Select Page

Agent recommendations for SCOM users

A SCOM user can currently use SCOM agent or Log Analytics agent (aka MMA) to monitor Virtual machines & send data to SCOM servers and optionally, send the data to Azure Log Analytics workspace. However, Microsoft has notified all Log ... continue reading

Protect SQL Server 2014 workloads with Azure flexibility

SQL Server has brought reliability and security to mission-critical workloads for 30 years. SQL Server 2022, released November 2022, delivers performance enhancements as well as Azure connectivity for disaster recovery, analytics, and governance. Now customers like Mediterranean Shipping Company (MSC) ... continue reading

Azure Firewall Tips from the Field

Introduction  Hi folks! My name is Felipe Binotto, Cloud Solution Architect, based in Australia.  In this post, I will provide some tips and clarifications about Azure Firewall based on my experience from the field.    Topics  The following are the ... continue reading

Active Directory Hardening Series – Part 1 – Disabling NTLMv1

Active Directory Hardening Series - Part 1 – Disabling NTLMv1   Hello everyone, Jerry Devore back again after to along break from blogging to talk about Active Directory hardening.  In my role at Microsoft, I have found every organization has ... continue reading
Microsoft Entra Internet Access: An Identity-Centric Secure Web Gateway Solution

Microsoft Entra Internet Access: An Identity-Centric Secure Web Gateway Solution

In our previous blog, we introduced Microsoft’s identity-centric security service edge (SSE) solution and two new services: Microsoft Entra Private Access and Microsoft Entra Internet Access. This blog continues the series around Microsoft’s new SSE solution, where we’ll take a ... continue reading
How Tenant Restrictions v2 Can be Used to Prevent Data Exfiltration

How Tenant Restrictions v2 Can be Used to Prevent Data Exfiltration

In a previous blog, we introduced Continuous Access Evaluation (CAE) - a product that brings Zero Trust principles to session management. Today we would like to discuss securing cross-tenant access with a focus on preventing data exfiltration.  It’s impossible to imagine ... continue reading
Diagram showing the Storm-0324 attack chain from the delivery of phishing email to the deployment of the JSSLoader DLL, after which access is handed off to Sangria Tempest

Malware distributor Storm-0324 facilitates ransomware access

The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ... continue reading

AKS Egress Traffic demystified

AKS Egress Traffic with Load Balancer, NAT Gateway, and User Defined Route   Introduction Welcome to this lab where we will explore the different outbound types in Azure Kubernetes Service (AKS). Outbound traffic refers to the network traffic that originates ... continue reading
Threat matrix with updated techniques included in reconnaissance, initial access, persistence, defense evasion, credential access, discovery, lateral movement, and exfiltration stages.

Cloud storage security: What’s new in the threat matrix

Today, we announce the release of a second version of the threat matrix for storage services, a structured tool that assists in identifying and analyzing potential security threats on data stored in cloud storage services. The matrix, first released in ... continue reading
Watch Cloud Cultures: United Kingdom

Cloud Cultures, Part 3: The pursuit of excellence in the United Kingdom

The swift progression of technological innovation is truly captivating. However, for me, what holds an even greater fascination is the intricate interplay of people, narratives, and life encounters that shape how technology is used every day. The outcomes of cloud ... continue reading