How To

The AI Study Guide

Welcome to the first of many AI Study Guides! Each month I’ll share with you the hottest AI topics and how you can stay on top of your industry skills. This month’s AI Study Guide is for all the data scientists and generative AI enthusiasts out there – and for anyone that wants to learn …

The AI Study Guide Continue Reading

Deploy secret-less Conditional Access policies with Microsoft Entra ID Workload Identity Federation

Background  Many customers face challenges in managing their Conditional Access (CA) policies. Over time, they accumulate more and more policies that are created ad-hoc to solve specific business scenarios, resulting in a loss of overview and increased troubleshooting efforts. Microsoft has provided guidance on how to structure your Conditional Access policies in a way that …

Deploy secret-less Conditional Access policies with Microsoft Entra ID Workload Identity Federation Continue Reading

Identifying Adversary-in-the-Middle (AiTM) Phishing Attacks through 3rd-Party Network Detection

Adversary-in-the-Middle (AiTM) phishing attacks represent an emerging and concerning trend, surpassing conventional phishing methods in their sophistication. These attacks possess the capability to maneuver around the security measures of multifactor authentication (MFA) by leveraging reverse-proxy functionality. One prominent actor, identified as DEV-1101 and tracked by Microsoft, stands responsible for the development, facilitation, and promotion of …

Identifying Adversary-in-the-Middle (AiTM) Phishing Attacks through 3rd-Party Network Detection Continue Reading

Using PowerShell and Twilio API for Efficient Communication in Contact Tracing

Piyush Tripathi The COVID-19 pandemic has underscored the importance of rapid and reliable communication technology. One vital application is in contact tracing efforts, where prompt notifications can make a significant difference. This guide focuses on utilizing PowerShell in conjunction with the Twilio API to establish an automated SMS notification system, an essential communication tool for …

Using PowerShell and Twilio API for Efficient Communication in Contact Tracing Continue Reading

Defender for cloud’s Agentless secret scanning for virtual machines is now generally available!

Cloud cybersecurity is of paramount importance in today’s digital landscape, as organizations increasingly rely on cloud services to store and manage sensitive data, applications, and infrastructure. Attacks on cloud infrastructure pose severe risks to organizations such as data theft, ransomware attacks, crypto mining attacks, and service disruption. During a cyber-attack, after gaining initial access to …

Defender for cloud’s Agentless secret scanning for virtual machines is now generally available! Continue Reading

Step-by-Step : Assign access packages automatically based on user properties in Microsoft Entra ID

Microsoft Entra ID Governance offers the capability to manage the access lifecycle of resources through access packages, which are organized into catalogs and define the resources available within them. Each access package includes at least one policy that outlines who can request access to it, the approval process, and access lifecycle settings such as assignment …

Step-by-Step : Assign access packages automatically based on user properties in Microsoft Entra ID Continue Reading

Elevating Cybersecurity Intelligence with Microsoft Sentinel’s Enrichment Widgets

At Microsoft, we are continually advancing our tools to empower users in making data-driven and informed decisions. Our latest advancement in Microsoft Sentinel is the introduction of Enrichment Widgets. Widgets provide critical enrichment data, delivering key insights often encapsulated in just a few lines of text, which is pivotal in the realm of cybersecurity. What …

Elevating Cybersecurity Intelligence with Microsoft Sentinel’s Enrichment Widgets Continue Reading

Active Directory Hardening Series – Part 2 – Removing SMBv1

Hi All!  Jerry Devore back again with another hardening Active Directory topic.  Before we jump into the technical stuff, I would like to briefly share some tips for structuring a protocol hardening project.  I picked up these suggestions from working with customers who have been successful in their protocol hardening efforts. Tip #1 – Collaborate …

Active Directory Hardening Series – Part 2 – Removing SMBv1 Continue Reading