Skip to content

Latest commit

 

History

History
25 lines (17 loc) · 1.91 KB

10-Design_solutions_securing_applications.md

File metadata and controls

25 lines (17 loc) · 1.91 KB
casestudy
title module
CaseStudy: Design solutions for securing applications
Module 10: Design solutions for securing applications

This case study exercise is designed to provide experience performing some conceptual design tasks that relate to the subjects learned in this module.

Case study: Design solutions for securing applications

Tailwind Traders is a fictitious home improvement retailer. It operates retail hardware stores across the globe and online. The Tailwind Traders CISO is aware of the opportunities offered by Azure, but also understands the need for strong security and solid cloud architecture. Without strong security and a great point of reference architecture, the company may have difficulty managing the Azure environment and costs, which are hard to track and control. The CISO is interested in understanding how Azure manages and enforces security standards.

Requirements: DevOps security

Tailwind Traders is planning on making some significant changes to their Application Security Strategy. Currently, they're using the Waterfall development cycle to manage all applications. They have asked for your assistance with recommendations and questions. Here are the specific requirements.

The company has a new security optimization project for customer environments. The CISO wants to ensure that all available applications are secured and controlled in the cloud.

Design tasks

  • What could Tailwind Traders do to increase the organization's ability to rapidly address security concerns without waiting for a longer planning and testing cycle of a waterfall model? Evaluate a standard and explain your decision-making process.
  • What security strategy components could Tailwind Traders use to mitigate breaches for new applications deployed in Azure?
  • How are you enforcing Application Security for all users to protect their identity, data, and other assets in Microsoft Azure?