 They tell me during their high school, no, the university, they does not learn any about the secure software development. Singapore also provides you the cost of the secure software development. But every kind of confidence of you to answer your most is very, I'm very, I'm very sure the prediction is very secure. You kind of know, right? Because from my last, I can say last half year ago, I remember one day, I saw one, the application with the forward, the company also forward, the company in Dynamite, I see that the password is as forward inside the secure software. And also at the end of the, and also at the back, you can write it and view the script, the best Dynamite script, the password and then. Okay, who am I? I think I know need to train myself again. I think most of you seem involved. I am certified in Asia, Microsoft Asia, already three years. Okay, if you today want to learn to hacking, sorry, I will not teach you. Okay, because a lot of people ask, the first thing can teach me how to hack Facebook, the one you can Google it, but success rate is 101% of 100. Okay, this is just for education purpose. Okay, the most common, I will talk about how, about the SQL injection as a test. These two is the most common, then the other two will more cover on the infrastructure. Okay, every month, every month you can, you, if you got Azure pass, you can activate this one. You must have a sign up for Azure trial. For example, then after you get Azure trial, then you still need to activate this one. Every month, 15 US dollars. Then you can, every time you get hacked or other behavior inside your app, get hacked by other people, then you will get notified. I will show you later. Okay, today, most of my slides is screen shot for you, because my Azure K is finished. I do the demo, one demo, four demo, within one day, two hours is gone. Okay, here I will show you the workup. Okay, here you can get the template, because I created two virtual machines. One is for attack, another one is for different. Okay, here I already applied the template for Azure security for the SQL injection. Then, every time, I think most of the developer can't serve this one, because the firewall, the SQL firewall, never, still got 1% of that to get hacked, to institute inside your firewall. Then Microsoft cooperate with OMSP, you all here before? Also, never mind. This one, most, you all listen here before the CH-75 chemical hacker, most related to that, but I'm not selling you a course. Okay, the one will teach you how to attack the application and do a defense. But, for me, I have very less knowledge about the cybersecurity and I just use the Microsoft Azure. Okay, I just get my application. Here, I'm also creating, that I have deployed. Then, here I go for patient. Then, most common, you can try a lot of websites in Singapore by using the command with the SQL algorithm, we use the hints, a lot of websites in Singapore that can be used by using the SQL injection. You try, then, but not be touched by the government. Okay, this is not my responsibility to rescue you from the... Because you still need to get permission from the other company. Okay, here I will... That one, I will not tell you this one, the OMS. OMS is the services from the Microsoft management suite that related to the Microsoft Office 365. Then, here you can get and analyze the logs about how they go through the steps to do the SQL injection of our application. Okay, here I get all the things that the SQL injection when Microsoft Azure detects the application that can inject by other people. Here, you get notified what time and more details you can go through one by one. Okay, here you will tell you for the security standard overview, you can see that because this one you read out knowledge about cyber security, revamp or detect, then they will advise you how to do it by click some of the steps only. Okay, and just on the auditing and check detection. When I on the check detection, whatever happens, then you will get alert inside your email. You want the SMS, but I will not give the SMS. Okay, here you can see that. I get the SQL injection for my database, sent by Microsoft. Okay, after that, I need to revamp, always detect and revamp. Okay, they want to go that attack again, your application will show this one. That means that you already success prevent them for hacking, for SQL injection. Okay, and another way, this one also related to your Microsoft 365 operation management suite. It is the same way to show you to get the result, to get the result whenever you have block from the SQL injection. Okay. Sorry, push it. So you would like to show what actually the security standard can do with respect to threat detection. Yes, they can provide you the advices. Yes. But by the time the damage has already been done, because it has already injected, it has already taken your data out. So why not focus more on prevention, because rather than detecting and just providing information. How your developer is very confident in the SQL about your application? It's not about the developer's confidence, it's about the data prevention, the protection kind of things. So how about like having a layer because prevent it rather than... Okay, and you also provide you... The first thing they got, they got to give you the protection, encryption, everything. Even you did not have any knowledge about the prevention and encryption. Then they will advise you everything for encryption and do a backup, everything. Backup the actual data base. Maybe we can do a backup plan. Okay. Okay, anyone know the HTML5 syntax? No, right. Okay, I will show you this one. Okay. The same... Okay, then get ready for detection. Then the firewall on for detection. And also I go for my control software name, patient, and edit the application. You see that I can enter the script, the SQL syntax inside my dashboard. Okay. Now this one I will not tell you because this one more on attack. Okay, to do the analysis for the SSS. Okay, it just show you the same. The same about the SSS cross-site. It's more or less... It's more or less like an S-gram detection. Then we need to pre-run. Okay, right here. After pre-run, after you implement the prevention, then you will get this. The people will get this that already denied. How do you implement the prevention part? The prevention part, I only on the pre-run. Prevention from the... This one. Then the rest I pass to the Microsoft Editor to handle. Okay, so you say that first it was detection so I just get the information that there was somebody and you do the SSS attack. Yes. Then you just went there and change the firewall both from detection to prevention. Yes. And since you are paying $15 per month, so AKS coming to Azure will be there for you. Okay, that's that. I mean, Bharat, which creator will set it to prevention? Yeah. That's what I'm trying to say. Yeah, yeah. Yeah, that's fine. I understand what you're saying. Yeah, usually before you go to production, you'll do your penetration testing on staging environment so you can replicate. It's only you want to use Kali Linux for detecting the threats on your application layer. Yeah. Yeah. Yeah. Yeah. Okay, that always we need to find a lot. I need analytics. Okay, and here they already blocked the SSS attack. Both sides, script attack. Okay, then this one, where is the attack? Okay. I create one VM without any prevention and Azure