While Power Automate is an amazing product, it’s a very dangerous tool to leave unmanaged as it is a common attack vector for data exfiltration. In previous blogs, I have … Continue Reading Auditing used Power Automate Connections
If you have been following me on Twitter or my blog, it’s no secret that I absolutely love Azure Sentinel. It’s on the fastest moving product within the Microsoft Security … Continue Reading Why you should be using Azure Sentinel as an MSSP
Passwordless was one of the big buzzwords in 2020 when you think about Identity & Access. The goal of it is pretty simple: remove all passwords in the day-to-day life … Continue Reading Road to passwordless: 1 year in
I recently published a blog on the website of The Collective (my employer), where I talk about assigning MDATP tags through Logic Apps. This article goes over a solution where … Continue Reading Assigning MDATP tags through the machine name & logged on user with Logic Apps
Link to the ARM template for the full playbook can be found on Github. Microsoft cloud SIEM, Azure Sentinel, is an amazing product which can provide central logging and reporting … Continue Reading Saving corporate IPs to Log Analytics with Logic Apps
During recent weeks, an increase in OAuth phishing attacks has been spotted. OAuth Phishing attacks are an evolution of the old phishing attacks we all know and hate. During a … Continue Reading Protecting against OAuth attacks: Setting-up Admin Consent Workflow
A while back Azure AD has announced Azure AD Security Defaults. Azure AD Security defaults is positioned as a baseline to harden the security of your Azure AD Tenant. Conditional … Continue Reading What is Azure AD Security Defaults & should you be using it?