RISK CONSIDERATIONS FOR MANAGED SERVICE PROVIDER CUSTOMERS cisa.gov/publication/ri…

Today, Microsoft is announcing the Trusted Cloud Principles, a new industry initiative that defines our collective commitment to protect the rights of customers around the world. Learn more here: trustedcloudprinciples.com/principles/

Since authentication and authorization has been hot topic recently, I made my Azure authn/z service table available at github.com/jsa2/aad-auth-…

1\ I updated the attacks on #AzureAD and #M365 matrix! Now includes hybrid/non hybrid techniques used for impersonation, persistence and access including: > Silver Tickets > Pass the PRT / Cert > Service principal abuse > Identity federation abuse bit.ly/3F9CXM4

We have just released a new version of the #Microsoft365DSC whitepaper. Added a certificate authentication scenario and corrected other issues. Check out aka.ms/M365DSCWhitepa… Let us know what you think!

Today I introduced Microsoft's Principles for Decentralized Identity - our guide posts for building a #decentralizedidentity service that enables user choice, portability, and control microsoft.com/security/blog/…

Please Windows 11, bring back the option to have the start menu on the LEFT! 👈⬅️🤛↩️ | Microsoft Research, Windows Insider Program, Windows Blogs

You need more than a password - so let's take a look at the options - here is what I use in customer discussions. #AzureAD

Thanks TechSmith Snagit for making your product even more awesome! Just upgraded my FAVORITE software to 2022 version! #screenShot #screenRecord #screenAwesomeness !

Azure AD Cross Tenant Access Policies! I found lots of documentation on GitHub and tested it out! Trust MFA cross tenant?✅ Trust devices cross tenant?✅Read more on my blog: goodworkaround.com/2022/01/12/che…

Very interesting workbook to visualize #Azure (workload) identities and #AzureAD Roles Governance: Ingestion and visualization is part of the Azure Optimization Engine. Check out the TechCommunity blog post to learn more about this solution... techcommunity.microsoft.com/t5/core-infras…

I'm pleased to announce the m365maps.com January 2022 update. With new CAL diagrams, a page for Product Name Changes, and overhauled diagram edit controls with modes: Insert Image, Link, and Notes. Please see the change log for more information. #m365maps #Microsoft365

ZoomIt v5.0, RDCMan v2.90, Autoruns, ProcMon, TCPView, VMMap, Sysmon and WinObj has been updated for #Windows11 #Sysinternals techcommunity.microsoft.com/t5/sysinternal…

Wow, finally I can see the new certificate based authentication option in #AzureAD. Many customers have been waiting for this as part of moving away from #ADFS when using #CBA. Happy testing !

Here is my new blog post about securing Logic App triggers and using Managed Identities in Logic Apps! link.medium.com/JAhr6jf2tnb

Working on a "Most Common AD Security Issues" report based on what we see during AD security assessments. Really wish we didn't see default AD admin accounts (RID 500) with no associated SPN. But we do. Please check and fix this.

This is huge ! #Windows365

Warning: Technology jobs are about to change forever. I've identified 7 trends to follow, so you can be prepared:

Microsoft has released a SCIM Validator tool for checking endpoints for compatibility with #AzureAD and #SCIM standards (identity provisioning), great stuff! learn.microsoft.com/en-us/azure/ac… #identitymanagement

If you have read about the whole conditional access bypass for compliant devices make sure you read the full research presented by %TEMP% at BHEU. Great detail and great tooling. Don't just use the other POC.