Author: Harri Jaakkonen

Certificate-based authentication is generally available!

Microsoft announced today at Ignite 2022 that Certificate-Based Authentication is officially out of preview and ready to use! Why CBA was created? “In May of 2021, the President issued Executive Order 14028, Improving the Nation’s Cybersecurity calling for the Federal Government to modernize…

Continue Reading Certificate-based authentication is generally available!

Tips for studying and passing Microsoft Security exams – Updated (Ignite 2022) version

This an hyper-boosted revised version of my last guide for passing Microsoft exams so let’s get going. Ignite 2022 Ignite is starting tomorrow and guess what? You still have time to register you self! I believe most of you are…

Continue Reading Tips for studying and passing Microsoft Security exams – Updated (Ignite 2022) version

Conditional access and authentication strength (preview)

First I wanted to mention the link problems inside Azure Portals. For a while and for some people portal.azure.com didn’t show the Authentication strengths in their portal, this has now been fixed in normal Azure portal. Entra portal on the…

Continue Reading Conditional access and authentication strength (preview)

Azure firewall basic in public preview

Microsoft has released a new SKU for Azure Firewalls called Basic, it’s still in Preview, so keep that in mind. It is cheaper than Standard but has enough capabilities for most customers. See the full announcement here. And more information…

Continue Reading Azure firewall basic in public preview

Do’s and don’t concerning security for Identity part 1

In simplified terms there is two different ways to build a cloud service. Cloud-based or Cloud native Hybrid There is also different possibilities to federate Identities between Cloud service providers but also with Federation services through on-premises environment. Azure AD…

Continue Reading Do’s and don’t concerning security for Identity part 1

Defender for Cloud security alerts

The scenario You have a Windows server with a public IP-address and RDP (TCP 3389) is exposed to internet. And there is still over 3 million open TCP 3389 ports out there. Stupid right but if you are one of…

Continue Reading Defender for Cloud security alerts

Microsoft Defender SmartScreen in Windows 11 22H2

Have you noticed that there is a really handy security feature that came to Windows 11 in version 22H2 But It’s not enabled by default and it also requires you to log into Windows with your password instead of Windows…

Continue Reading Microsoft Defender SmartScreen in Windows 11 22H2

What’s new with Secure score in Microsoft Defender portal (and some other tips)

What is Secure score? Microsoft releases suggestions on security settings that should be turned on to enhance your security posture against external and internal threats. You’re given points for the following actions: Configuring recommended security features Doing security-related tasks Addressing…

Continue Reading What’s new with Secure score in Microsoft Defender portal (and some other tips)

How to use Azure Key Vault with managed identities and generating keys with auto-rotation

Data-planes First you have to understand the different URLs that you can use for different types of resources Resource type Key protection methods Data-plane endpoint base URL Vaults Software-protected and HSM-protected (with Premium SKU) https://{vault-name}.vault.azure.net Managed HSMs HSM-protected https://{hsm-name}.managedhsm.azure.net When…

Continue Reading How to use Azure Key Vault with managed identities and generating keys with auto-rotation

Microsoft Defender External Attack Surface Management (Defender EASM)

Defender family keep evolving and this time taking a look at Defender EASM. What is EASM? To give you an outside perspective of your online infrastructure, it continuously locates and maps your digital assault surface. With the use of this…

Continue Reading Microsoft Defender External Attack Surface Management (Defender EASM)