Seeking Guidance on Ensuring Robust Security for Azure Deployments

qy.product 0 Reputation points
2024-11-01T06:11:00.9+00:00

Hello,
I am currently using Azure services, but I am encountering issues during the deployment of my software. I have searched for many articles online, but I haven't found effective answers on how to ensure robust security for the website and address potential vulnerabilities, such as DDoS attacks. Could you please provide some guidelines or direction?
Thank you!

2024-09-06S0MoP15EAo+7YmQDwjfYcuFc7LEDpUwEayisfxkhdfkWR8wseVxvTI0baC3fPujO2trqQ/EJDYTIG6PWxbAgoKIw+eS6wmUYUx72XHMUsIsY=2024-09-06E

Azure DNS
Azure DNS
An Azure service that enables hosting Domain Name System (DNS) domains in Azure.
699 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Ganesh Patapati 1,745 Reputation points Microsoft Vendor
    2024-11-01T18:23:24.2466667+00:00

    Hi qy.product

    Greetings,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    Check your application's performance before you launch it or deploy updates to production. Use Azure Load Testing to run cloud-based load tests to find performance problems in your application, improve deployment quality, make sure that your application is always up or available, and that your application can handle traffic for your launch.

    Install a web application firewall

    Web applications are increasingly targets of malicious attacks that exploit common known vulnerabilities. Common among these exploits are SQL injection attacks and cross-site scripting attacks. Preventing these attacks in application code can be challenging. It might require rigorous maintenance, patching, and monitoring at many layers of the application topology. A centralized WAF helps make security management simpler. A WAF solution can also react to a security threat by patching a known vulnerability at a central location versus securing each individual web application.

    The Azure Application Gateway WAF provides centralized protection of your web applications from common exploits and vulnerabilities. The WAF is based on rules from the OWASP core rule sets 3.0 or 2.2.9.

    Refer: https://learn.microsoft.com/en-us/azure/security/develop/secure-deploy?source=recommendations

    Azure DDoS Protection fundamental best practices

    Refer: https://learn.microsoft.com/en-us/azure/ddos-protection/fundamental-best-practices?source=recommendations

    The following sections give prescriptive guidance to build DDoS-resilient services on Azure.

    1. Design for security
    2. Design for scalability
    3. Defense in depth

    Hope this clarifies,

    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

    Regards,

    Ganesh

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.