Quelle: <a href="These Are The AI Trends That Keep Us Up At Night“>BuzzFeed
Galliumnitrid gilt als neues Wundermaterial. Infineon gibt derzeit viel Geld in dem Bereich aus. (Infineon, PC-Hardware)
Quelle: Golem
In mehreren Bundesländern gehen Verdi und Fridays for Future heute gemeinsam auf die Straße. Sie demonstrieren unter anderem für den Ausbau des ÖPNV. (Verkehrswende, Verdi)
Quelle: Golem
Apple wird vorgeworfen, mit fadenscheinigen Begründungen ein App-Update im App Store zu blockieren und damit Innovationen zu verhindern. (Apple App Store, Apple)
Quelle: Golem
Derzeit herrscht viel Aufregung um die geplante Zwangsregelung von Wallboxen und Wärmepumpen. Das Problem ist: Alle haben irgendwie recht. Ein IMHO von Friedhelm Greis (Elektromobilität, Elektroauto)
Quelle: Golem
Obwohl es für ein Pilotprojekt zur Kontrolle von Handy-Nutzung am Steuer keine Rechtsgrundlage gab, müssen erwischte Autofahrer ein Bußgeld zahlen. (Mobilität, Datenschutz)
Quelle: Golem
Today we are pleased to announce the public preview of Azure VMware Solution in Microsoft Azure Government.
With this release, we are combining VMware cloud technologies with world-class Azure infrastructure in Azure Government, which is designed, built, and supported by Microsoft to help meet the highest levels of government security and compliance. Azure Government delivers a dedicated cloud, enabling government agencies and their partners to streamline migrating mission-critical workloads to the cloud.
Azure VMware Solution is a fully managed service in Azure that customers can use to extend their on-premises VMware workloads more seamlessly to the cloud, while maintaining their existing skills and operational processes.
Azure VMware Solution is already available in Azure commercial for any customer, including public sector organizations. With this launch, we are extending the same benefits of Azure VMware Solution to Azure Government, where US Government customers and their partners can meet their security and compliance needs.
Continue reading to explore how to get started with Azure VMware Solution in Azure Government.
Accelerating the migration journey in Azure
Azure VMware Solution delivers a VMware vSphere-based, single-tenant, private cloud in Azure Government. VMware workloads run on bare metal hardware in Azure datacenters. Customers can stand up a VMware environment with enhanced speed in Azure and more quickly gain access to their VM resources while also accessing Azure services, such as Microsoft Defender for Cloud, Azure Monitor, or Log Analytics.
Microsoft operates and supports the Azure VMware Solution environment and all the necessary networking, storage, and management services, which includes benefits such as the following:
Seamlessly modernize over time with Azure services: With Azure VMware Solution, you can leverage Azure services and further modernize workloads on your timeline, such as Azure App Service, Azure Kubernetes Service, Azure Traffic Manager, security, and analytics.
Better streamline migration efforts with familiar tools and services: With a unified Azure experience via the Azure Government portal, customers can integrate their existing processes and tools “as-is” and run familiar VMware technology, including VMware vSphere, VMware HCX, VMware NSX-T, and VMware vSAN. HCX Enterprise edition is available at no additional cost, which enables you to streamline data and applications to help accelerate large-migration efforts and reduce time.
Maintain business continuity and workloads more securely on Azure: Leverage Azure services on the public cloud for disaster recovery, backup, security, and more to safeguard your applications. Azure enables customers to integrate VMware workloads with best-in-class cloud security features, such as:
Azure Virtual Network integration provides perimeter network controls using solutions such as network and application security groups and network security solutions for applications such as the Azure Application Gateway.
Logging, monitoring, and alerting solutions, such as Azure’s security information and event management (SEIM) solution, Azure Sentinel, and threat detection using Defender for Cloud (formerly Azure Security Center).
Customer-managed keys provides enhanced control over encrypted VMware vSAN data using HSM (hardware security model) backed Azure Key Vault and certificate authority integration for automated certificate management.
End-to-end encryption safeguard data according to your company’s security and compliance needs with Azure Data Encryption at Rest with all Azure services.
