Azure
2024
Enterprise Attack Surface Management (EASM) - Tuning
English
EASM
Security
Azure
Beginner
Microsoft provides an Enterprise Attack Surface Management (EASM) tool. In this blog series I want to disover the tool and the possibilities. This is part 2 of this series and covers tuning.
Enterprise Attack Surface Management (EASM) - Activation and a first look
English
EASM
Security
Azure
Beginner
Microsoft provides an Enterprise Attack Surface Management (EASM) tool. In this blog series I want to disover the tool and the possibilities. This is part 1 of an upcoming series.
Azure Batch and how to avoid misuse
English
Azure
Azure Batch
Azure RBAC
Security
Expert
Azure Batch is quite powerful tool if you want to scale compute intensive tasks in your environment due it lets you manage scaled workload in Azure. This article will present counter measure to reduce the risk of misuse.
2023
Microsoft Defender for Office 365 & Least Privileges
English
MDO
Azure
If using Microsoft Defender for Office 365 (MDO) as a Security Analyst and want to mitigate stuff (eg. add a domain to the Tenant Level Allow/Block list) you have an issue with the current role model Microsoft provides.
Microsoft Defender for Endpoint Asset Rules
English
MDE
Azure
If using Microsoft Defender for Endpoint (MDE) often you need to tag devices according some rules. In the past this was a manual task or you automated it by using the API.
Add automatically Catch-All addresses as Send-from addresses in Exchange Online
English
Azure
Expert
Exchange
PowerShell
In previous post I wrote about several possibilities to automate tasks in Azure. In this post I will show you an additional possibility to automate tasks in a cloud native environment with the help of Automation Account.
Microsoft Defender for Endpoint API with Logic App
English
MDE
API
Azure
Logic App
Expert
In another post I already wrote about managed identities and using API. There I also showed how to adapt the required permissions. In this post you will see how to set up required permissions for Microsoft Defender for Endpoint (internally called WindowsDefenderATP).
Graph API with Logic App
English
Graph
API
Azure
Logic App
Expert
In the first part of this serie we checked the basics of the Graph API. Now in this part we will use Logic App to query the API. This opens new way to automate tasks.
Nextcloud SSO with Azure Active Directory (AAD)
English
Azure
SSO
Expert
Docker
Nextcloud
SAML
Nextcloud is a file sharing platform like Sharepoint. Providing SSO for this application for your Azure Active Directory users is easy - especially if you know which SAML properties you have to setup on both ends, Nextcloud and AAD.
Azure Cross Tenant MFA Trust Settings
English
Azure
MFA
Guest
Tipps
To have MFA enabled also in a B2B scenario is important. But it could lead to two MFA prompts which could lead to the MFA fatigue syndrom. In this post I will show you how you could reduce MFA prompts.
Azure Application Proxy
English
Azure
Azure has a nice solution to bring on-prem web based applications safely into the internet: Application Proxy is the solution.
Introduction Often companies have on-prem web applications which should be accessible by Azure users.
Graph API with PowerShell
English
Graph
API
Azure
PowerShell
Beginner
In the first part of this serie we checked the basics of the Graph API. Now in this part we will use a dedicated PowerShell module to explore the API further more.
Graph API Introduction
English
Graph
API
Azure
Beginner
If you are using Microsoft Azure - more specifically the SaaS products like Exchange Online, SharePoint Online or Teams you have the opportunity to get many information through the Graph API.