Tag: cloud security

Securing Microsoft Entra ID: Lessons from the Field – Part 1

This multipart blog series is focused on the real-world lessons learned while securing Microsoft Entra ID. Based on hands-on experience across various environments and organizations, weโ€™ll explore the practical, high-impact strategies that work and more importantly, the common misconfigurations, overlooked settings, and pitfalls that can expose your identity perimeter. Throughout the series, weโ€™ll cover both … Continue reading Securing Microsoft Entra ID: Lessons from the Field – Part 1

How to hunt & defend against Business Email Compromise (BEC)

Business email compromise (BEC) remains a commonly utilized tactic that serves as leverage for adversaries to gain access to user resources or company information. Depending on the end goals of the adversaries, and on the compromised userโ€™s business role - the potential impact can vary from simply accessing sensitive information (e.g., from emails, files uploaded … Continue reading How to hunt & defend against Business Email Compromise (BEC)

Backups & DRP in the ransomware era

In today's digital landscape, the threat of ransomware has forced organizations to reevaluate their disaster recovery plans. Traditional approaches to data protection were focused primarily on high availability and are no longer sufficient. As cyber threats evolve, so must our strategies for safeguarding critical information. This blog post explores the principles and architectures needed to … Continue reading Backups & DRP in the ransomware era

Emergency Accounts: Last Call!

Last call: Update your emergency accounts!

Update your emergency accounts before October 15th. Even if you have been out of office for the last couple of months, you should be aware that starting October 15th you will need to provide Multi Factor Authentication (MFA) to logon to Azure portal, Entra admin center and Intune admin center. This will be enforced to … Continue reading Emergency Accounts: Last Call!

Top things that you might not be doing (yet) in Entra Conditional Access – Advanced Edition

Top things you might not be doing (yet) in Entra ID Conditional Access - Advanced Edition

Introduction In the first post of the top things that you might not be doing (yet) in Entra Conditional Access, we focused on basic but essential security controls that I recommend you checking out if you do not have them implemented already. In this second part, we'll go over more advanced security controls within Conditional … Continue reading Top things that you might not be doing (yet) in Entra Conditional Access – Advanced Edition

Data Connector Health Monitoring on Microsoft Sentinel

Introduction Security information and event management (SIEM) tooling allows security teams to collect and analyse logs from a wide variety of sources. In turn this is used to detect and handle incidents. Evidently it is important to ensure that the log ingestion is complete and uninterrupted. Luckily SIEMs offer out-of-the-box solutions and/or capabilities to create … Continue reading Data Connector Health Monitoring on Microsoft Sentinel