Category: Identity

Autodiscover redirect leakage

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 23/09/2021 0 Comments on Autodiscover redirect leakage
Posted in Azure, Defender, Exchange, Identity, Onpremise

** This doesn’t concern Exchange Online in any way, only on-premise versions ** Today Guaricore lab team discovered on-premises Exchange autodiscover vulnerability. I want to call my blog post “Autodiscovering the Great Leak” but that seems like too much as…

Continue Reading Autodiscover redirect leakage

Office 365 ORCA and Configuration analyzer

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 20/09/2021 0 Comments on Office 365 ORCA and Configuration analyzer
Posted in Azure, Compliance, Defender, Identity, Microsoft 365, Security

I don’t how many of you ever used ORCA or Configuration analyzer? I have missed ORCA (Office 365 Advanced Threat Protection Recommended Configuration Analyzer) completely. I can see that it was introduced at Ignite 2019 but somehow I missed it….

Continue Reading Office 365 ORCA and Configuration analyzer

Azure Defender for container registries

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 20/09/2021 0 Comments on Azure Defender for container registries
Posted in AKS, Azure, Clustering, Compliance, Identity, Onpremise

Kubernetes clusters Continuous assessment of your clusters to provide visibility into misconfigurations and guidelines to help you mitigate identified threats. Learn more about environment hardening through security recommendations. Threat protection for clusters and Linux nodes. Alerts for suspicious activities are provided…

Continue Reading Azure Defender for container registries

Hybrid identity best practices

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 17/09/2021 0 Comments on Hybrid identity best practices
Posted in AAD Connect, Active Directory, Azure, Hybrid, Identity, Onpremise

Microsoft has world-class Identity support for different applications and for different organizations. Microsoft identity can be used for SSO in most of the applications no matter where it is. And the base for this is a well designed Hybrid Identity….

Continue Reading Hybrid identity best practices

Modernize your 0ldSk00l VPN and legacy shares

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 15/09/2021 0 Comments on Modernize your 0ldSk00l VPN and legacy shares
Posted in 2012 R2, AAD Connect, Active Directory, Azure, Azure AD, Hybrid, Identity

Companies have had for ages requirements for connecting employees computers to organization network. In the past I have done these setups with Ipsecs, point-to-point tunnelings and recent year with Direct Access and Always-on vpn style. Between these it was done…

Continue Reading Modernize your 0ldSk00l VPN and legacy shares

Identity protection in the cloud and of the cloud part2

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 13/09/2021 0 Comments on Identity protection in the cloud and of the cloud part2
Posted in Azure, Defender, Identity, Onpremise, Powershell

This is part two of the series and now we are concentrating to Active Directory and Defender for Identity. In Hybrid scenarios your Source of Authority is the on-premises AD and from the the users will flow to the cloud…

Continue Reading Identity protection in the cloud and of the cloud part2

Identity protection in the cloud and of the cloud.

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 10/09/2021 0 Comments on Identity protection in the cloud and of the cloud.
Posted in Azure, Azure AD, Identity, Microsoft 365, Security

This is the first part of Identity blog series. “Identity is the new perimeter” was probably first said in 2018 at Identiverse. And it is actually true, identity is all you have in the Evergreen cloud service. There can’t be…

Continue Reading Identity protection in the cloud and of the cloud.

Enterprise applications SSO with custom manifest configuration

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 08/09/2021 0 Comments on Enterprise applications SSO with custom manifest configuration
Posted in Active Directory, ADFS, Azure, Azure AD, Certificates, Compliance, Identity, Security

Hi, Didn’t find an article about this, so I decided to gather the pieces and put them in one place. First little bit of background. You have Azure AD and  on-premises or cloud-based application that you want to allow SSO…

Continue Reading Enterprise applications SSO with custom manifest configuration

Using attack simulator for user education and gather insights.

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 07/09/2021 0 Comments on Using attack simulator for user education and gather insights.
Posted in Compliance, Exchange, Identity, Microsoft 365, Office 365, Security

This is part 2 of compliance and user governance. Here is part 1. Attack simulator is a tool for educating users and gathering insights on what they do wrong or right. Who can use it? If your organization has Microsoft…

Continue Reading Using attack simulator for user education and gather insights.

Why to use Compliance Manager for assessments and attack simulator to educate users.

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 06/09/2021 0 Comments on Why to use Compliance Manager for assessments and attack simulator to educate users.
Posted in Azure, Compliance, Identity, Microsoft 365

Today I will be talking about Compliance Manager and in next part about Attack Simulator and why they matter for your organization. Compliance is based on organization industry or customer requirements. Compliance improves your security posture. It will help you…

Continue Reading Why to use Compliance Manager for assessments and attack simulator to educate users.