Cloud as a Story - Vunvulea Radu

 On the 8th of June, I had the great opportunity to talk about the future of cloud security from the application point of view during DevTalks .  More details about my session are available below: Title : The future of secure application development on Microsoft Azure Abstract : To increase the application security it is necessary to use scanning tools and educate the development teams. Join us to discover insights from Romanian market and get hands-on example and experience sharing of Romanian MVP Radu Vunvulea on how to develop more secure applications and how they are integrated with the SDL and CI/CD pipelines. Explore tools like Black Duck, SonarQube, HostedScan, AzSK, and the integration with Azure DevOps. Slides :  https://www.slideshare.net/raduvunvulea/how-romanian-companies-are-developing-secure-applications-on-azurepptx  

This year I had the honour to deliver a session during Microsoft Build . The topic that I talked about was cloud security development inside Microsoft Azure, covering the tools used by local Romanian IT companies to build secure cloud applications.  More content related to my session is available below: Intro : Discover how you can ensure that application secrets are not published to the project repository and what are the tools that can detect and react when this happens. Find out how you can maintain control of governance and security across large deployments using multiple tenants and subscriptions where a central tool is required to scan and manage security and cost economics aspects. Abstract : To increase the application security it is necessary to use scanning tools and educate the development teams. Join us to discover insights from Romanian market and get hands-on example and experience sharing of Romanian MVP Radu Vunvulea on how to develop more secure applications and how th

On the 18th of May, I was invited to deliver training for UBB master's degree students in Computer Science. The main topic was cloud and how cloud vendors will influence IT solutions. The topics that were covered together with the students were: Cloud core concepts How cloud evolve in the last 10 years Cloud trends and market needs I hope that you enjoy the cloud workshop. If you have questions, feel free to contact me. 

 In the first part of May, I had the great opportunity to deliver a session during SQLDay 2022 . During my session, I talk about cloud security and the most important things that a company should take to secure their cloud solutions. RBAC, cloud governance and data security are the top 3 priorities that should be part of your cloud strategy. 

At the end of this month, I am delighted to deliver a session at Microsoft Build . Build is Microsoft's annual developer conference. During the three days of the conference, Microsoft is announcing the most development news, and updates for developers and Microsoft experts around the globe are sharing their experience and knowledge.  My talk is about developing secure applications inside Microsoft Azure. The insights that I plan to share with the audience cover the tools and mechanisms used by development teams from Romania to ensure that they build secure applications, following Microsoft's best practices and recommendations. For example, how we can ensure that application secrets are not published to the project repository, and what are the tools that can detect and react when something like this is happening. Another important aspect that we talk about is maintaining control of governance and security across large deployments using multiple tenants and subscriptions where a

Nowadays, if you use Azure to run your business, there is an 80% chance of using Azure AD as the Identity and Access Management system. The strong integration with on-premises AD tenants, Google, Facebook and Azure AD B2B and Azure AD B2C makes our life much easier.  What if you provide access to an external user that cannot be authenticated using AD, MSA (Microsoft Account) or social identity providers? Or you don't know what kind of IAM the user has. OTP (Email one-time passcode) is your friend in this situation. The feature enables us to share resources or provide access to external users without requesting them to create an account. The only thing that the user needs is an email address and nothing more. The one-time passcode is sent to their email address at the moment in time when they want to access the resource that you shared with them. The passcode is valid for 30 minutes and provides a valid session for the next 24 hours. If the passcode or session expires, there is no p