Category: Azure

Do’s and don’t concerning security for Identity part 1

In simplified terms there is two different ways to build a cloud service. Cloud-based or Cloud native Hybrid There is also different possibilities to federate Identities between Cloud service providers but also with Federation services through on-premises environment. Azure AD…

Continue Reading Do’s and don’t concerning security for Identity part 1

Defender for Cloud security alerts

The scenario You have a Windows server with a public IP-address and RDP (TCP 3389) is exposed to internet. And there is still over 3 million open TCP 3389 ports out there. Stupid right but if you are one of…

Continue Reading Defender for Cloud security alerts

Microsoft Defender SmartScreen in Windows 11 22H2

Have you noticed that there is a really handy security feature that came to Windows 11 in version 22H2 But It’s not enabled by default and it also requires you to log into Windows with your password instead of Windows…

Continue Reading Microsoft Defender SmartScreen in Windows 11 22H2

What’s new with Secure score in Microsoft Defender portal (and some other tips)

What is Secure score? Microsoft releases suggestions on security settings that should be turned on to enhance your security posture against external and internal threats. You’re given points for the following actions: Configuring recommended security features Doing security-related tasks Addressing…

Continue Reading What’s new with Secure score in Microsoft Defender portal (and some other tips)

How to use Azure Key Vault with managed identities and generating keys with auto-rotation

Data-planes First you have to understand the different URLs that you can use for different types of resources Resource type Key protection methods Data-plane endpoint base URL Vaults Software-protected and HSM-protected (with Premium SKU) https://{vault-name}.vault.azure.net Managed HSMs HSM-protected https://{hsm-name}.managedhsm.azure.net When…

Continue Reading How to use Azure Key Vault with managed identities and generating keys with auto-rotation

Microsoft Defender External Attack Surface Management (Defender EASM)

Defender family keep evolving and this time taking a look at Defender EASM. What is EASM? To give you an outside perspective of your online infrastructure, it continuously locates and maps your digital assault surface. With the use of this…

Continue Reading Microsoft Defender External Attack Surface Management (Defender EASM)

Microsoft managed Authentication Methods Policy (Preview)

What Microsoft Managed is? With Microsoft Managed Settings, admins can trust Microsoft to enable a security feature they have not explicitly disabled. If the feature status is set to Microsoft-managed, it will be enabled by Microsoft at an appropriate time…

Continue Reading Microsoft managed Authentication Methods Policy (Preview)

Azure MFA migration tool and how to setup MFA NPS extension

Well, this is nice. Microsoft has released a migration tool to get rid of your On-premises MFA server. Scenarios Moving the registered MFA phone numbers is only part of the migration from MFA Server to Azure AD Multi-Factor Authentication. The…

Continue Reading Azure MFA migration tool and how to setup MFA NPS extension

Automatic assignment policy in Entitlement management

If you are not familiar with Entitlement management, read this first. Microsoft keeps evolving Azure AD Entitlement management solution, here is a feature added previously. And there is again a new feature added, let us see what it is. Automatic…

Continue Reading Automatic assignment policy in Entitlement management