MFA prompt spamming/ MFA fatigue – What can you do to prevent/ detect attacks?
Protect against AzureAD OAuth Consent phishing attempts (Illicit consent attack)
In the last couple of months, there is a large increase visible in consent phishing emails (illicit consent attacks). Microsoft threat analysts are tracking a continued increase in consent phishing attempts/mails. This blog described some of the Microsoft prevention/detection capabilities against OAuth Consent…
Stream Azure AD Identity Protection events to Microsoft Sentinel/ Log Analytics
Microsoft recently added a new function that gives the option for stream events from Azure AD Identity Protection into Microsoft Sentinel. In this blog the instruction for export user risk events from Azure AD Identity protection into Microsoft Sentinel. Identity Protection – Risk…
Protecting against password spray attacks with Azure Sentinel and Azure AD
A Password Spraying Attack is a type of brute force attack where a malicious actor attempts the same password on many accounts before moving on to another one and repeating the process. In this blog the explanation of detection and protection against password spray…
Review service principals with Azure AD Access Reviews and monitor with Azure Sentinel
A new feature in public preview is the Azure AD access review functionality. With the new AzureAD access reviews function it is possible to review service principals in the Azure environment. With the more growing trend of cloud services and application service principals…
Monitor Azure AD break-glass accounts with Microsoft Sentinel
Conditional Access configuration for AzureAD accounts is important. With Conditional Access you can protect easy accounts, block outdated protocols and create more security cases to protect corporate data. An important part of Conditional Access is the usage of break-glass accounts. In this blog…
Block Legacy Authentication now, and don’t wait for Microsoft
Legacy authentication is the most compromising sign-in. Microsoft is going to disable basic/ legacy authentication. It is recommended to implement Legacy Authentication as soon as possible and switch users to the latest modern authentication protocol. In this blog post, we take a look…
Track the registration and usage of all authentications methods with AzureAD
As part of the new Passwordless GA announcement, Microsoft created a new activity blade in AzureAD. With the new Authentications methods Activity blade it is possible to track the registration and usage of all the authentication methods inside the organization. With the new…
Go fully passwordless with the new Azure AD Temporary Access Pass feature
The new Azure AD Temporary Access Pass preview feature is available in the tenant. With the new preview feature, it is possible to configure a temporary Access Password. The main goal to go to full passwordless without any configured password in the tenant. …
Enable automatic Access Reviews for Guest users in Teams and Microsoft 365 Groups
Azure AD access reviews feature is now in public preview for the Teams and Microsoft 365 Groups. In this blog post an overview of the new public preview feature. With the Access Reviews for guest functionality, it is possible to check-up automatic guest…