Blogging about Microsoft 365, Azure and Automation!
It has been a while since I have been really excited over a new feature/capability that Microsoft has released. Yesterday was one of these times, when Microsoft announced new supported … Continue Reading A new, must-have Conditional Access policy
During Ignite 2023, we were bombarded with announcements concerning AI. In the Security Space, the main announcement was Microsoft Security Copilot. This Copilot is meant to aid security analysts during … Continue Reading My wishlist for automation with Microsoft Defender XDR
I am excited to share that I have been chosen as the discussion leader for Automation and SOAR within the Microsoft Security CCP. The Microsoft Security Customer Connection Program or … Continue Reading Discussion Leader for Automation and SOAR in Microsoft Security CCP
One of the main benefits of Microsoft Sentinel as a SIEM is the tight integration with other Microsoft products such as Azure Active Directory and Microsoft 365 Defender. The integration … Continue Reading Incorrect creation time for incident creation in Microsoft Sentinel
On one of my blogs on Practical 365, I discussed the need for separate administrator accounts. In my opinion, separate administrator accounts are necessary for adequate security posture. The question … Continue Reading Setting up an alternative email for an administrator
During previous blogs, I already talked about my love for passwordless. I really love the concept behind it and love it extensively. As a consultant, I have about 15 days … Continue Reading Choosing the correct FIDO2 keys
When you are building out different Logic Apps (or Microsoft Sentinel Playbooks) it’s a best practice to never expose your passwords or API Keys in plain text within your Logic … Continue Reading Interacting with Key Vault from Logic Apps securely
While Power Automate is an amazing product, it’s a very dangerous tool to leave unmanaged as it is a common attack vector for data exfiltration. In previous blogs, I have … Continue Reading Auditing used Power Automate Connections
As a lot of organizations are moving to the cloud, security becomes more and more important. While a most organizations have already enabled multifactor authentication, protecting your administrator accounts is … Continue Reading Require Device Compliance for the non-primary user
Chromebooks have been hugely popular within the education space these last few years. They are positioned as affordable tablet computers running on Google’s ChromeOS. ChromeOS has a Play Store of … Continue Reading Can Chromebooks be managed with MEM?
If you have been following me on Twitter or my blog, it’s no secret that I absolutely love Azure Sentinel. It’s on the fastest moving product within the Microsoft Security … Continue Reading Why you should be using Azure Sentinel as an MSSP
Passwordless was one of the big buzzwords in 2020 when you think about Identity & Access. The goal of it is pretty simple: remove all passwords in the day-to-day life … Continue Reading Road to passwordless: 1 year in
Today it’s time for a rather short blog post on an issue I ran into for which I couldn’t find anything online. The issue I have been working with the … Continue Reading The issue of Log Analytics column names and spaces
The Microsoft Monitor Agent has had quite a long history with a lot of use cases. In the past it was used to send data to SCOM/OMS products, but nowadays … Continue Reading Pushing the MMA Agent with MEM in a smart way
Microsoft offers a few ‘no-code’ automation solutions within Azure/Microsoft 365. If we take a look at the moment popular ones: Logic Apps and Power Automate, it’s often difficult to decide … Continue Reading Why you should use Logic Apps instead of Power Automate
As you know by now, Edge Chromium is Microsoft’s newest browser which integrates Edge and Internet Explorer into the one browser to rule them all. There are a lot of … Continue Reading Configure Edge Chromium for a seamless end-user migration from Google Chrome with MEM
365 by Thijs