Select Page
:smile:

Azure Monitor: Audit your Azure and non-Azure SQL Server

Hi everyone, time passed since my last post. Hope you missed me Today I am going to cover an interesting aspect on how to capture security audit events from both Azure and non-Azure SQL Server machines. Most of you probably ... continue reading
Top 20 most visited blog posts for IT Pros in 2021

Top 20 most visited blog posts for IT Pros in 2021

From our first post on the 17th of September 2018, where Rick Claus introduced Microsoft's "Cloud Ops Advocate" team, we've published nearly 600 articles on this ITOps Talk blog! To end the year, we wanted to highlight some of our ... continue reading
Screenshot of Threat and Vulnerability Management

Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation

Microsoft’s unified threat intelligence team, comprising the Microsoft Threat Intelligence Center (MSTIC), Microsoft 365 Defender Threat Intelligence Team, RiskIQ, and the Microsoft Detection and Response Team (DART), among others, have been tracking threats taking advantage of CVE-2021-44228, a remote code ... continue reading
Diagram showing components of Qakbot campaigns as building blocks

A closer look at Qakbot’s latest building blocks (and how to knock them down)

Multiple Qakbot campaigns that are active at any given time prove that the decade-old malware continues to be many attackers’ tool of choice, a customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize ... continue reading
RobertLightner_0-1638800553642.png

Using Azure Bicep to Deploy SQL MI into an Existing Virtual Network

Recently, I was working with a customer who wanted to deploy SQL Managed Instance (MI) into an existing virtual network with Infrastructure as Code (IaC). Having some experience with Azure Resource Manager (ARM) templates, I decided to fulfill their request ... continue reading
Video 6 of the Azure VMware Solution Zero to Hero Series! FINAL VIDEO!

Video 6 of the Azure VMware Solution Zero to Hero Series! FINAL VIDEO!

The last video of the Azure VMware Solution (AVS) zero to hero video series releases today! In this video, Shabaz Darr (@ShabazDarr) and I cover third party integrations for Azure VMware Solution, finally taking you to hero in the sixth ... continue reading
Azure Security product name changes – Microsoft Ignite November 2021

Azure Security product name changes – Microsoft Ignite November 2021

Do you remember that on release in Feb 2010, Azure was known as Windows Azure? It took four years before it was renamed to Microsoft Azure, to more accurately reflect that it wasn’t just for Windows workloads. This November, some ... continue reading
Bastion 101 - Connections with Confidence

Bastion 101 – Connections with Confidence

Lately, I have been spending a lot of time working with Azure Virtual Machines (VMs) debugging some ways to deploy applications. Sometimes when troubleshooting a problem, it helps to have administrative access directly to the server. Finding solutions to avoid ... continue reading
Partner relationships page in the Microsoft 365 admin center.

How to investigate service provider trust chains in the cloud

In a recent Microsoft blog post, we documented technical guidance for organizations to protect themselves from the latest NOBELIUM activity that was found to target technology service providers, which are privileged in their downstream customer tenants, as a method to ... continue reading
Column chart showing number of notifications for 2019, 2020, and 2021

Iranian targeting of IT sector on the rise

Iranian threat actors are increasing attacks against IT services companies as a way to access their customers’ networks. This activity is notable because targeting third parties has the potential to exploit more sensitive organizations by taking advantage of trust and ... continue reading