Browse Security Community (133)

prabhattomar explains how to build a Kubernetes-native DBaaS-style SQL platform using Crossplane to provision Azure Database for PostgreSQL Flexible Server, including private networking, DNS-based read/write endpoints, and an active-passive multi-region HA/DR approach with replica promotion and Traffic Manager routing.

skundapura outlines a phased approach to migrate file-based application logging from Splunk to Azure Application Insights on VMs, using Azure Monitor Agent and Log Analytics, then mapping alerts and optionally adding SDK instrumentation for deeper traces and metrics with security and PHI considerations.

VaidhyaP introduces AG-UI (Agent–User Interface), a protocol for connecting AI agents to rich frontends with streaming events, declarative UI proposals, shared state updates, and human-in-the-loop approvals, plus practical security guidance like Azure AD protection and Key Vault-backed secrets.

Samarpitaa explains where Azure AI Foundry IQ fits (and doesn’t) for enterprise agent knowledge access, then shows a reference approach for querying Foundry IQ knowledge bases directly via the Azure AI Search Python SDK with permission-aware retrieval and citations.

Shah_Viral explains how to build an enterprise “knowledge copilot” on Azure using Foundry IQ knowledge bases and Azure AI Search agentic retrieval, including C#/.NET setup, MCP-based agent connection, and key trade-offs around preview maturity, cost, latency, and security controls like ACLs and Purview labels.

singhshub shows how to integrate HashiCorp Vault with Terraform so secrets (like Azure VM admin credentials) are fetched at runtime instead of being stored in .tf files, variable files, or pipeline variables, including KV v2 policy paths, auth options, and state protection guidance.

JennyF explains how Microsoft’s 1ES team uses agentic AI (including GitHub Copilot CLI) plus “skills” and “agent signals” to speed up CVE remediation and compliance work across many repositories, while keeping humans in the loop for review, validation, and deployment.

LuisFilipe explains how Azure Blob Storage SFTP users should handle Microsoft’s host key change, including when it impacts SSH key-based authentication, how to pre-update trusted host keys, and how to identify SFTP usage via Azure Resource Graph and Log Analytics queries.

vsriramdas explains how to use Microsoft PyRIT to red-team agentic AI systems, then shows how to wrap PyRIT with a YAML-driven CLI so you can run repeatable scans in CI/CD and gate releases based on OWASP LLM Top 10-aligned findings.

lexinadolski recaps Microsoft’s presence in the CNCF Project Pavilion at KubeCon EU 2026, summarizing the technical conversations and themes across Kubernetes projects—migration to Gateway API, confidential computing, image signing, observability tooling, and requests for deeper Azure/AKS and AI-workload support.

YogeshwaranKannaiyan walks through a real-world troubleshooting case where Azure SQL Managed Instance Failover Group creation failed in a hub–spoke network with a centralized firewall, and explains the specific port, routing, DNS zone, and firewall behaviors that commonly block replication from initializing.

vsakash shares a production-tested Terraform pattern for deploying Azure Redis Enterprise across regions with geo-replication, focusing on primary/replica design, per-region isolation (networking and Key Vault), and a parameterization approach that scales cleanly from dev to prod.

jtracey93msft explains two updates to Azure Landing Zones: a new “Local” management group for Azure Local and exit planning to disconnected operations, plus refreshed SLZ sovereign policy initiatives aligned to control levels for data residency and encryption.

troettinger announces Azure Local 2604, focusing on sovereign-scale and edge deployments: disaggregated compute/storage with SAN support (now GA), plus a new “Local Identity with Azure Key Vault” option that removes Microsoft Active Directory dependencies for disconnected and regulated environments.

aloormahesh explains how to move Azure API Management (APIM) from manual portal edits to an APIOps/GitOps workflow, using source control and pipelines to validate, deploy, and promote API configuration safely across environments with better traceability and security.

Parvathy_R_Pillai compares traditional ML pipelines with Azure AI Foundry, focusing on the shift from model-centric delivery to operating end-to-end AI applications (including agents) with built-in governance, evaluation, and observability for production use.

vikasgupta5 explains how Azure Functions Service Bus triggers work and provides a practical troubleshooting guide for common failures like connection/auth issues, message lock loss, DLQ behavior, duplicate processing, scaling problems, sessions, and AMQP/network errors, with concrete host.json settings and verification steps.

kumar_rahul introduces Microsoft’s in-house MAI models for speech-to-text, text-to-speech, and text-to-image, and explains what changes for Azure developers—especially around Foundry-native governance (RBAC, Entra ID, Managed Identity) and building agent-oriented, multimodal workloads.

ChandraHundigam_MSFT explains a CAF-aligned approach to Azure Key Vault auto-rotation for keys, secrets, and certificates, focusing on preventing outages from expirations while keeping governance, auditability, and approval workflows in place using Azure Policy, Azure Monitor, Logic Apps, and managed identities.

PeterTHLee shares a validated Azure reference architecture for drone-based industrial inspections that combines deterministic computer vision with Azure OpenAI reasoning. The post breaks down an event-driven pipeline (Blob Storage → Functions → Vision/AML → OpenAI → Foundry evaluation → Cosmos DB → Power BI) and calls out security controls needed for production use.