Welcome to my blog!

This blog is about Microsoft Security and cybersecurity in general.
All writings are human operated, un-copiloted and opinions are that of my own.
If the author should hallucinate, contact him via LinkedIn or let him know in the comments.

  • No more SMTP with Basic Authentication for you! Can I get you OAuth instead?

    Microsoft has set a date for deprecating basic authentication for client submissions (SMTP AUTH) in Exchange Online. That date is September 2025. In this blog post I will guide through what you need to know and what you need to do to avoid service interruption or downtime. Let’s start! Disclaimer: This article only applies to…

    Read more…

  • Restrict personal access token usage in Azure DevOps

    There’s two takeaways in this blog post and I’m going to give them away right here in the beginning. According to Azure DevOps documentation all token data like SSH keys and personal access tokens (PATs) are stored in US region. No matter where your DevOps organization resides. You should be aware of this especially if…

    Read more…

  • Zero Trust alert: Secure your Azure resource access using constrained delegation

    Did you know that you can now delegate Azure RBAC assignments to ease your own burden as administrator? There has always been a possibility to assign Owner or User Access Administrator role, but what if you wanted to delegate the assignment process to someone without them being able to delegate it further or being able…

    Read more…

  • Reading recommendation: The Lazarus Heist by Geoff White

    I’m fascinated by real-world events more than fictional stories. So, I chose to read about North Korean cyberattacks by investigative journalist Geoff White. The book proved to be a lot better then I anticipated! And I did anticipate it to be really good! I did not have too much knowledge about North Korea in general,…

    Read more…

  • Maester 101 – a Microsoft security test automation framework

    Cloud security posture management (CSPM) can be a exhausting task. One would need to sleep one eye open to keep up with all the changes in the cloud and would still fall short. If your organization is in multi-cloud environment, then the headache is multiplied. Native tools to manage CSPM exist and you should absolutely…

    Read more…

  • Emergency access setup in Microsoft Entra – 2024 edition

    As there are upcoming changes facing organizations starting July 1st 2024 when Microsoft starts the MFA enforcement rollout for user accounts (including guest users) that use Azure management logins, I thought it would be beneficial to go through the principals for emergency access and also look at how to construct it in the year 2024…

    Read more…

Disclaimer: Due to the high pace of cloud evolvement all information on this site is provided ‘as-is’, with no warranties included. The author of this blog is not responsible of your actions.