Select Page
AccessWorkbook.png

Azure AD workbook to help you assess Solorigate risk

In the interest of helping customers concerned about the Solorigate attacks we are publishing a new workbook in the Azure AD admin portal to assist investigations into the Identity Indicators of Compromise related to the attacks. The information in this ... continue reading
Graph.png

Understanding “Solorigate”‘s Identity IOCs – for Identity Vendors and their customers.

Microsoft recently disclosed a set of complex techniques used by an advanced actor to execute attacks against several key customers. While we detected anomalies by analyzing requests from customer environments to the Microsoft 365 cloud, the attacks generalize to any ... continue reading

It’s Time to Hang Up on Phone Transports for Authentication

In my blog Your Pa$$word doesn't matter, I laid out the key password vulnerabilities, and in response to a gazillion “but other creds can be compromised, too” DMs and emails, I wrote All our creds are belong to us, where ... continue reading
DBada_0-1603483682309.png

Advancing Password Spray Attack Detection

Hey folks, In this blog, I am going to tell you about an amazing addition to our family of credential compromise detection capabilities – this one uses our machine learning technology and global signal to create incredibly accurate detection of ... continue reading

Biometrics – Keep Your Fingers Close

Here’s a common customer question, especially in manufacturing, government-to-citizen, and kiosk scenarios: “ I want a system where my user can walk up to any system, then scan a fingerprint (or look at a camera, or speak into a mic, ... continue reading
CAE Graphic 2.png

Moving towards real time policy and security enforcement

Hey folks, I would like to start by saying how amazed I am by the great work security and identity teams worldwide are doing to enable new work paradigms while enhancing security. Folks who were considering Zero Trust models are ... continue reading
Frequent questions about using Conditional Access to secure remote access

Frequent questions about using Conditional Access to secure remote access

Industry trends and changes in the way we work usually span years, with organizations evolving at their own pace. But we're living in unusual times. Organizations asking employees to work from home to slow the spread of COVID-19 are making ... continue reading
New tools to block legacy authentication in your organization

New tools to block legacy authentication in your organization

Hey folks, If you’re a regular reader of this blog series, you know we’ve been advocating for admins to enable multi-factor authentication (MFA) for a while. In one of my previous posts, Your Pa$$word doesn’t matter, I showed how vulnerable ... continue reading
Introducing security defaults

Introducing security defaults

Hey folks, In 2012, we started the Identity security and protection team for our consumer accounts (Microsoft accounts used for signing in to OneDrive, Skype, Xbox and such). We started out by doing two things – putting metrics in place ... continue reading
Zero Hype

Zero Hype

At Ignite, I had the privilege of presenting “Zero Hype” with my colleagues Nupur Goyal (@nupur_11) who leads our Product Marketing, and Yinon Costica (@c0stica) who directs program management for Azure Security Center, Microsoft Cloud App Security, and Azure ATP ... continue reading