Category: Azure
In the past years Microsoft made some excellent improvements for securing the Identity. One of these features was Azure AD Identity Protection and it’s proxy version to allow your policies to flow inside on-premises AD. It uses the same kinda…
Access, ID, and SAML2 ID tokens are JSON web tokens (JWT). These ID tokens consist of a header, payload, and signature. The header and signature are used to verify the authenticity of the token, while the payload contains the information about…
Quicktip! While running apt-update in Kali Linux 4.19.0 you will get following error. “Failed to fetch http://http.kali.org/kali/dists/kali-rolling/InRelease The following signatures were invalid: EXPKEYSIG ED444FF07D8D0BF6” Fix: run as sudo wget -q -O – http://archive.kali.org/archive-key.asc | apt-key add Note! wget -q -O…
I decided to do a deep dive on Defender for Identity and this is part 1 of that series. What is (was) Defender for Identity? Defender ATP was before called Azure Advanced Threat Protection (Azure ATP) and Defender for Identity…
Half legacy but half cloud. Many organizations use NPS for securing their wlan and lan traffic or just to authenticate user based on their location inside AD or group memberships. NPS is Microsoft radius-based access management solutions that has been…
History of AAD Connect User synchronization solutions has been here for a long time and they have evolved all the time, sometimes faster sometimes slower. Middle of September Microsoft released a new main version from Azure AAD Connect and the…
** This doesn’t concern Exchange Online in any way, only on-premise versions ** Today Guaricore lab team discovered on-premises Exchange autodiscover vulnerability. I want to call my blog post “Autodiscovering the Great Leak” but that seems like too much as…
So what is Azure ARC? Azure ARC was first introduced at Ignite 2019. Azure ARC enables you to manage servers in different realms no matter in what AD it is. It will allow you to use Azure Resource Manager templates though…
I don’t how many of you ever used ORCA or Configuration analyzer? I have missed ORCA (Office 365 Advanced Threat Protection Recommended Configuration Analyzer) completely. I can see that it was introduced at Ignite 2019 but somehow I missed it….
Kubernetes clusters Continuous assessment of your clusters to provide visibility into misconfigurations and guidelines to help you mitigate identified threats. Learn more about environment hardening through security recommendations. Threat protection for clusters and Linux nodes. Alerts for suspicious activities are provided…