Few more seats just opened: Threatscape Mastering Conditional Access, 16 January • CA's good, bad, and ugly • Design and architecture fundamentals • Avoid common mistakes • Red team tool defense explored (including new compliance bypass) REGISTER: threatscape.com/mastering-entr…

I'll be in the area, so trying to make this happen to be there, but this will be a fantastic event - both in-person and streaming. Yellowhat yellowhat.live

Chat GPT and Copilot responses are so similar now, i am not sure I can tell the difference.

Managing Conditional Access policies can get messy. I built a PowerShell script to help you: ✅ Export CA configs ✅ Flag common issues ✅ Link right back to each policy ✅ Spot hidden risks Demo vid 👉 youtu.be/yirx0fk7cvA Script 👉 github.com/dougsbaker/CA-… #ConditionalAccess

New video: 1 hour of Conditional Access design deep dive. I always get asked to share Conditional Access templates, so I roped Nate Hutchinson into the first of a few long forms on thinking about robust, scalable, and customizable CA architecture. Watch: youtube.com/watch?v=NSqfUZ…

That moment when you realize the file you are looking for was deleted by the retention policy you created....

New video: deep dive into Defender for Endpoint/Antivirus settings. - what every one really does - what “good” looks like - gotchas - nuances And why some of the important ones are “hidden”. Watch: youtu.be/R8btJ_SjwVk

I made a video walking through how I locked down browser usage in my org using Microsoft Edge Management inside the M365 Admin Center. ✅ Control extensions ✅ Force Edge sign-in ✅ Deploy policies w/ or w/o Intune ✅ Block Chrome & others 🎥 Watch here: youtu.be/_PE4I47qjRo

I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…