Microsoft has released the public preview of RBAC for Applications. The new mechanism allows tenants to control the access Azure AD apps have to mailboxes at a granular level. RBAC for Applications will replace application access policies.
With the move to the cloud, many organizations synchronize identities to Azure Active Directory. This makes an attacker’s job easier as they have a single point where they can attempt to compromise accounts. In this article, Thijs Lecomte walks through the protection and detection mechanisms available to repel password spray attacks.
TEC is back -100% Virtual & Free - December 6-7! This article recaps the recent in-person TEC event and what to expect from virtual TEC.
The Office 365 audit log is a rich source of forensic information. This article explains how to use Azure Automation to search the log for high-priority events. We use the new support for managed identities in V3.0 of the Exchange Online management PowerShell module to search the audit log and end up sending a nice HTML-format message to administrators.
A report by the Microsoft 365 Defender Research team explained how attackers compromised admin accounts in a Microsoft 365 tenant. They then created a malicious OAuth app, granted the app some high-priority permissions, and used it to update the Exchange Online configuration to allow spam traffic to flow. All of this comes down to allowing attackers to compromise admin accounts.
At the TEC 2022 conference, Alex Weinert, Microsoft VP for Identity, outlined the need to deploy Azure AD MFA to protect accounts in Microsoft 365 tenants. Only 26.64% of all Azure AD accounts use MFA today, and while that percentage has grown from 1.8% in 2018, it's still disappointing.
A brief recap of Andy Robbins TEC session on Azure Managed Identities, discussing what they are, their challenges, and should you avoid them?
Guest access for your company should be planned and understood by all stakeholders, documented in the company’s Security Policy, and then implemented and reviewed to maintain a clean Azure AD environment.
Microsoft 365 tenants usually include many Azure AD apps. These apps hold permissions, including permissions that hackers like to exploit. This article explains how to use PowerShell to detect apps with high-priority permissions and report them to administrators for review.
In the Exchange Server 2019 “H1” updates, Microsoft finally supported removing the last Exchange Server. But what if you've already said goodbye to yours, and want to get into a supported state? Find out what you need to do..
Preparation, Preparation, and More Preparation Migrations in Microsoft 365 are a complex beast. It seems every time you feel like you have captured everything, more apps or functionalities appear. Every shiny new tool Microsoft releases is another consideration for migration teams and IT departments. Planning for migrations – tenant-to-tenant or otherwise – is a mammoth […]
In the very early Windows NT Days, we had computer accounts connected to domain controllers. This provided the early building blocks of securing data and computers in company networks. Since then, our entire digital landscape has transformed. With modern networking and cloud adoption across so much of our world, it makes sense for our computer accounts to make the move from on-prem Active Directory (AD) to Azure Active Directory (AAD).
