Expiring App Secret Notifier
I noticed a couple of weeks ago that my 5-6-year-old App Secret Checker was once again failing due to an expired app secret. When I opened it, I realized how over-engineered it was, with expiring s...
I noticed a couple of weeks ago that my 5-6-year-old App Secret Checker was once again failing due to an expired app secret. When I opened it, I realized how over-engineered it was, with expiring s...
I’ve seen Entra ID directories containing varying numbers of groups, ranging from just a few dozen in smaller environments to tens of thousands in larger ones. Amid this “group jungle,” certain gro...
This is my second method for blocking a user from signing in. In the previous example, I used the Graph API to modify a user’s accountEnabled property within a Sentinel playbook. I wanted to find ...
This is a simple playbook designed to block an Entra ID user by updating the user’s accountEnabled property via the Graph API. A year ago, when I wanted to complete this exercise, I initially plan...
In this post, I’ll walk you through the process of installing Evilginx 3.3.0 on an Azure Virtual Machine, Ubuntu 20.04 LTS for security development purposes. The first time, I spent a couple of eve...
The original Revoke-AADSignInSessions playbook from the Azure Sentinel repository, provided by the Microsoft Entra ID solution, had some minor issues. Specifically, the incident-triggered playbook ...
This is oldie but goldie. From time to time I’m referring to this documentation when implementing organization assets or consulting a co-worker about it. Good to know For the organization asset...
I’ve been using Ikea Fyrtur block-oud roller blinds for six months for couple of windows and generally I’m pleased with them. For rest of the windows I’ve been just adjusting blinds manually and s...
PIM & Phishing resistant authentication for admins Microsoft have released to preview conditional access for PIM to enforce phishing resistant MFA request for elevated users. It’s quite simple...
I’ve been dealing with multi-tenant environments for couple of years now and most of the time there’s a need to synchronize only specific users from one tenant to another. For me the most common so...