Another day of Cybersecurity
Microsoft Entra ID’s CFIR (Cloud Forensic and Incident Response) provides a solid blueprint for detecting, investigating, and responding to identity threats. However, mastering it requires the right tools and approach. That’s where PowerShell steps in.
In this post, we’ll explore … Read the rest
Microsoft Entra ID now offers QR code authentication to enhance security and streamline user access. This feature aligns seamlessly with the Microsoft identity platform. Frontline workers often share mobile devices and must sign in repeatedly to access store or field … Read the rest
Token protection creates secure cryptography between the token and the device it’s issued to, and without the client’s secret, the bound token is useless. When users register a Windows device and higher in Azure AD, their primary identity is bound … Read the rest
Token stealing is a severe threat in Office 365 and any cloud environment. Attackers use various technologies and tactics to steal tokens instead of passwords. With those stolen tokens, they will access critical resources and perform malicious activities in the … Read the rest
Many customers, people in the industry, and the community asked me about applying for a second or additional MFA to the Azure PIM role when there is an existing MFA. We all know the importance of sensitive admins / crucial … Read the rest
Identity governance in the cloud refers to managing and controlling user identities and their access to resources in a cloud computing environment. Cloud computing has become popular due to its scalability, flexibility, and cost-effectiveness. However, managing identities and access to
Can you monitor or prevent a reconnaissance or enumeration? Especially reconnaissance (recon) on the cloud? Mostly not, and it depends on the recon types. While recon for local (on-premises) resources can be challenging or more accessible (depends). The cloud recon … Read the rest
The Azure AD Incident Response methodology is a critical life-cycle, process, and tool that anyone using identities on Azure, Office 365, and third-party clouds can count on.
The Azure AD Incident Response explores how Azure AD investigates, manages, and responds … Read the rest