Savings opportunities in Azure
Achieve savings in Azure with a managed infrastructure to expand or shrink your cloud environment on demand as your business needs change.
Savings opportunities on Windows Server and SQL Server with Azure Hybrid Benefit in Azure
Customers can leverage the value of existing on-premises Windows Server and SQL Server licenses when migrating or extending to Azure. As a core Azure service, Azure VMware Solution supports Azure Hybrid Benefit, allowing customers to bring their existing Microsoft workloads running on-premises to the cloud.
Get extended security updates for Windows Server and SQL
Azure VMware Solution customers are also eligible for three years of Extended Security Updates on 2008/2012 versions of Windows Server and SQL Server. These pricing benefits are only available in Azure and foster greater simplicity and cost efficiency for your journey to cloud.
Benefit from the Microsoft and VMware partnership
VMware and Microsoft have a long-standing partnership, and now more than ever it is important we come together and help customers create business resiliency, efficiency, and agility.
"As public sector customers accelerate their modernization efforts, they need the flexibility and choice to select the right cloud for each application,” said Jennifer Chronis, Vice President, public sector at VMware. “Together with Microsoft, we are delivering a modern, more consistent cloud service that will provide US government customers and partners with new options to migrate or extend their on-premises VMware environments to the cloud.”
Get started with the preview today
There are several ways to learn more and get started with the public preview of Azure VMware Solution in Azure Government. Please reach out to your Microsoft account team for more details on the preview, to provide feedback on this release you can contact the team at AVSGov@microsoft.com, and to learn more about getting started on Azure VMware Solution you can visit the documentation page.
Quelle: Azure
Whether you're a new student, a thriving startup, or the largest enterprise, you have financial constraints, and you need to know what you're spending, where it’s being spent, and how to plan for the future. Nobody wants a surprise when it comes to the bill, and this is where Microsoft Cost Management comes in.
We're always looking for ways to learn more about your challenges and how Microsoft Cost Management can help you better understand where you're accruing costs in the cloud, identify and prevent bad spending patterns, and optimize costs to empower you to do more with less. Here are a few of the latest improvements and updates based on your feedback:
Microsoft has joined the FinOps Foundation.
Updates for Azure pricing pages.
Tag inheritance using Settings API.
Group resources with the cm-resource-parent tag.
What's new in Cost Management Labs.
New ways to save money with Microsoft Cloud.
New videos and learning opportunities.
Documentation updates.
Let's dig into the details.
Microsoft has joined the FinOps Foundation
In today’s economic times, the criticality of cost efficiency is at an all-time high. Organizations need high-quality guidance backed by products and services that help you achieve and maintain that efficiency. This is a large part of what we do today within the Cost Management team and the larger Commerce organization here at Microsoft. In that vein, we are excited to announce that Microsoft has joined the FinOps Foundation as a premier member and has joined the Governing Board, defining the strategy and vision of the organization. Together, we can deliver unparalleled guidance and innovative solutions that empower organizations to increase efficiency and accelerate growth.
As we look toward our future, we’re exploring five primary focus areas:
Defining specifications and evolving best practices.
Aligning our collective guidance.
Improving our products and services.
Advancing training and certification programs
Engaging with the community.
To learn more, see Microsoft joins the FinOps Foundation on the Azure blog.
Updates for Azure pricing pages
We've been working hard to make some changes to our Azure pricing experiences, and we're excited to share them with you. These changes will help make it easier for you to estimate the costs of your solutions.
You can now see on-demand, savings plan, and reservation pricing for various services in the pricing calculator, helping you choose the one that best suits your needs.
The virtual machines selector offers streamlined management of data disks that provide you with more flexibility and customization.
Explore new pricing offers like serverless compute and Hyperscale storage in SQL Database, Premium v3 SKUs for App Service, and the paid tier for Azure Kubernetes Service, as well as other new offers added to Azure Form recognizer, Azure Private 5G Core, Energy Data Services, Azure Communication Gateway, and more.
