Welcome to my blog!

This blog is about Microsoft Security and cybersecurity in general.
All writings are human operated, un-copiloted and opinions are that of my own.
If the author should hallucinate, contact him via LinkedIn or let him know in the comments.

  • Reading recommendation: The Lazarus Heist by Geoff White

    I’m fascinated by real-world events more than fictional stories. So, I chose to read about North Korean cyberattacks by investigative journalist Geoff White. The book proved to be a lot better then I anticipated! And I did anticipate it to be really good! I did not have too much knowledge about North Korea in general,…

    Read more…

  • Maester 101 – a Microsoft security test automation framework

    Cloud security posture management (CSPM) can be a exhausting task. One would need to sleep one eye open to keep up with all the changes in the cloud and would still fall short. If your organization is in multi-cloud environment, then the headache is multiplied. Native tools to manage CSPM exist and you should absolutely…

    Read more…

  • Emergency access setup in Microsoft Entra – 2024 edition

    As there are upcoming changes facing organizations starting July 1st 2024 when Microsoft starts the MFA enforcement rollout for user accounts (including guest users) that use Azure management logins, I thought it would be beneficial to go through the principals for emergency access and also look at how to construct it in the year 2024…

    Read more…

  • What are Microsoft-managed policies in Conditional Access and were they too little too late?

    In my previous blog post, titled Microsoft enforces tenant-level MFA in July! What should I know?, we looked at the upcoming change where Microsoft is enforcing MFA upon all user accounts logging in to Azure management tools. This enforcing of MFA with a short notice rang some bells in my head and then I remembered…

    Read more…

  • Microsoft enforces tenant-level MFA in July! What should I know?

    Upcoming July, 2024 will be a big deal for securing Microsoft tenants world wide. Microsoft announced on May 14th that they will enforce tenant-level (I like to say tenant-wide) MFA requirement for all Azure users. Let’s quickly look at this announcement! The infamous announcement Here’s the announcement. I left out the parts that explained how…

    Read more…

  • It’s time to retire ‘trusted IPs’. Say hello to named locations!

    One of the things we can do to protect our organization from account takeover attacks is to use locations as one of the conditions in our Conditional Access policies. Relying on location signal alone is not a good practice, but using location signal as one of the conditions might just be that one control that…

    Read more…

Disclaimer: Due to the high pace of cloud evolvement all information on this site is provided ‘as-is’, with no warranties included. The author of this blog is not responsible of your actions.