Inactive External Users Report Logic App
This one is an old logic app which I have made somewhere between 2019-2020 but more modern & simplified version of it. Basically this will create a report of all guest users which have not bee...
This one is an old logic app which I have made somewhere between 2019-2020 but more modern & simplified version of it. Basically this will create a report of all guest users which have not bee...
I noticed a couple of weeks ago that my 5-6-year-old App Secret Checker was once again failing due to an expired app secret. When I opened it, I realized how over-engineered it was, with expiring s...
I’ve seen Entra ID directories containing varying numbers of groups, ranging from just a few dozen in smaller environments to tens of thousands in larger ones. Amid this “group jungle,” certain gro...
This is my second method for blocking a user from signing in. In the previous example, I used the Graph API to modify a user’s accountEnabled property within a Sentinel playbook. I wanted to find ...
This is a simple playbook designed to block an Entra ID user by updating the user’s accountEnabled property via the Graph API. A year ago, when I wanted to complete this exercise, I initially plan...
In this post, I’ll walk you through the process of installing Evilginx 3.3.0 on an Azure Virtual Machine, Ubuntu 20.04 LTS for security development purposes. The first time, I spent a couple of eve...
The original Revoke-AADSignInSessions playbook from the Azure Sentinel repository, provided by the Microsoft Entra ID solution, had some minor issues. Specifically, the incident-triggered playbook ...
This is oldie but goldie. From time to time I’m referring to this documentation when implementing organization assets or consulting a co-worker about it. Good to know For the organization asset...
I’ve been using Ikea Fyrtur block-oud roller blinds for six months for couple of windows and generally I’m pleased with them. For rest of the windows I’ve been just adjusting blinds manually and s...
PIM & Phishing resistant authentication for admins Microsoft have released to preview conditional access for PIM to enforce phishing resistant MFA request for elevated users. It’s quite simple...