security implementation. Okay, this one, RDP. This is similar to the Windows Server 2012. Yeah. It's 2016. You will not need to do a lot of things because every time they will ask a lot of questions after you're installing, go to tools, everything. And now Microsoft also provides you the new solution in coming soon in November or end of October. Okay, I downloaded this one, the application, yeah. I downloaded the software that contains illegal. Okay, after that, you go to the security center. That means that you don't have any endpoint protection issue because your virtual machine already attacked. Then they advise you, you need to implement this and you install the endpoint protection to your VM, the Microsoft NTA PowerWag. But if you install inside your Windows Server 2016, it does not provide this one. You need to go download by yourself. Then after that, you only can prevent the attack of your virtual machine. Okay, actually, I will show you. The virus was deleted after you download the zip file that contains the virus. Then the other thing that will come to you to delete because a lot of people, once the case happened in my company because somebody installed a China software and separate out through our whole network and our company website is now for one read. Then after that, we only found out the thing, the software download container virus and some of our data also lost. Okay, then this one is the system center endpoint. Anyone know system center? Don't know. That one, more on the infra side. Here, I will show you, you also get it. You already downloaded the virus file because normally a lot of people don't care. This security thing goes to the computer to handle but sometimes you don't know that the patient contact is a virus, okay, virus attack. Then you can see a lot. The file will download the EI card. Then you get the security detection. Even after that, you also at the same time get the email from the Microsoft. Okay, DDOS attack. That means that they use your network to spam a lot of IP and IP. Suddenly got 100 people to access to your website. More than 1000. Because some of the applications like e-commerce website. Previously, I was using a stress test. What e-commerce website? I only use the URL only. They only allow 2 minutes, only 25 people. Is that not it for your e-commerce website? Impossible, right? They miss that. Anything more than 25 to 30 people, they can't access. That means that any possible, that your reputation will be there. Instructor and DDOS attack. This one happens when you measure. This is why always, always the most common case in DDOS. They're using the public IP address. For example, some of the people using the... using some software to increase their number of views of YouTube. It's more like similar this. This one, the VM with DDOS. The metrics we can select. What are the things that you can try? We can use the services provided by Microsoft, the dynasty under DDOS attack only. Then I select the resources. I use the VM with DDOS protection. After that, I need to check the in-power package. Then we need to drop the DDOS and forward the DDOS. This one, Microsoft also provide you the DDOS protection plan. This one, if you sign up for Azure, this one will include inside your $15 per month asking. DDOS protection plan. You just save it and create it. After that, it will protect you from your network. It is OS protection. Then we're using the standard plan. I currently only use standard plan. If you go for premium plan, you need to pay by your own. The one got somebody, you can get 24-hour support from the company, from Microsoft. The VM with DDOS, you need to do one more time after you implement the DDOS protection plan. You need to check again for your application. Now you need to check your network. After you implement the DDOS protection plan. Here, it will show you anything under the DDOS attack. You will get the notice. After that, if you want, I will share the slide to let me out. Then if you go through the step by step, after that, you must delete all the resources. Because you only got $200 free per month, if you sign up at your free trial. If you go through this four steps, four demo, then you need to delete at the same date. Because then tomorrow, you can continue to use your $200. This is how the people using the azure for demo, or demo for their boss, or they use for some testing. Every time you must delete your resources, they will not continue to charge you about charging your application or HR server, everything. Aside of virtual machine, virtual machine you also must delete on that day after you finish to testing. If I say today, I write a program that I upload, the same day I delete it away, but does it want to touch me? Yes, all right. This is a tip for demo purpose. This is workable, so buy it. Yes, workable, because one of my friends tried the bot change in Azure, then they did the delay. After the whole day, after the whole day of testing the Azure bot change, then tomorrow, continue, you stay for $200. If you does not delay, tomorrow is zero. This azure video is different from the cloud? Yes. Because Azure, I'm not sure other security provider. Yes, because I'm from my after I graduated, I remember my final year project, I still use Azure. If you ask me other like AWS, I still got little knowledge for you, that other I don't know. How you configure depends on that. I use it some kind of virtual appliances of cloud fare, which you was adding in your VNet, or it is like you're specifying that your VNet route, whatever attacks comes to your VNet, first hit cloud fare, then from cloud fare, goes to your VNet. Depends on how you're configured. Depends on how you configure. We experienced a lot of things. Because I am the person who, last night I am a project executive, I also like to ask this one. Then for one day I did not get my manager permission, I tell the client, your way to write a code is very unsecure. Then they want to extend, extend a kind of information, ask us to rewrite a code. Then my manager asked me why you should tell, we almost want to close the project a bit. Then why we want to spend so much time on this one. This one was to them, they do, they do not follow, they don't follow. I think this one will happen again and again. For example, I guess, what I hear from their solution. I'll tell you so much. The solution, the most common problem that we'll do is, this is why the case happens again and again, even if you do not take any, just take this, what, just take this, just change the password. We'll not solve the problem, only solve the temporary problem. As your security center, I believe it's like a SAS base, correct? Or is it residing in my VNet? SAS. SAS. So that means I have to first open the port, open the connection in my firewall, so that the Azure security center can talk to my VNet. Yes, all right. So that's how all the traffic first for security center before it is fitting VNet. I still not try the Azure firewall yet, because I want more competitor than this one. This is my YouTube channel at Nimia, and I share a lot of Azure security info inside that connect.io. If you got time, you go through, because that one, I give you step by step. Okay, that's all for my presentation. If you got any questions, you can drop me an email or let me output. I will share the slide for you. Okay. Okay, thank you. That's all for today. Okay.