Recent Posts

External authentication method (EAM) in Entra

Supported providers Microsoft announced at RSA Conference 2024 integration with these identity providers as launch partners: DUO Duo MFA, also known as Cisco Duo Multi-Factor Authentication, is a cloud-based security solution that adds an extra layer of verification to the…

Continue Reading External authentication method (EAM) in Entra

Multi-tenant management in Microsoft Defender

Struggling to keep up with security across multiple organizations? Multi-tenant management in Microsoft Defender XDR streamlines your workflow, giving you a single pane of glass for all your tenants. This translates to faster threat detection, improved response times, and a…

Continue Reading Multi-tenant management in Microsoft Defender

Section 17 – Implement and manage privacy requirements by using Microsoft Priva

Configure and maintain privacy risk management If you don’t Privacy Risk Management, you can enable the trial from the overview page Then add permission you need Role group Description Roles Privacy Management This role group contains all the Priva permission…

Continue Reading Section 17 – Implement and manage privacy requirements by using Microsoft Priva

Section 16 – Implement and manage Microsoft Purview Information Barriers (IBs)

Plan for IBs This table summarizes the features where Information Barriers (IB) policies can restrict communication and collaboration within your organization. Feature Microsoft Teams SharePoint & OneDrive Exchange Online Communication Yes No No Searching for users Yes No No Chat…

Continue Reading Section 16 – Implement and manage Microsoft Purview Information Barriers (IBs)

Section 14 – Implement and manage Microsoft Purview Communication Compliance

Plan for communication compliance This tool helps you identify and address potential risks before they become problems. It can detect inappropriate messages like harassment or threats, as well as leaks of sensitive information across various communication channels, including email, Microsoft…

Continue Reading Section 14 – Implement and manage Microsoft Purview Communication Compliance

Deep Dive into Conditional Access Policies part 1

Entra ID Conditional Access Policy Evaluation: A Breakdown Phase Description Applies To 1: Signal Collection Gathers information about the user’s access attempt.Examples: Network location (IP address), device identity (type, OS version). Applies to all enabled Conditional Access policies, including those…

Continue Reading Deep Dive into Conditional Access Policies part 1

Section 15 – Implement and manage Microsoft Purview Insider Risk Management

Plan for insider risk management Insider Risk Management Roles Role Description Microsoft Entra ID Global Administrator – Has full control over all Microsoft Entra and Microsoft Purview features, including Insider Risk Management. Microsoft Entra ID Compliance Administrator – Can manage…

Continue Reading Section 15 – Implement and manage Microsoft Purview Insider Risk Management

This is why I think you should join CCPs 💯

Imagine a giant security geek party… but way cooler! That’s kind of what the CCPs are like. Instead of just listening to someone lecture at a conference, you get to chat directly with Microsoft engineers and other security pros. It’s…

Continue Reading This is why I think you should join CCPs 💯

Graph activity logs is now generally available

What you do with it? Privileges To access the Microsoft Graph activity logs, you need the following privileges. What information is available? Column Type Description AadTenantId string The Azure AD tenant ID. ApiVersion string The API version of the event….

Continue Reading Graph activity logs is now generally available

Defender for Office 365 and QR-code phishing

There is no way to tell with an human eye what those QR codes are, even in the picture above, there are two than can be read with your phone and no they are not malicious, try it for yourself….

Continue Reading Defender for Office 365 and QR-code phishing