Category: Defender

Section 13 – Secure data and applications – Configure security for storage

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 15/05/2022 0 Comments on Section 13 – Secure data and applications – Configure security for storage
Posted in Azure, Defender, Hybrid, Identity, Onpremise, Security, Storage

Configure access control for storage accounts Configure storage account access keys Configure Azure AD authentication for Azure Storage and Azure Files Different Storage Accounts types The Azure Storage platform includes the following data services: Azure Blobs A massively scalable object…

Continue Reading Section 13 – Secure data and applications – Configure security for storage

Section 10 – Manage security operations – Configure and manage threat protection

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 04/05/2022 0 Comments on Section 10 – Manage security operations – Configure and manage threat protection
Posted in Azure, Defender, Identity, Security

And time for next section for my AZ-500 study guide, continuing with the following. Configure Azure Defender for Servers (not including Microsoft Defender for Endpoint) Evaluate vulnerability scans from Azure Defender Configure Azure Defender for Servers What is inside Defender…

Continue Reading Section 10 – Manage security operations – Configure and manage threat protection

2022 H1 Cumulative Updates for Exchange Server

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 21/04/2022 0 Comments on 2022 H1 Cumulative Updates for Exchange Server
Posted in AAD Connect, Active Directory, Azure, Azure AD, Defender, Exchange, Identity, Microsoft 365, Migrate, Office 365, Onpremise, Powershell, Security

What was released? With 2022 H1 there came some significant update to how You manage and license your Exchange-servers in a Hybrid setup. Exchange Management Tools Update You don’t anymore need Exchange Server for management purposes (Management Hybrid) you can…

Continue Reading 2022 H1 Cumulative Updates for Exchange Server

Azure storage accounts and how to secure them?

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 10/01/2022 0 Comments on Azure storage accounts and how to secure them?
Posted in Azure, Azure AD, Defender, IAM, Identity, Security, Storage

In the last part I explained what storage accounts are and how you can access them. In this part I will explain how to protect them from insider or external risks. Defender for storage Azure storage accounts are billed hourly….

Continue Reading Azure storage accounts and how to secure them?

Insider risk management, what, why and how

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 13/12/2021 0 Comments on Insider risk management, what, why and how
Posted in Azure, Azure AD, Compliance, Defender

What is Insider risk management Insider risk management is a solutions for example to prevent leavers to take precious company data with them when to go. But there is also options to lower the risk for users, example anonymizing usernames….

Continue Reading Insider risk management, what, why and how

Defender for Identity deep dive part 1 of 3

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 29/09/2021 0 Comments on Defender for Identity deep dive part 1 of 3
Posted in Azure, Defender, Identity, Onpremise, Security

I decided to do a deep dive on Defender for Identity and this is part 1 of that series. What is (was) Defender for Identity? Defender ATP was before called Azure Advanced Threat Protection (Azure ATP) and Defender for Identity…

Continue Reading Defender for Identity deep dive part 1 of 3

Azure MFA Extensions and Network Policy Server

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 27/09/2021 0 Comments on Azure MFA Extensions and Network Policy Server
Posted in AAD Connect, Active Directory, Azure, Azure AD, Defender, Hybrid, Identity, Onpremise, Security

Half legacy but half cloud. Many organizations use NPS for securing their wlan and lan traffic or just to authenticate user based on their location inside AD or group memberships. NPS is Microsoft radius-based access management solutions that has been…

Continue Reading Azure MFA Extensions and Network Policy Server

Autodiscover redirect leakage

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 23/09/2021 0 Comments on Autodiscover redirect leakage
Posted in Azure, Defender, Exchange, Identity, Onpremise

** This doesn’t concern Exchange Online in any way, only on-premise versions ** Today Guaricore lab team discovered on-premises Exchange autodiscover vulnerability. I want to call my blog post “Autodiscovering the Great Leak” but that seems like too much as…

Continue Reading Autodiscover redirect leakage

How integrate Azure defender with Azure ARC to multiple environments

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 23/09/2021 0 Comments on How integrate Azure defender with Azure ARC to multiple environments
Posted in Azure, Azure ARC, Defender, Hybrid, Onpremise

So what is Azure ARC? Azure ARC was first introduced at Ignite 2019. Azure ARC enables you to manage servers in different realms no matter in what AD it is. It will allow you to use Azure Resource Manager templates though…

Continue Reading How integrate Azure defender with Azure ARC to multiple environments

Office 365 ORCA and Configuration analyzer

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 20/09/2021 0 Comments on Office 365 ORCA and Configuration analyzer
Posted in Azure, Compliance, Defender, Identity, Microsoft 365, Security

I don’t how many of you ever used ORCA or Configuration analyzer? I have missed ORCA (Office 365 Advanced Threat Protection Recommended Configuration Analyzer) completely. I can see that it was introduced at Ignite 2019 but somehow I missed it….

Continue Reading Office 365 ORCA and Configuration analyzer