The Best of TEC 2022 – Now Virtual and Free
TEC is back -100% Virtual & Free - December 6-7! This article recaps the recent in-person TEC event and what to expect from virtual TEC.
October 26, 2022
Latest Articles
Using Azure Automation to Monitor Unified Audit Log Events
The Office 365 audit log is a rich source of forensic information. This article explains how to use Azure Automation to search the log for high-priority events. We use the new support for managed identities in V3.0 of the Exchange Online management PowerShell module to search the audit log and end up sending a nice HTML-format message to administrators.
October 17, 2022
Microsoft Security Report Highlights OAuth Compromise of Exchange Online
A report by the Microsoft 365 Defender Research team explained how attackers compromised admin accounts in a Microsoft 365 tenant. They then created a malicious OAuth app, granted the app some high-priority permissions, and used it to update the Exchange Online configuration to allow spam traffic to flow. All of this comes down to allowing attackers to compromise admin accounts.
September 26, 2022
Heard at TEC: Don’t Feed The Script Kiddies – Enable MFA Now!
At the TEC 2022 conference, Alex Weinert, Microsoft VP for Identity, outlined the need to deploy Azure AD MFA to protect accounts in Microsoft 365 tenants. Only 26.64% of all Azure AD accounts use MFA today, and while that percentage has grown from 1.8% in 2018, it's still disappointing.
September 22, 2022
Heard at TEC: Mischief Managed – Attacking (and securing) Azure Managed Identities
A brief recap of Andy Robbins TEC session on Azure Managed Identities, discussing what they are, their challenges, and should you avoid them?
September 21, 2022
Explaining Azure AD External Identities
Guest access for your company should be planned and understood by all stakeholders, documented in the company’s Security Policy, and then implemented and reviewed to maintain a clean Azure AD environment.
September 19, 2022
How to Report High-Priority Azure AD App Permissions That Hackers Might Exploit
Microsoft 365 tenants usually include many Azure AD apps. These apps hold permissions, including permissions that hackers like to exploit. This article explains how to use PowerShell to detect apps with high-priority permissions and report them to administrators for review.
September 12, 2022
Use Exchange Online Management to Update Active Directory Recipient Objects
In the Exchange Server 2019 “H1” updates, Microsoft finally supported removing the last Exchange Server. But what if you've already said goodbye to yours, and want to get into a supported state? Find out what you need to do..
September 7, 2022
You’ve Migrated… But What Did You Leave Behind?
Preparation, Preparation, and More Preparation Migrations in Microsoft 365 are a complex beast. It seems every time you feel like you have captured everything, more apps or functionalities appear. Every shiny new tool Microsoft releases is another consideration for migration teams and IT departments. Planning for migrations – tenant-to-tenant or otherwise – is a mammoth […]
September 6, 2022
Migrating On-Prem Active Directory Computer Accounts to Azure AD
In the very early Windows NT Days, we had computer accounts connected to domain controllers. This provided the early building blocks of securing data and computers in company networks. Since then, our entire digital landscape has transformed. With modern networking and cloud adoption across so much of our world, it makes sense for our computer accounts to make the move from on-prem Active Directory (AD) to Azure Active Directory (AAD).
September 1, 2022
Kerberos Constrained Delegations Crossing AD Security Boundaries
Kerberos Delegations can be confusing, but it is important to understand how delegations behave when configured across trust boundaries.
August 22, 2022
Using Managed Identities with the Microsoft Graph SDK and Teams PowerShell Modules
This article covers how to use an Azure managed identity with the Microsoft Graph PowerShell SDK and Microsoft Teams modules in an automation runbook.
August 17, 2022