Mar 01, 24 | MDE | Security

MDE Get Healthy with MDfS Driven Migration

Nov 07, 23 | MDO | Security

QR Phishing with MDO

Feb 15, 23 | MDE | Security

How to map AAD Groups to MDE Device Groups

Recent Posts

Defender for Endpoint Upgrade Script - FOR ALL!

Working with a customer on the MDE Unified Installer for Windows Server 2016/2012R2 we ran into the issue that SCEP was installed and thus blocking the Unified Installer. Therefore, instead of the Install approach we really needed to perform an Upgrade, but would that mean we needed an approach for servers where SCEP had been installed vs. servers where SCEP was not installed? Answer: No!

Nov 11, 21 | MDE | Security | Read more...
Image for Post Defender for Endpoint Unified Package for Server 2016 and 2012 R2
Defender for Endpoint Unified Package for Server 2016 and 2012 R2

Recently Microsoft announced the public preview of a unified EPP and EDR package that allows a similar onboarding approach for these servers as Server 2019, Windows 10, and Windows 11. Recently, a customer I support wanted to test this new method and perform deployment using the GPO methodology.

Nov 01, 21 | MDE | Security | Read more...
Automate Accounts for Azure AD

Azure AD’s B2B capability is a really powerful way to leverage identities from outside of an organization, but is it the right solution for seasonal, temporary, or white listed employees? Maybe, maybe not, and if not then the creation of cloud only accounts may require a time consuming (possibly manual) request > approval > provision process.

Jul 18, 19 | AAD | Identity | Read more...
Incorporate Azure AD with your Angular App

I began my career as a software developer and I still love the opportunity to tinker with code from time to time. Since I usually deal with authentication and identity I have a need from time to time to demonstrate how customers can add their own custom applications to Azure AD and how the protections can be applied. So, I spent a few days recently building and testing my own, single page, custom application based on the latest version of Angular (Typescript).

Jun 14, 19 | AAD | Identity | Read more...
The Identity stupid!

James Carville’s campaign strategy for Bill Clinton’s ‘92 campaign was “The economy, stupid!” These 3 words left no doubt to what was important, what to focus on, and the fact that getting the Economy right would make everything else possible. Today, as we look at changes to the corporate IT network and infrastructure we should adopt a similar slogan:

Apr 02, 19 | AAD | Identity | Read more...
Azure AD MFA managed by User Account Administrator Role

Many organizations want to delegate enabling and disabling MFA for a user to their helpdesk, but the only RBAC role that allows MFA management is the Global Administrator and no one wants to grant helpdesk technicians Global Admin access to their tenant. However, there is a way around this RBAC limitation if your organization has Azure AD Premium.

Feb 22, 19 | AAD | Security | Identity | Read more...
O365 MFA vs Azure AD MFA

As a Technical Solutions Professional at Microsoft who covers Identity and Security I get a lot of questions about Office 365 MFA vs. Azure Active Directory MFA around the differences, benefits, and what I suggest. Customers always assume because I concentrate on the EMS stack Microsoft offers (Intune, Azure AD, Azure Information Protection) I recommend Azure AD MFA over Office 365 MFA, but the reality is when customers really compare the experiences they will almost always go with Azure AD MFA.

Dec 04, 18 | AAD | Security | Identity | Read more...
SAML Security Vulnerability

Duo Labs announced on Feb 27th that it had discovered a security vulnerability in some SAML SSO providers. The outline of their public post showed how an attacker could authenticate so a SAML SSO provider, and then manipulate the SAML response to allow them to impersonate a user based thanks to different canonicalization algorithms.

Mar 12, 18 | AAD | Security | Read more...
ADFS:Certificate Authentication and A Dirty Certificate Store

I often support ADFS configurations that are used to enable Client Certificate Authentication. Typically, these deployments are straight forward: we have certificates that cover the URLs ([sts url] and certauth.[sts url] see this article for more details), we enable the client certificate authentication and it works. Then there are the other deployments.

Feb 27, 18 | AAD | Identity | Read more...
Azure - PowerShell Capabilities I Love

I use Azure for Development and Testing very heavily with my job as a consultant for Microsoft. Since most of my work is done deploying systems On-Premises I usually have to build environments for testing of deployment scripts etc. This means I have the option to go through the Azure Portal and create machine after machine, or I can use PowerShell to script these processes. As such I have gone through many of the IAAS PowerShell commands and thought I would share some of my commonly used commands.

Jul 01, 16 | Azure | Read more...