Entra ID Auditing Insider Threats: Detect Anomalous User Behaviour. What, if the user credentials were stolen and the malicious actors successfully pass authentication and authorization? In this case, all the data that is accessible by the compromised credentials are at risk of an Insider Threat. To protect against such threats, enterprises usually use Insider Threat […]
Detecting Security Incidents with Microsoft Entra ID Auditing. Understanding the core functions and potential threats related to Microsoft Entra ID environment is essential for maintaining robust security measures. One of the fundamental tools in this quest is the Audit log, a repository of historical records capturing user activities within the organization. This article shows aspects […]
Leveraging Azure AD Audit Data for Compliance and Reporting. Authenticity of systems and data is a constant challenge for enterprises in the constantly changing world of digital security and compliance regulations. This article delves into the proactive utilization of Azure AD audit logs, offering insights into how organizations harness this valuable resource to enhance their […]
The Role of Machine Learning in Azure AD User Monitoring. In our rapidly evolving digital landscape, the traditional concept of an “endpoint” has transcended its old definition of merely being a user’s device. With the widespread integration of cloud-based identity providers, user directories are no longer confined within the secure boundaries of network perimeters. This […]
Azure AD RBAC Audit / Reporting: Monitor and Analyze Azure AD. In the ever-evolving realm of cloud security, keeping a vigilant eye on access controls is a cornerstone of a robust defence strategy. Azure Active Directory’s Role-Based Access Control (RBAC) offers a powerful mechanism for governing resource access. In this article, we delve into monitoring […]
Azure Threat Detection & Response: How to Detect & Respond. The cloud movement greatly changed the attack surface. Organizations find that detection and alerting are not that straightforward. In the past, perimeter security was simple. But with the cloud your security operations team needs visibility for identities, devices, networks, applications, data… the list goes on. […]
Real-time Monitoring with Azure AD Auditing: SIEM/ Analytics Tools. Enabling Entra ID (AzureAD) logging is crucial for securing your identities. Doing only that however wont improve your incident response. Companies should instead look to ingest these logs into their current security operations center (SOC) model. In most cases, this means feeding the logs into their […]
Azure Security Center Best Practices: How to Secure Azure. Securing our cloud workloads is paramount in the ever-evolving landscape of digital threats, and Azure Security Center stands as a stalwart guardian in this dynamic realm. This article explores the best practices that empower us to fortify our cloud infrastructure using Azure Security Center. From proactive […]
Azure VM Security: Antivirus, Patching & Endpoint Protection. Azure virtual machines (VMs) are a popular choice for businesses of all sizes. They offer a scalable and reliable platform for hosting workloads. However, it is important to take steps to secure your Azure VMs from malware and other threats. This blog post discusses several key ways […]
Automating Azure AD Auditing PowerShell: Simplifying Log Analysis. Do you want to simplify Azure AD auditing by automating it with PowerShell? We guide you through the various ways to accomplish this, starting with an overview of Azure AD auditing. In the overview section, explain the Azure Active Directory audit and sign-in logs and the information […]