Secure authentication method provisioning with Temporary Access Pass
Howdy folks, I’m happy to announce the general availability of Temporary Access Pass (TAP). We’ve made a lot of progress since we announced the public preview of TAP. “…We use the MS Authenticator for passwordless sign in. That is the ... continue reading
Detecting malicious key extractions by compromised identities for Azure Cosmos DB
Azure Cosmos DB is a fully managed NoSQL cloud database service for modern app development. It offers a variety of advanced built-in features, such as automatic worldwide data replication, lightning-fast response types, and a variety of APIs. In this blog ... continue reading
Learn Microsoft Azure for system administrators & solution architects with Azure Skills Navigator
If you’re wanting to learn the foundations of Microsoft Azure (including cloud computing concepts, Azure’s structure, and its product range), you might start out with training materials like the Azure Fundamental learning paths on Microsoft Learn. These will also give ... continue reading

The many lives of BlackCat ransomware
The BlackCat ransomware, also known as ALPHV, is a prevalent threat and a prime example of the growing ransomware-as-a-service (RaaS) gig economy. It’s noteworthy due to its unconventional programming language (Rust), multiple target devices and possible entry points, and affiliation ... continue reading
SCOM MP for M365 – V3 CTP
We are back with the latest version (in CTP) of M365 MP and have very exciting changes to talk about. With this update, Users can now opt between their choice of MP Authentication i.e., Application (which is available currently), Delegated ... continue reading
A Light Overview of Microsoft Security Products
Hi, Alan here today to lightly cover something I have been asked by customers in regard to Microsoft’s security products....and that is “what defender products does Microsoft have and what are they used for?”. Well, it’s a good question, so ... continue reading
Virtual desktop infrastructure security best practices
It’s no longer a matter of organizations deciding whether to embrace remote and hybrid work but finding the best way to do so. A recent study showed most employees are happier having the option to work from home, and 80 ... continue reading

Exposing POLONIUM activity and infrastructure targeting Israeli organizations
Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM. The associated indicators and tactics were used by the OneDrive team to improve detection of attack ... continue reading

Secure access for a connected world—meet Microsoft Entra
What could the world achieve if we had trust in every digital experience and interaction? This question has inspired us to think differently about identity and access, and today, we’re announcing our expanded vision for how we will help provide ... continue reading
To AAD Join or Not … That is the Question
As we all know, the cloud paradigm shifts in IT continue. When I worked in corporate IT - heck, when I started blogging out here - on-prem was really all there was. Active Directory, GPOs and WINS were all the ... continue reading