Archives
- January 2022 (3)
- December 2021 (9)
- November 2021 (13)
- August 2021 (1)
- July 2021 (6)
- June 2021 (1)
- May 2021 (1)
- April 2021 (1)
- January 2021 (1)
- August 2020 (1)
- July 2020 (3)
- June 2020 (1)
- March 2020 (5)
- February 2020 (3)
- January 2020 (18)
- December 2019 (22)
- November 2019 (3)
- October 2019 (1)
- July 2019 (1)
- April 2019 (2)
- January 2019 (2)
- October 2018 (2)
- September 2018 (1)
- August 2018 (4)
- July 2018 (4)
- February 2018 (6)
- January 2018 (3)
- November 2017 (1)
- August 2017 (3)
- May 2017 (4)
- April 2017 (4)
- December 2016 (1)
Categories
- Application Security (1)
- Azure Security Center (10)
- Governance & Compliance (19)
- Host Protection (3)
- Identity & Access Control (9)
- Monitoring & Detection (22)
- Network Security (3)
- Secure Development (13)
- Security Automation (53)
- Security Operation (21)
- Service Overview (1)
Category Archives: Identity & Access Control
Script to audit managed identities on VM and their role assignment
Managed Identity in Azure is not new. Everyone loves it. People use it more often these days. Managed Identity would reduce the overhead of managing secrets or kind of certificate. However, the Managed Identity feature also introduces a new risk … Continue reading
Az-500: Quick notes on AAD hybrid identity
Recently I got a question from a friend regarding Azure Active Directory hybrid identity option. The question was part of his exam in Az-500 Microsoft Azure Security Technologies. In this article, I’d like to provide a bit about the AAD … Continue reading
Azure ARM Template for VM Creation with AAD Sign-in
Microsoft recently released a public preview of a new capability in Azure allowing to sign in to Windows virtual machine using Azure AD account. Previously you would need several steps to complete the deployment of joining your virtual machine to … Continue reading
Catching sign-in activity of global admin
I got a question from a community friend asking about enabling an alert on his tenant whenever a global administrator ‘s sign-in occurs, or at least someone being granted global administrator role performs sign-in. You may end up thinking about … Continue reading
Azure Firewall Role-Based Access Control
Role-based access control in Azure allows you to control fine-grained permissions to specific resources. In the scenario of controlling Azure Firewall, you would need to have custom role definition to give which permission to whom. In this article, let’s have … Continue reading
Getting Azure AD access token via REST Call
Part of Azure experiment, one of my colleagues started playing with Azure API Management last week. He was interested with what I introduced about the service, including API gateway, API publishing portal to readable policies to manipulate inbound request before … Continue reading
Connect to Azure AD using Microsoft Account with PowerShell
Microsoft Account is considered not an internal account given to Microsoft employee. Microsoft account is associated to external services such as Live Mail, Skype, Xbox or so on. When connecting to Azure AD with Microsoft Account (e.g. LiveID) , you … Continue reading
Brute-force attack mitigation on Microsoft Azure
Brute-force attack is simply to continuously attempt to discover your password by combining all possible passwords it can guess. That said, human can guess a password by trying to brainstorm all possibilities such as birthday, girlfriend name, a memorable location or … Continue reading
Enable Multi-factor authentication on the Azure Management Portal
Multi-factor authentication means by its name, giving one more step of authentication to protect your account. The authentication step can be a time-based one-time password sent from a cloud authentication provider such as Google Authenticator, Microsoft Authenticator. The authentication step … Continue reading