Skip to main content

Azure Insights: Web app risks; Landing Zones; Cost optimization

by MSCN Reporter
Staff Writer,

Azure pros discuss top web application risks when using Azure, Review Assessment for Azure Landing Zones, and cost optimizing Azure SQL Database.

Top web application risks when using Azure

Writing on Build5Nines, Chris Pietschmann discussed some of the top web application security risks while using Azure. Increasingly, Azure customers host web apps in the cloud, heightening some security risks. Injection attacks are particularly prominent, allowing a SQL or NoSQL injection to execute malicious code in an environment, exploiting vulnerabilities in the way user input is processed.

Cross-site scripting, broken authentication, security misconfigurations, insecure deserialization, and broken access control are all among the ways that attackers can disrupt day to day operations. According to Pietschmann, customers should be particularly careful about using components with known vulnerabilities and failing to undertake adequate logging and monitoring. Boosting rate limiting and DDoS protection can be useful for safeguarding web apps. He wrote:

[S]afeguarding web applications in the Microsoft Azure cloud environment requires a multifaceted approach…Stay proactive in monitoring and securing your Azure resources to ensure the continued safety of your web applications.

Review Assessment for Azure Landing Zones

Microsoft senior cloud advocate Thomas Maurer looked into the role of Azure Landing Zones as a way to prepare environments to host workloads. The Review Assessment tool helps to evaluate readiness for migrations. Customers can enter responses to multiple choice questions, resulting in a personalized report with guidance on creating a landing zone. He wrote:

FREE Membership Required to View Full Content:

Joining gives you free, unlimited access to news, analysis, white papers, case studies, product brochures, and more. You can also receive periodic email newsletters with the latest relevant articles and content updates.
Learn more about us here

About MSCN Reporter
More about MSCN Reporter