Austin Sabel

My feedback

  1. 61 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Key Vault » Certificates  ·  Flag idea as inappropriate…  ·  Admin →
    Austin Sabel supported this idea  · 
  2. 251 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    30 comments  ·  Azure Active Directory » End user experiences  ·  Flag idea as inappropriate…  ·  Admin →
    Austin Sabel supported this idea  · 
  3. 15 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Azure Monitor » Other  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote & comment on. This allows us to effectively prioritize your request against our existing feature backlog and also gives us insight into the potential impact of implementing the suggested feature.

    An error occurred while saving the comment
    Austin Sabel commented  · 

    This is critically important as it leads to a constant stream of erronous threat alerts in azure security center every time there is an update to one of the many VM extension provided by Microsoft.

    The other alternative would be for Microsoft to actually digitally sign their extension executables using their Microsoft publisher certificate, so that it can match a more generic publisher based exception rule.

    Austin Sabel supported this idea  · 
  4. 135 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Networking » Bastion  ·  Flag idea as inappropriate…  ·  Admin →

    Thanks for the valid suggestion. Your feedback is now open for the user community to upvote which allows us to effectively prioritize your request against our existing feature list and also gives us insight into the potential impact of implementing the suggested feature

    An error occurred while saving the comment
    Austin Sabel commented  · 

    Strongly agree with this. The concern with this is if you intend to use Azure Bastion in an environment with compliance concerns like (PCI, HIPPA, SOC, etc) even when the target VM has group policies applied that restrict copy and paste over RDP, it appears the Bastion functionality supersedes this.

    This could easily be exploited for data ex-filtration including binary files with little effort, as evidenced by the following powershell example run inside a bastion session:

    "super secret data" | Set-Content -Path "test.txt"
    [Convert]::ToBase64String([IO.File]::ReadAllBytes("test.txt")) | clip

    Then simply decoding it back on your local system:

    [IO.File]::WriteAllBytes("test.txt", [Convert]::FromBase64String((Get-Clipboard -Raw).toString()))

    Austin Sabel supported this idea  · 
  5. 138 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    12 comments  ·  Virtual Machines  ·  Flag idea as inappropriate…  ·  Admin →
    Austin Sabel supported this idea  · 
  6. 1,094 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    54 comments  ·  Networking » Application Gateway  ·  Flag idea as inappropriate…  ·  Admin →
    Austin Sabel supported this idea  · 
  7. 6,217 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    246 comments  ·  Storage » Files  ·  Flag idea as inappropriate…  ·  Admin →
    Austin Sabel supported this idea  · 

Feedback and Knowledge Base