azure
Safeguard articles tagged "azure" — guides, analysis, and best practices for software supply chain and application security.
38 articles
Azure Monitor for Supply Chain Observability
Supply chain observability in Azure is not missing telemetry — it is missing the right queries. A walk through the Azure Monitor data sources that actually answer the hard questions.
Azure App Service Deployment Security
App Service deployments are easy, which is the problem. A look at the deployment paths, credential surfaces, and hardening steps that matter for production workloads.
Azure Bicep vs ARM: Security Comparison
Bicep and ARM templates produce the same deployments, but their security properties diverge — in module provenance, what-if analysis, registry trust, and review experience.
Azure Container Registry Trust Model
What Azure Container Registry actually guarantees about the images you pull — signing, attestation, content trust, and where the trust chain breaks in practice.
Azure Policy for Supply Chain Enforcement
Azure Policy is the enforcement layer most Azure platforms underuse. A concrete, policy-by-policy guide to wiring it into supply chain controls that actually stick.
Azure Key Vault Rotation Patterns
Rotation is the Key Vault feature most teams nominally have and few actually operate. A walk through the patterns that work for secrets, keys, and certificates at scale.
Azure Functions Supply Chain Security
Azure Functions hide a surprising amount of supply chain risk — Oryx builds, run-from-package, extension bundles, and the way deployment slots interact with identity.
Azure Managed Identities and the Supply Chain
Managed identities are the credential primitive that fixes most supply chain risk in Azure — but only if you use them the way the service actually intends.
Cloud Marketplace Security: What AWS and Azure Listings Actually Verify
Buying software through AWS Marketplace or Azure Marketplace feels safe. But what security verification actually happens before a listing goes live?
Azure Container Registry Security: Locking Down Your Image Pipeline
How to secure Azure Container Registry with network isolation, content trust, and Microsoft Defender for Containers integration.
Azure Defender for Containers: Getting Real Security Value
How to configure and operationalize Microsoft Defender for Containers for ACR scanning, AKS runtime protection, and CI/CD integration.
Azure DevOps Pipeline Security Hardening: A Practical Guide
How to lock down your Azure DevOps pipelines against supply chain attacks, credential leaks, and unauthorized deployments.