Category: Azure AD

Do’s and don’ts concerning security for Identity part 3

Continuing with the do’s of Identity and supposing that you have a Hybrid identity setup. This will translate to having Source of Authority (SoA) in your on-premises environment. We covered parts of user sync, what kind of solutions to use…

Continue Reading Do’s and don’ts concerning security for Identity part 3

ChromeOS Flex and my findings for the security

What is ChromeOS Flex? It’s always nice to discover new things in this multi-cloud and multi-OS world of yours. Google bough Neverware back in 2020 and now there has been some working versions of ChromeOS Flex which is based on…

Continue Reading ChromeOS Flex and my findings for the security

Do’s and don’ts concerning security for Identity part 2

Continuing with the do’s of Identity and supposing that you have a Hybrid identity setup. If you still need (haven’t convinced you otherwise) federation services in on-premises, use should use Defender for Identity sensors for ADFS What it needs? ADFS…

Continue Reading Do’s and don’ts concerning security for Identity part 2

Certificate-based authentication is generally available!

Microsoft announced today at Ignite 2022 that Certificate-Based Authentication is officially out of preview and ready to use! Why CBA was created? “In May of 2021, the President issued Executive Order 14028, Improving the Nation’s Cybersecurity calling for the Federal Government to modernize…

Continue Reading Certificate-based authentication is generally available!

Do’s and don’t concerning security for Identity part 1

In simplified terms there is two different ways to build a cloud service. Cloud-based or Cloud native Hybrid There is also different possibilities to federate Identities between Cloud service providers but also with Federation services through on-premises environment. Azure AD…

Continue Reading Do’s and don’t concerning security for Identity part 1

What’s new with Secure score in Microsoft Defender portal (and some other tips)

What is Secure score? Microsoft releases suggestions on security settings that should be turned on to enhance your security posture against external and internal threats. You’re given points for the following actions: Configuring recommended security features Doing security-related tasks Addressing…

Continue Reading What’s new with Secure score in Microsoft Defender portal (and some other tips)

How to use Azure Key Vault with managed identities and generating keys with auto-rotation

Data-planes First you have to understand the different URLs that you can use for different types of resources Resource type Key protection methods Data-plane endpoint base URL Vaults Software-protected and HSM-protected (with Premium SKU) https://{vault-name}.vault.azure.net Managed HSMs HSM-protected https://{hsm-name}.managedhsm.azure.net When…

Continue Reading How to use Azure Key Vault with managed identities and generating keys with auto-rotation

Microsoft managed Authentication Methods Policy (Preview)

What Microsoft Managed is? With Microsoft Managed Settings, admins can trust Microsoft to enable a security feature they have not explicitly disabled. If the feature status is set to Microsoft-managed, it will be enabled by Microsoft at an appropriate time…

Continue Reading Microsoft managed Authentication Methods Policy (Preview)

Automatic assignment policy in Entitlement management

If you are not familiar with Entitlement management, read this first. Microsoft keeps evolving Azure AD Entitlement management solution, here is a feature added previously. And there is again a new feature added, let us see what it is. Automatic…

Continue Reading Automatic assignment policy in Entitlement management