs

7. Native Translation and Simulation of Security Intents (8:27)

  • Tools and approaches for simulating policy impact and intent
  • Using Azure features to preview and troubleshoot policy effects

8. Enabling Security by Design Across Providers (9:10)

  • Extending preventive security efforts beyond Azure
  • Tools and patterns for achieving cross-cloud compliance

Key Takeaways

  • How Azure native controls streamline security management
  • Practical examples and lessons for policy implementation
  • Strategies for harmonizing security across multiple cloud providers

Additional Resources

Session designed for intermediate audiences interested in technical implementation of security standards with Azure and cross-cloud environments.