Austin Sabel
My feedback
-
61 votes
Austin Sabel supported this idea ·
-
251 votes
Austin Sabel supported this idea ·
-
15 votes
Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.
An error occurred while saving the comment Austin Sabel supported this idea ·
-
135 votes
Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature
An error occurred while saving the comment Austin Sabel commented
Strongly agree with this. The concern with this is if you intend to use Azure Bastion in an environment with compliance concerns like (PCI, HIPPA, SOC, etc) even when the target VM has group policies applied that restrict copy and paste over RDP, it appears the Bastion functionality supersedes this.
This could easily be exploited for data ex-filtration including binary files with little effort, as evidenced by the following powershell example run inside a bastion session:
"super secret data" | Set-Content -Path "test.txt"
[Convert]::ToBase64String([IO.File]::ReadAllBytes("test.txt")) | clipThen simply decoding it back on your local system:
[IO.File]::WriteAllBytes("test.txt", [Convert]::FromBase64String((Get-Clipboard -Raw).toString()))
Austin Sabel supported this idea ·
-
138 votes
Valid suggestion open for upvote
Austin Sabel supported this idea ·
-
1,094 votes
Wildcard host names in listeners for Application Gateway v2 is currently in public preview! You can configure host names with wildcard characters (* and ?) and up to 5 host names per listener with comma separated values.
We’d love for you to try it out and provide your valuable feedback. Learn more here – https://aka.ms/wildcardlistenerpreview
Austin Sabel supported this idea ·
-
6,217 votes
Thank you for the strong feedback on this request. We will share our plans for this in the coming weeks. Thank you for your patience!
Austin Sabel supported this idea ·
This is critically important as it leads to a constant stream of erronous threat alerts in azure security center every time there is an update to one of the many VM extension provided by Microsoft.
The other alternative would be for Microsoft to actually digitally sign their extension executables using their Microsoft publisher certificate, so that it can match a more generic publisher based exception rule.