There are many content updates to various pages, including the IoT Hub, Azure Monitor, and Data Pipeline pricing pages; and, Defender for IoT and Azure Data Explorer in the pricing calculator.
Lastly, we also updated the Azure Hybrid Benefit landing page, making it easier for you to understand how you can save with our savings plan.
We're constantly working to improve our pricing tools and make them more accessible and user-friendly. We hope you find these changes helpful in estimating the costs for your Azure Solutions. If you have any feedback or suggestions for future improvements, please let us know!
Tag inheritance using Settings API
In November, we announced the tag inheritance preview that can be enabled from Cost Management in the Azure portal. It’s exciting to see organizations and teams of all sizes utilizing tag inheritance to streamline their cost monitoring and showback strategies. One of the main requests we’ve heard has been for the ability to programmatically enable tag inheritance, especially as part of onboarding new subscriptions.
This month, we’d like to share how you can automate enabling tag inheritance using the Settings API via a simple PUT request:
PUT https://management.azure.com/subscriptions/<subscription-id>/providers/Microsoft.CostManagement/settings/taginheritance?api-version=2022-10-01-preview
{
"kind": "taginheritance",
"properties": { "preferContainerTags": false }
}
You can enable tag inheritance for your subscriptions or billing profiles. To learn more, see Group and allocate costs using tag inheritance.
Group resources with the cm-resource-parent tag
With the ease of provisioning cloud resources, it can be easy to lose track of the total cost as solutions grow. Instead of reviewing a flat list of the many resources that span different solutions, you need a smarter view that groups related resources together. Sonia Cuff explores how you can group your resources in the Cost analysis preview using the cm-parent-resource tag in Group your Azure resource costs with the cm-resource-parent tag. Learn how the tag works and how to apply it to your resources and let us know what you’d like to see next.
What's new in Cost Management Labs
With Cost Management Labs, you get a sneak peek at what's coming in Microsoft Cost Management and can engage directly with us to share feedback and help us better understand how you use the service, so we can deliver more tuned and optimized experiences. Here are a few features you can see in Cost Management Labs:
New: Merge cost analysis menu items.
Only show one cost analysis item in the Cost Management menu. All classic and saved views are one-click away, making them easier than ever to find and access. You can enable this option from the Try preview menu.
Remember preview features across sessions.
Select the preview features you're interested in from the Try preview menu and you'll see them enabled by default the next time you visit the portal. No need to enable this option—preview features will be remembered automatically in the preview portal.
Customers view for Cloud Solution Provider partners.
View a breakdown of costs by customer and subscription in the Cost analysis preview. Note this view is only available for CSP billing accounts and billing profiles. You can enable this option from the Try preview menu.
Total KPI tooltip.
View additional details about what costs are included in the Cost analysis preview. You can enable this option from the Try preview menu.
Recommendations view.
View a summary of cost recommendations that help you optimize your Azure resources in the cost analysis preview. You can opt in using the Try preview menu.
Forecast in the cost analysis preview.
Show your forecast cost for the period at the top of the cost analysis preview. You can opt in using Try preview.
Group related resources in the cost analysis preview.
Group related resources, like disks under VMs or web apps under App Service plans, by adding a “cm-resource-parent” tag to the child resources with a value of the parent resource ID.
Charts in the cost analysis preview.
View your daily or monthly cost over time in the cost analysis preview. You can opt in using Try Preview.
View cost for your resources.
The cost for your resources is one click away from the resource overview in the preview portal. Just click View cost to quickly jump to the cost of that resource.
Change scope from the menu.
Change scope from the menu for quicker navigation. You can opt-in using Try Preview.
Of course, that's not all. Every change in Microsoft Cost Management is available in Cost Management Labs a week before it's in the full Azure portal or Microsoft 365 admin center. We're eager to hear your thoughts and understand what you'd like to see next. What are you waiting for? Try Cost Management Labs today.
New ways to save money in the Microsoft Cloud
Here are a few new and updated offers you might be interested in:
Generally available: Azure Kubernetes Service introduces new Free and Standard pricing tiers.
Generally available: Cut costs and add AI-powered productivity with Teams Premium.
