The dangers of trust policies in AWS
Introduction Everyone that has used Amazon Web Services (AWS) knows that the cloud environment has a unique way of granting access to users and resources. This is done by allowing users and/or...
View ArticleCan we block the addition of local Microsoft Defender Antivirus exclusions?
Introduction A few weeks ago, I got a question from a client to check how they could prevent administrators, including local administrators on their device, to add exclusions in Microsoft Defender...
View ArticleEnforce Zero Trust in Microsoft 365 – Part 1: Setting the basics
This first blog post is part of a series of blog posts related to the implementation of Zero Trust approach in Microsoft 365. This series will first cover the basics and then deep dive into the...
View ArticleImplementing Business Continuity on Azure
There is a general misconception among cloud consumers that the availability of their resources in the cloud is always guaranteed. This is not true since all cloud providers, including Microsoft, offer...
View ArticleEnforce Zero Trust in Microsoft 365 – Part 2: Protect against external users...
In the first blog post of this series, we have seen how strong authentication, i.e., Multi-Factor Authentication (MFA), could be enforced for users using a free Azure Active Directory subscription...
View ArticleEnforce Zero Trust in Microsoft 365 – Part 3: Introduction to Conditional Access
This blog post is the third blog post of a series dedicated to Zero Trust security in Microsoft 365. In the first two blog posts, we set the basics by going over the free features of Azure AD that can...
View ArticleData Connector Health Monitoring on Microsoft Sentinel
Introduction Security information and event management (SIEM) tooling allows security teams to collect and analyse logs from a wide variety of sources. In turn this is used to detect and handle...
View ArticleTop things that you might not be doing (yet) in Entra Conditional Access
Introduction In this blog post, I focus on the top things that you might not be doing (yet) in Entra Conditional Access. It is not an exhaustive list, but it is based on my experience assessing many...
View ArticleBecome Big Brother with Microsoft Purview
Introduction With the never-ending amount of data we generate, process, and share within and between companies, and the value this information can hold – such as personal data, top secret documents, or...
View ArticleTop things that you might not be doing (yet) in Entra Conditional Access –...
Introduction In the first post of the top things that you might not be doing (yet) in Entra Conditional Access, we focused on basic but essential security controls that I recommend you checking out if...
View Article
More Pages to Explore .....