Blog On Clouds - by Stephan Kristiansen | Here I mostly write about stuff related to cloud computing and security. Some keywords for topics that is touched: Azure, cloud architecture, integration architecture, API Management, API Security, Identity and Access Management (IAM).

Posts

Apr 22, 2022
Requirements and preparations for the CCSP
So I mentioned in my previous post that it’s been a bit quite here lately. The reason is that I’ve spent my free moments preparing for the CCSP (Certified Cloud Security Professional) exam. In this post I’ll give some insight into my journey and the basics of the requirements for... Continue reading →
Apr 19, 2022
Top security and risk management trends for 2022
It’s been a little quite here lately. I’ll get into reasons for that at a later date. For now - let’s focus on top security and risk mangement trends for 2022. According to Gartner there are seven top trends leaders and organizations needs to address to protect the expanding digital... Continue reading →
Feb 27, 2022
Azure AD CBA - what is it?
Azure AD certificate-based authentication Feb 14 2022 Microsoft announced the public preview of Azure AD certificate-based authentication (Azure AD CBA). This is a direct response to the US Presidents Executive Order 14028 on Improving the Nation’s Cybersecurity that calls for the Federal Government to modernize and adopt a Zero Trust... Continue reading →
Jan 25, 2022
Cloud adoption and improved security
Is the cloud more secure than on-premise infrastructure? A very common question and something Phil Venables the VP/CISO of Google Cloud in short says yes to. The complete answer is more nuanced and grounded in 8 “megatrends” that drives technological innovation and that improves the overall security posture of both... Continue reading →
Jan 20, 2022
Schrems II: Confidential Computing as an additional safeguard?
I am not going to claim expert level knowledge regarding the Schrems II verdict, but I’ll give it a go in this post exploring the use of confidential computing as an additional measure to adequately protect personal data. The EU-US Privacy Shield invalidation left most European organizations hosting data with... Continue reading →
Jan 10, 2022
API security: Why you should care and what you should do
It’s been a little quiet here lately. I blame christmas etc. During the time since the last post I have done a bit of work with API security (or more the lack thereof). So in this post I write up some of the things I’ve been looking at. Why should... Continue reading →
Nov 4, 2021
Azure Container Apps
Lately I’ve been playing around with both Azure App Service and Azure Kubernetes Service along with Terraform - hopefully I’ll throw together a blog post or two about my experiences with that later. To sum up some of my experiences working with this: There has to be an easier way.... Continue reading →
Oct 6, 2021
Infrastructure as Code with Terraform
I’ll be the first to admit I’ve never really been an infrastructure guy. I wouldn’t say I’m an infrastructure guy now either, but with Infrastructure as Code things are way more interesting. What is Infrastructure as Code? There are a lot of explanations on what Infrastructure as Code is if... Continue reading →
Sep 6, 2021
Azure Migrate: App Containerization
Listening an episode of The Azure Podcast from June 2021 I heard about the offering of doing app migration by containerizing your applications. I looked this up through Microsofts documentation as well. A good summery is the diagram below illustrating the capabilities: On the one hand I can certainly see... Continue reading →
Aug 26, 2021
My certification journey
Why I started the certification journey Over a couple of years I have played a bit with Azure - mainly App Services and Azure Functions/Azure Logic Apps. I have also listened to numerous podcasts like Cloudskills, The Cloudcast and The Azure Podcast (to name a few) over some time and... Continue reading →
Jul 11, 2021
Azure Logic Apps, Azure Functions and the On-premise data gateway architecture
There’s a few different approaches for connecting your cloud infrastructure to your on-premise data sources. With that in mind I had some spare time this weekend to check out the approach of the on-premise data gateway architecture: Reading and learning about the different approaches is interesting, but in the end... Continue reading →
Jun 28, 2021
Azure Static Web Apps
Welcome to my new blog! I can’t promise I’ll be keeping this thing updated too often, but once in a while when something new exites me I’ll try to do a quick post. After seeing Azure Static Web Apps going GA I thought it would be a good idea to... Continue reading →