Active Directory

What’s new in Microsoft Entra

Microsoft has recently introduced a range of new security tools and features for the Microsoft Entra product family, aimed at helping organizations to improve their security posture. With the ever-increasing sophistication of cyber-attacks and the increasing use of cloud-based services and the proliferation of mobile devices, it’s essential that organizations have effective tools in place …

What’s new in Microsoft Entra Continue Reading

Deploy secret-less Conditional Access policies with Microsoft Entra ID Workload Identity Federation

Background  Many customers face challenges in managing their Conditional Access (CA) policies. Over time, they accumulate more and more policies that are created ad-hoc to solve specific business scenarios, resulting in a loss of overview and increased troubleshooting efforts. Microsoft has provided guidance on how to structure your Conditional Access policies in a way that …

Deploy secret-less Conditional Access policies with Microsoft Entra ID Workload Identity Federation Continue Reading

Identifying Adversary-in-the-Middle (AiTM) Phishing Attacks through 3rd-Party Network Detection

Adversary-in-the-Middle (AiTM) phishing attacks represent an emerging and concerning trend, surpassing conventional phishing methods in their sophistication. These attacks possess the capability to maneuver around the security measures of multifactor authentication (MFA) by leveraging reverse-proxy functionality. One prominent actor, identified as DEV-1101 and tracked by Microsoft, stands responsible for the development, facilitation, and promotion of …

Identifying Adversary-in-the-Middle (AiTM) Phishing Attacks through 3rd-Party Network Detection Continue Reading

The Twelve Days of Blog-mas: No.4 – Sync Cloud Groups from AAD/Entra ID back to Active Directory

“Number four?” This is a helpful feature BUT it has the potential to make big (possibly massive) changes to your on-prem AD. Be sure you fully understand what the default options are AND what you have set in your environment.  It is entirely possible that all M365 Groups from your M365 tenant will be back-sync’d …

The Twelve Days of Blog-mas: No.4 – Sync Cloud Groups from AAD/Entra ID back to Active Directory Continue Reading

The Twelve Days of Blog-mas: No.3 – Windows Local Admin Password Solution (LAPS)

Buenos días and welcome to número tres in the holiday ’23 series.  This one is sure to please the crowd – it’s the NEW AND IMPROVED easy to setup/deploy/use solution for when IT Ops/Support needs a local admin ID and password to perform some management task(s) on a Windows endpoint.  As many people know, we …

The Twelve Days of Blog-mas: No.3 – Windows Local Admin Password Solution (LAPS) Continue Reading

Step-by-Step : Assign access packages automatically based on user properties in Microsoft Entra ID

Microsoft Entra ID Governance offers the capability to manage the access lifecycle of resources through access packages, which are organized into catalogs and define the resources available within them. Each access package includes at least one policy that outlines who can request access to it, the approval process, and access lifecycle settings such as assignment …

Step-by-Step : Assign access packages automatically based on user properties in Microsoft Entra ID Continue Reading

Active Directory Hardening Series – Part 2 – Removing SMBv1

Hi All!  Jerry Devore back again with another hardening Active Directory topic.  Before we jump into the technical stuff, I would like to briefly share some tips for structuring a protocol hardening project.  I picked up these suggestions from working with customers who have been successful in their protocol hardening efforts. Tip #1 – Collaborate …

Active Directory Hardening Series – Part 2 – Removing SMBv1 Continue Reading

Azure OpenAI Architecture Patterns and implementation steps

Introduction A comprehensive overview of the most frequently used and discussed architecture patterns among our customers in various domains. 1) AOAI with Azure Frontdoor for loadbalancing Architecture diagram: Key Highlights: If you set equal weights for all origins and a high latency sensitivity in Azure Front Door, it will consider all origins that have a …

Azure OpenAI Architecture Patterns and implementation steps Continue Reading

What’s new: Microsoft Sentinel Solution for Dynamics 365 Finance and Operations

Introduction Today we are announcing a new Microsoft Sentinel Solution for Dynamics 365 Finance and Operations in public preview. This is a premium solution focused on monitoring, detecting threats and responding to incidents in customer’s highly sensitive a business-critical ERP systems powered by Dynamics 365 Finance and Operations.  The solution monitors and protects your Dynamics 365 …

What’s new: Microsoft Sentinel Solution for Dynamics 365 Finance and Operations Continue Reading

Manage Access to Microsoft Sentinel Workbooks with Lower Scoped RBAC

Leveraging Microsoft Sentinel workbooks for reporting to leadership is a common use case. A common concern is granting recipients access to Microsoft Sentinel or all of the tables within the workspace. Using some different RBAC components, this can be done. Components: Table-level RBAC Resource-level RBAC How It Works: Table-level RBAC: Access to the data that is …

Manage Access to Microsoft Sentinel Workbooks with Lower Scoped RBAC Continue Reading