To be useful, an Azure Sentinel lab must replicate an enterprise network as closely as possible. In the first post of our Azure Sentinel lab-building series, we learned how to automate the deployment of a team lab. In our second post, we learned how to automate user access provisioning. However, to be realistic, we must include an Active Directory Domain Controller.

By including a domain controller (DC), our team will enjoy a realistic, hands-on experience managing and securing centralized authentication, permissions, and user data. The DC will simulate an enterprise environment where users can practice configuring group policies, managing user accounts, and enforcing security protocols.

The fourth quarter is budgeting time for most companies. Equally, most security managers are gearing up to support their CISO with preparing the security budget for the upcoming year.

Security budgeting is an overlooked area in the cybersecurity industry. It’s also an overlooked skill set when hiring and training cybersecurity executives. Yet, it is a crucial aspect of managing a cybersecurity program. Cybersecurity budgeting rests at the crossroads between cybersecurity (as a discipline) and business.

In the first post of our Azure Sentinel lab-building series, we learned how to deploy a team lab in a fully automated manner. Using Azure Bicep, it was possible to automatically provision a lab that included a Sentinel SIEM alongside a configurable number of virtual machines. Moreover, the lab included a Sysmon-based solution allowing users to create detection analytics targeting real-life adversary behaviours. Finally, the lab could be deployed and destroyed on-demand, helping save costs.

A vulnerability management policy is a key component of an Information Security Management System (ISMS). This is especially true for SaaS companies selling cloud products. Before buying such products, customers will seek proof that product security vulnerabilities are consistently managed.

While a vulnerability management policy, on its own, cannot offer bullet proof guarantees, it is still considered a must-have. Any customer needing assurance that proper vulnerability management practices are being followed by suppliers will expect one.