Episode Details

Back to Episodes
Course 29 - AZ-500 Microsoft Azure Security Technologies | Episode 7: A Comprehensive Guide to Virtual Machine and Container Security

Course 29 - AZ-500 Microsoft Azure Security Technologies | Episode 7: A Comprehensive Guide to Virtual Machine and Container Security

Published 1 month, 3 weeks ago
Description
In this lesson, you’ll learn about securing infrastructure and application workloads in Microsoft Azure, with a focus on Virtual Machines and containerized environments:Virtual Machine (VM) Security
  • Understanding the shared responsibility model:
    • Azure secures the cloud
    • You secure the OS, applications, and configurations
  • Key security practices:
    • Endpoint Protection:
      • Using Microsoft Antimalware or third-party solutions
    • OS Hardening:
      • Applying Center for Internet Security benchmarks
      • Disabling unnecessary services and tightening permissions
    • Identity Management:
      • Using Managed Identities to eliminate hard-coded credentials
    • Update Management:
      • Automating patching with Azure Update Management for Windows & Linux
Container Security Fundamentals
  • Using containers for lightweight, portable applications with Docker
  • Core Azure container services:
    • Azure Container Instances (ACI) – quick, serverless containers
    • Azure Container Registry (ACR) – private image storage
    • Azure Kubernetes Service (AKS) – container orchestration
  • Security best practices:
    • Vulnerability Scanning:
      • Scan images regularly for known exploits
    • Trusted Registries:
      • Use private registries instead of public/unverified images
    • Registry Protection:
      • Disable admin keys
      • Use Azure AD + RBAC
      • Enable firewall rules and Content Trust (image signing)
Container & Orchestration Security
  • Securing container workloads:
    • Implementing network segmentation
    • Managing secrets securely (no hardcoding)
    • Enforcing least-privilege runtime permissions
  • Reducing risks such as:
    • Container escape
    • Host takeover
    • Unauthorized access
Orchestration with AKS
  • Understanding Kubernetes architecture:
    • Managed control plane (Azure-managed)
    • Worker nodes (VMs you manage)
    • Workloads organized into pods and namespaces
  • Practical operations:
    • Deploying apps using kubectl
    • Configuring secure access to ACR using service principals
    • Monitoring workloads via Kubernetes dashboard
Key Takeaways
  • VM security depends on hardening, patching, and identity control
  • Container security requires trusted images and strict access control
  • ACR and AKS provide secure, scalable platforms when configured properly
  • Defense-in-depth is essential across VMs, containers, and orchestration layers
This lesson equips you with the skills to secure both traditional VM workloads and modern containerized applications in Azure.

You can listen and download our episodes for free on more than 10 different platforms:
https://linktr.ee/cybercode_academy
Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us