Architect secure infrastructure in Azure

In this module, you'll use the alert capabilities of Microsoft Defender for Cloud to watch for and respond to threats.

Use Azure Disk Encryption (ADE) to encrypt OS and data disks on existing and new VMs.

Your application requires service passwords, connection strings, and other secret configuration values to do its job. Storing and handling secret values is risky, and every usage introduces the possibility of leakage. Azure Key Vault, in combination with managed identities for Azure resources, enables your Azure web app to access secret configuration values easily and securely without needing to store any secrets in your source control or configuration.

Learn how to use Azure RBAC to manage access to resources in Azure.

Secure the traffic from your users all the way to your web servers by enabling TLS encryption on Application Gateway.

Identify the data in your organization and store it on Azure. Store secrets securely, and use client-side encryption and Storage Service Encryption to help protect your data.

Secure your Azure SQL Database to keep your data secure and diagnose potential security concerns as they happen.

Monitor Microsoft Entra security events with built-in reporting and monitoring capabilities to prevent unauthorized access and potential data loss.