Generally available: Power Automate hosted machine groups for desktop flows (RPA).
Preview: Power Automate hosted machines desktop flows (RPA).
Preview: Making Dataverse available for all makers on Power Apps.
New videos and learning opportunities
Here are a few new videos you might be interested in:
Lessons learned optimizing Microsoft’s internal use of Azure (24 minutes).
Optimize your data protection costs with Azure Backup (21 minutes).
How-to: Deploy Azure VMware Solution with Azure NetApp Files datastore (16 minutes).
Follow the Microsoft Cost Management YouTube channel to stay in the loop with new videos as they’re released and let us know what you'd like to see next.
Want a more guided experience? Start with Control Azure spending and manage bills with Microsoft Cost Management.
Documentation updates
Here are a couple documentation updates you might be interested in:
Updated: View your Azure usage summary details and download reports for EA enrollments.
Updated: Azure Enterprise REST APIs. Keep in mind these APIs are no longer being maintained. Please switch to Azure Resource Manager APIs.
Plus 14 updates based on your feedback.
Want to keep an eye on all documentation updates? Check out the Cost Management and Billing documentation change history in the azure-docs repository on GitHub. If you see something missing, select Edit at the top of the document and submit a quick pull request. You can also submit a GitHub issue. We welcome and appreciate all contributions!
What's next?
These are just a few of the big updates from last month. Don't forget to check out the previous Microsoft Cost Management updates. We're always listening and making constant improvements based on your feedback, so please keep the feedback coming.
Follow @MSCostMgmt on Twitter and subscribe to the YouTube channel for updates, tips, and tricks. You can also share ideas and vote up others in the Cost Management feedback forum or join the research panel to participate in a future study and help shape the future of Microsoft Cost Management.
We know these are trying times for everyone. Best wishes from the Microsoft Cost Management team. Stay safe and stay healthy.
Quelle: Azure
With special thanks to Pete Bryan, Principal Security Research Manager, Microsoft Security.
The SQL injection attack remains one of the critical attacks in the OWASP Top 10, and it involves injecting a SQL query via the input data field into a web application without input validation. According to Microsoft Digital Defense Report 2022, 67 percent of web application exploits include SQL injections.
Azure Web Application Firewall (Azure WAF) provides centralized protection of your web applications from exploits and vulnerabilities. It protects against OWASP Top 10 attacks, bot attacks, application layer Distributed Denial of Service (DDoS) attacks, and other web attacks.
Azure WAF detects SQL injection attacks and blocks them by default. In certain instances, this could be a false positive that requires investigation and creation of Azure WAF exclusions. To complete a successful investigation, full context about the attack is needed and a process that guides you through the investigation is required.
We are pleased to announce a new Azure WAF guided investigation to tune WAF policy Notebook in preview. It guides you through an investigation experience to understand the Azure WAF incidents in Microsoft Sentinel, identify false positives, and automatically apply exclusions to WAF rules to address the false positives. This Notebook allows you to understand the WAF alert and pivot on key entities of the WAF event such as the request URI, client IP, hostname, and correlate with Threat Intelligence feeds to get a holistic view of the attack surface.
Azure WAF investigations powered by Microsoft Sentinel
Azure WAF is deeply integrated with Microsoft Sentinel, Microsoft’s Security Information and Event Management (SIEM) solution. Using the existing Azure WAF data connector, WAF logs are ingested and later analyzed for a variety of web application attacks and powerful visualizations pivoting on the full attack pattern are presented to you. This Notebook is built using Microsoft Threat Intelligence Center’s MSTICpy packages. With this Notebook, you can access rich historical contextual information using Microsoft Sentinel’s capabilities like incident generation, entity graph, and threat intelligence correlation, in conjunction with Azure WAF’s SQL injection detections based on OWASP rules and Microsoft Threat Intelligence rules.
Automated investigation and mitigation of web application attacks
Our new Azure WAF guided investigation to tune WAF policy Notebook provides an automated guided investigation for triaging Sentinel incidents triggered by Azure WAF SQL injection rules.
The solution includes the following components:
Azure WAF data connector in Microsoft Sentinel.
