Category: Defender

Azure AD Access reviews and the power of Machine learning

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 11/12/2022 0 Comments on Azure AD Access reviews and the power of Machine learning
Posted in Access Reviews, Azure, Azure AD, Defender, Entra, IAM, Identity, Security

The above pic is AI based illustration for Access reviews and AI, it sure looks like it. It uses the same theme than many others but still it’s unique. AI has been in the news after OpenAI has created some…

Continue Reading Azure AD Access reviews and the power of Machine learning

SQL Server 2022 and Azure ARC with Azure subscription model

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 28/11/2022 0 Comments on SQL Server 2022 and Azure ARC with Azure subscription model
Posted in Azure, Azure AD, Azure ARC, Compliance, Defender, IAM, Identity, Identity Platform, Microsoft Purview, On-premises, Powershell, Security, SQL

SQL 2022 has arrived and in this post I will try out the new setup that should have Azure ARC install embedded. Why to use Azure ARC with SQL 2022? One reason could be security, you will get these features…

Continue Reading SQL Server 2022 and Azure ARC with Azure subscription model

Do’s and don’ts concerning security for Identity part 7

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 20/11/2022 0 Comments on Do’s and don’ts concerning security for Identity part 7
Posted in Authentication methods, Azure, Conditional access, Defender, Identity, Identity Platform, Microsoft Graph, Security

Once again, more best practices for Identity. In the last part I covered how we can protect your applications from leaking content. Keep your Identities secure and how to keep using MFA after on-premises MFA Server will not work anymore….

Continue Reading Do’s and don’ts concerning security for Identity part 7

Microsoft Defender for Office 365 Detection Details Report

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 14/11/2022 0 Comments on Microsoft Defender for Office 365 Detection Details Report
Posted in Azure, Defender, Identity, Microsoft Sentinel, Power BI, Security

If you want to learn more on from your email security, you could use this template to get and holistic view of what’s going on inside your environment. See here the announcement of the report. Why it matters? You have…

Continue Reading Microsoft Defender for Office 365 Detection Details Report

Do’s and don’ts concerning security for Identity part 2

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 15/10/2022 0 Comments on Do’s and don’ts concerning security for Identity part 2
Posted in AAD Connect, Active Directory, Azure, Azure AD, Defender, Hybrid, Identity, Security

Continuing with the do’s of Identity and supposing that you have a Hybrid identity setup. If you still need (haven’t convinced you otherwise) federation services in on-premises, use should use Defender for Identity sensors for ADFS What it needs? ADFS…

Continue Reading Do’s and don’ts concerning security for Identity part 2

Defender for Cloud security alerts

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 30/09/2022 0 Comments on Defender for Cloud security alerts
Posted in Azure, Defender, Hybrid, Identity, KQL, Security

The scenario You have a Windows server with a public IP-address and RDP (TCP 3389) is exposed to internet. And there is still over 3 million open TCP 3389 ports out there. Stupid right but if you are one of…

Continue Reading Defender for Cloud security alerts

Microsoft Defender SmartScreen in Windows 11 22H2

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 27/09/2022 0 Comments on Microsoft Defender SmartScreen in Windows 11 22H2
Posted in Azure, Defender, Microsoft 365, Powershell, Security

Have you noticed that there is a really handy security feature that came to Windows 11 in version 22H2 But It’s not enabled by default and it also requires you to log into Windows with your password instead of Windows…

Continue Reading Microsoft Defender SmartScreen in Windows 11 22H2

Microsoft Defender External Attack Surface Management (Defender EASM)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 12/09/2022 0 Comments on Microsoft Defender External Attack Surface Management (Defender EASM)
Posted in Azure, Defender, Security

Defender family keep evolving and this time taking a look at Defender EASM. What is EASM? To give you an outside perspective of your online infrastructure, it continuously locates and maps your digital assault surface. With the use of this…

Continue Reading Microsoft Defender External Attack Surface Management (Defender EASM)

Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 31/08/2022 0 Comments on Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services
Posted in Azure, Defender, Key vault, Security, SQL, Zero trust

Time for the next section to my SC-100 study guide: Specify security baselines for SaaS, PaaS, and IaaS services Specify security requirements for IoT workloads Specify security requirements for data workloads, including SQL, Azure SQL Database, Azure Synapse and Azure…

Continue Reading Section 6 – Design security for infrastructure – Design a strategy for securing SaaS, PaaS, and IaaS services

Microsoft Defender for Cloud Apps in Microsoft 365 Defender (Preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 08/08/2022 0 Comments on Microsoft Defender for Cloud Apps in Microsoft 365 Defender (Preview)
Posted in Azure, Defender, Identity, Security

Microsoft is all the time consolidating their various different portals, they already removed multiple portals during recent years. Here is a full list of the current ones, sigh! Turn on Preview features Required permissions Accounts assigned the following Azure Active…

Continue Reading Microsoft Defender for Cloud Apps in Microsoft 365 Defender (Preview)