Recent Posts

Proactive migration of legacy MFA and SSPR policy settings to Authentication methods

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 01/06/2023 0 Comments on Proactive migration of legacy MFA and SSPR policy settings to Authentication methods
Posted in Authentication methods, Azure, Azure AD, Identity, Security

Why to? For now policy settings can be moved at your own pace but the procedure is completely reversible. While you specifically specify authentication methods for users and groups in the Authentication methods policy, you can continue to employ tenant-wide…

Continue Reading Proactive migration of legacy MFA and SSPR policy settings to Authentication methods

Cross-tenant synchronization is now Generally available

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 31/05/2023 0 Comments on Cross-tenant synchronization is now Generally available
Posted in Azure, Azure AD, Entra, IAM, Identity, Identity Platform, Security

Microsoft’s Cross-tenant features When it comes to the cross-tenant access features, Microsoft has a strong road plan so far. There won’t be any more external users or jumping between Teams tenants when you require access to various tenants, which we…

Continue Reading Cross-tenant synchronization is now Generally available

Section 12 – Mitigate threats using Microsoft Sentinel – Perform data classification and normalization

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 28/05/2023 0 Comments on Section 12 – Mitigate threats using Microsoft Sentinel – Perform data classification and normalization
Posted in Azure, Azure Firewall, GitHub, KQL, Microsoft Sentinel, SC-200, Study guide

12th section starting with more Sentinel. This time we are classifying Entities, creating custom log in Log Analytics and parsing the content. So let’s do some designs and configurations. Classify and analyze data by using entities You can do the…

Continue Reading Section 12 – Mitigate threats using Microsoft Sentinel – Perform data classification and normalization

Microsoft Entra External ID’s (Preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 25/05/2023 0 Comments on Microsoft Entra External ID’s (Preview)
Posted in Azure, Azure AD, IAM, Identity, Identity Platform, Security

Or Azure AD for customers, yes Azure AD for customers. That’s the name of the game. Microsoft released this excellent feature at Build yesterday and I wanted to elaborate it a bit more. Why to use it? Azure AD makes…

Continue Reading Microsoft Entra External ID’s (Preview)

Section 11 – Mitigate threats using Microsoft Sentinel – Manage Microsoft Sentinel analytics rules

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 21/05/2023 0 Comments on Section 11 – Mitigate threats using Microsoft Sentinel – Manage Microsoft Sentinel analytics rules
Posted in Azure, Microsoft Sentinel, SC-200, Security, Study guide

11th section starting with more and more Sentinel. Already in this series we saw that how the different pieces are connected and helping you SOC teams to proactively work on threats. So let’s do some designs and configurations. Design and…

Continue Reading Section 11 – Mitigate threats using Microsoft Sentinel – Manage Microsoft Sentinel analytics rules

Section 10 – Mitigate threats using Microsoft Sentinel – Plan and implement the use of data connectors for ingestion of data sources

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 07/05/2023 0 Comments on Section 10 – Mitigate threats using Microsoft Sentinel – Plan and implement the use of data connectors for ingestion of data sources
Posted in Azure, Azure ARC, Azure Policy, Defender, Identity, Microsoft Sentinel, SC-200, Security, Study guide

And in this 10th section on my SC-200 study guide we will go through the following topics. Identify data sources to be ingested for Microsoft Sentinel On August 31, 2024, the Log Analytics agent is deprecated. You should begin preparing…

Continue Reading Section 10 – Mitigate threats using Microsoft Sentinel – Plan and implement the use of data connectors for ingestion of data sources

Section 9 – Mitigate threats using Microsoft Sentinel – Design and configure a Microsoft Sentinel workspace

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 30/04/2023 0 Comments on Section 9 – Mitigate threats using Microsoft Sentinel – Design and configure a Microsoft Sentinel workspace
Posted in Azure, Defender, SC-200, Security, Study guide

We are already at the 9th section on my study guide and this time we will start with Sentinel. First I want to point the Ninja training that Ofer Shezaf’s and him team has made for you. It was updated…

Continue Reading Section 9 – Mitigate threats using Microsoft Sentinel – Design and configure a Microsoft Sentinel workspace

Azure AD Application proxy and some previews

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 26/04/2023 0 Comments on Azure AD Application proxy and some previews
Posted in Application Proxy, Authentication methods, Azure, Azure AD, Entra, Hybrid, Identity, Identity Platform, On-premises, Security

Azure AD Application proxy is an essential tool for providing access to your on-premises applications. In the past you could use it as a reverse proxy to internal Web-based (accessible with browser) applications and you could define One URI per…

Continue Reading Azure AD Application proxy and some previews

Section 8.2 – Mitigate threats using Microsoft Defender for Cloud – Configure and respond to alerts and incidents in Microsoft Defender for Cloud

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 23/04/2023 0 Comments on Section 8.2 – Mitigate threats using Microsoft Defender for Cloud – Configure and respond to alerts and incidents in Microsoft Defender for Cloud
Posted in Azure, Defender, Identity, SC-200, Security, Study guide

And this is the second part of 8th section on my study guide and today we are looking at recommendations and the alerts and incidents it will create. Again by apologies to all that had to wait as I cut…

Continue Reading Section 8.2 – Mitigate threats using Microsoft Defender for Cloud – Configure and respond to alerts and incidents in Microsoft Defender for Cloud

Section 8.1 – Mitigate threats using Microsoft Defender for Cloud – Configure and respond to alerts and incidents in Microsoft Defender for Cloud

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 16/04/2023 0 Comments on Section 8.1 – Mitigate threats using Microsoft Defender for Cloud – Configure and respond to alerts and incidents in Microsoft Defender for Cloud
Posted in Azure, Defender, SC-200, Security, Study guide

Already in the 8th section on my study guide and today we are looking alerts, automation workflows and remediations. And because this is an huge section to cover, I will cut it in two different posts, my apologies for the…

Continue Reading Section 8.1 – Mitigate threats using Microsoft Defender for Cloud – Configure and respond to alerts and incidents in Microsoft Defender for Cloud