• Global Cloud Solutions: AWS / Azure / GCP / IBM SoftLayer / Oracle Cloud (IaaS)
• Multi Cloud / hybrid Security
• MS Defender for cloud, MS Defender for Endpoint, MS Defender for Identity, MS Defender for CloudApps, MS Defender for O365, MS Defender for IOT
• Azure KQL
• 5 security archetypes for cloud security management platform umbrella:
Cloud Security Posture Management (CSPM), Cloud Workload Protection Platform (CWPP), Cloud Access Security Broker (CASB), Cloud Infrastructure Entitlement Management (CIEM), Cloud-Native Application Protection Platform (CNAPP)
• Cloud Security Governance (Incident, Vulnerability, Endpoint Protection, Identity Protection and Security Improvement)
• Cloud FinOps- Azure (Cost Optimization & Recourse Optimization) & AWS Cost Management console(ACM)
• Container Security
• Azure
#Cloud Adoption Framework (CAF) & Well-Architected Framework (WAF)
Compute, Storage, Network, Security, Compliance & Management
Azure Firewall & Firewall Manager, Azure WAF, DDoS Protection, Azure Key Vault, Azure Bastion: Secure RDP/SSH, Secure VM, Azure Lighthouse, Azure Backup, Azure Site recovery, Express Route, VPN, Vnet, Vnet peering, Private Link, Azure AD App Proxy: Secure Remote Access, Azure Arc: Hybrid and Multicloud Management, Azure Stack: Hybrid and Edge Computing,
VM, Web App
#Azure Active Directory: Password-less & MFA, Hello for Business, Authenticator App, FIDO2 Keys, Azure AD PIM, B2B & B2C.
- Identity Protection: Leaked Credential Protection.
- Identity Governance: Identity, Access, and Privileged Access Lifecycle, Entitlement Management, Access Requests, Workflow, Policy and Role Management, Governance Enforcement.
- Defender for Identity: User Behaviour and Activities, Investigate Alerts, AD FS Protection, Lateral Movement Detection
Blueprints, Management Groups, SecOps, AI- Az LUIS, ChatBot, AZ ADF, Data Lake, Azure AD Connect, DirSync and AAD Sync, SSO.
# Microsoft 365 Defender: Extended Detection and Response (XDR). Endpoint, Office365, Identity, and more
- Defender for Cloud: Cross Cloud XDR.
- Microsoft Sentinel: Cloud Native SIEM, SOAR.
- Microsoft Endpoint Manager: Intune and Configuration Manager.
- Microsoft Defender for Endpoint
• AWS Security Specialty Services:
# AWS Certificate Manager, AWS CloudHSM, AWS Resource Access Manager (RAM), AWS Secrets Manager, AWS Security Hub, AWS Artifact, AWS Control Tower, AWS Service Catalog. AWS Identity and Access Management (IAM), AWS Artifact, AWS Audit Manager, Amazon Cognito, Amazon Detective, Amazon Macie, AWS Directory Service, AWS Firewall Manage, Amazon Cloud Directory, Amazon Guard Duty, AWS IAM Identity Centre (successor to AWS Single Sign-On), Amazon Inspector, Amazon Macie, AWS Network Firewall, AWS Resource Access Manager (AWS RAM), AWS Secrets Manager, AWS Security Hub, AWS Shield, AWS WAF, Amazon Quick Sight, AWS Organizations.
#IAM, EC2, AMI, EBS, EIP, KMS, EFS, VPC, Endpoint, NACL, ELB & AS, S3 & Glacier, Cloud Watch & Cloud Trail, SNS, AWS (Work[1]spaces/Directory/Organization/AppStream/Switch Role) End-User-Computing VDI, AWS Config, AWS Federated authentication with Active Directory Federation Services (AD FS), MFA, KMS, WAF, VPC, Logging and Monitoring, Trusted Advisor, AWS SSO with Azure AD.
• Google Cloud Platform (GCP)
#Implementation of cloud solutions: IAM, VPC Service Controls, Cloud Armor, Cloud KMS & Secrets Management, VPC Firewall.
# GCP SCC(Security Command Center)
# Cloud Logging and SIEM (i.e. Rapid 7 Insight IDR)
# Google Chronicle
# Google workspace Management.
• Backup Management: Druva Backup, Cloud Berry,
• Dynatrace, Splunk, Zabbix, SolarWinds,IBM QRadar, Aqua Container Security, Qualys, Nessus
• Repid7:
InsightVM, InsightAppSec, InsightIDR, InsightConnect, InsightCloudSec, tCell, Nexpose, AppSpider, Metasploit, Insight Agent, Insight Network Sensor, InsightOps
• Infra as a Code (IaC)- Terraform, AWS CloudFormation, Azure – ARM Templates
• LLD & HLD Creation.
Accomplishments-
Illustrative Projects and Implementations-