Microsoft Sentinel incidents that are generated due to SQL injection attack detected by the Microsoft Sentinel analytic rules.
Azure WAF Notebook that helps investigate Azure WAF logs and automatically applies WAF exclusions to the WAF policy.
A high-level diagram explaining the data flow is given below:
Let us look at two use case scenarios for using this Notebook:
Understanding the attack landscape when there is a true positive
Using the Notebook, you can pivot on various attack artifacts such as IP, URL, or domain threat intelligence, and understand the entity graph. This Notebook retrieves the WAF SQLi rule that generated the detection and looks up related SQLi rule events within the pre-selected time. Based on the above details, if you decide that the SQL injection attack is valid then you can update the incident severity and priority. In this scenario, the web application remains protected by Azure WAF.
Understand the attack pattern and create exclusions if there is a false positive
Using the Notebook, you can pivot on various attack artifacts such as IP, URL, or domain threat intelligence, and understand the entity graph. This Notebook retrieves the WAF SQLi rule that generated the detection and looks up related rule events. It also retrieves raw WAF logs to understand the relations between the request URI, client Ips, hostname entities and allows you to dynamically access the OWASP rule set in GitHub to understand the rule match pattern. Based on the investigations, if you decide this incident is a false positive, the process to automatically create granular exclusions is presented to you and the exclusions are applied to the Azure WAF policy using Azure WAF APIs.
The following personas would benefit from this Notebook:
Persona: Developer at SomeUnionFlight.com
Understanding SQL injection detection logic
Chris is a developer at SomeUnionFlight.com. His company hosts a website for users to search for flights and make flight reservations. They have hosted their website behind WAF with Azure Front Door (AFD) where AFD accepts user requests to search their website. SomeUnionFlight.com has an SQL backend where they store flight information. He notices that when users try to access the website, their access is getting blocked because the URL has “Union” keyword which is triggering the SQL injection rule. This detection is considered as a false positive because the “Union” keyword is used to mention a website name and not an SQL injection attack. He would like an investigation experience that helps him understand how to analyze this detection using Microsoft Sentinel and determine if it is a false positive. He would also like to automatically create exclusions for false positives for the URL without having to disable the entire rule.
Persona: SecOps analyst at Contoso.com
Understanding collateral attack vectors
Ashley is a Security Operations analyst at Contoso.com. Her company has purchased both Azure WAF and Microsoft Sentinel. She oversees analyzing WAF logs and identifying attack patterns. She would like to understand if the client IP or the request URI associated with the WAF rule that triggered the SQL injection are Indicators of Compromise (IoC). By understanding related Threat Intelligence Indicators of Compromises, she can prevent future attacks on her organization.
Get started today
SQL injection attacks are getting more prevalent by the day and Azure WAF protects web applications from these attacks. To enable a high-quality investigation experience for Azure WAF customers, we have created this new Azure WAF guided investigation Notebook that enables you quickly understand full attack surface and take actions on the incidents. You can follow our step-by-step instructions to learn how to use the Notebook.
This new Azure WAF Notebook can be found in Microsoft Sentinel under the Notebooks in the Threat Management section.
Quelle: Azure
AWS kündigt die allgemeine Verfügbarkeit von AWS Telco Network Builder an, um Kommunikationsdienstanbietern (CSPs) dabei zu helfen, die Bereitstellung und Verwaltung von Telekommunikationsnetzen in AWS zu automatisieren. CSPs möchten die Kosteneffizienz, Agilität und Elastizität der Cloud nutzen. Es kann jedoch kompliziert sein, herkömmliche Netzwerkanforderungen in einer Cloud-Umgebung umzusetzen. Um ein großes Netzwerk einzurichten, müssen Hunderte von Rechen-, Speicher- und Netzwerkkomponenten in AWS an Tausenden von Standorten bereitgestellt werden. Außerdem müssen sichere Netzwerke zwischen Standorten eingerichtet und gewartet werden sowie der laufende Netzwerkbetrieb verwaltet und skaliert werden.
Quelle: aws.amazon.com
