Combine the power of Entra ID Conditional Access and Defender for Cloud Apps Conditional Access policies to gain even more control over how apps in your tenant can be accessed. A common scenario would be to block access from Tor/Botnet/Anonymous Proxy networks as there’s really no use-cases for end-users to
Introduction Now we are in 2026, it’s easy to forget that some of the most important security features on modern Windows devices have been quietly protecting us for well over a decade. Secure Boot is one of those technologies. Introduced alongside Windows 8 nearly 15 years ago (yes, that´s right!).
Introduction Microsoft has begun the rollout of a new and powerful reporting capability to Windows Autopatch customers: Common Vulnerabilities and Exposures (CVE)/KB Reporting. While still in preview and it’s subject to change before GA, this feature is already proving to be one of the most valuable additions to the Autopatch reporting
Recently, I’ve assisted a customer with uplifting their security around Enterprise Applications. This is an area we see many of our customers struggle with as by default, Microsoft lets users register apps all by themselves. This leads to a sprawl of registered apps that may or may not still be
Microsoft Entra ID Privileged Identity Management (PIM) for Groups allows organizations to control and audit elevated group memberships through just-in-time access. Managing elevated permissions in Microsoft Entra ID can sometimes be tricky, especially when it comes to Privileged Identity Management (PIM) for Groups. While the Entra portal allows users to
Back in September Microsoft has recently teaset App Management Policies in Microsoft Entra ID UI, which let you set tenant-wide restrictions on how applications and service principals can be configured from the UI – for example restricting certificate lifetimes, blocking new passwords/secrets, enforcing valid URI formats, etc. (as it looks like for now
Introduction Microsoft Purview is Microsoft’s unified data governance, compliance, and risk platform. It lets you discover, classify, label, protect, retain, and monitor data across Microsoft 365, On-Premises, multicloud, and SaaS sources. It centralizes policies (like sensitivity labels) to enforce consistent security and compliance. During our Governance workshops, we initiate the
What is Azure Arc Azure Arc is a Microsoft service that extends your Azure management and governance capabilities to your resources outside of Azure, and this can include on-premises servers, virtual machines, and other cloud environments. With Azure Arc, you can centrally manage, secure, and automate workloads across hybrid and
In this small blog post, I will try to give you some insights on what Advanced hunting´s custom detection rules is – and how you can use it! Introduction Microsoft Defender XDR is a powerful security platform that uses AI, machine learning, and behavioral analytics to detect and respond to
Intro If you’re diving into Microsoft Security Copilot, one of the first things you’ll want to get right is who can do what. That’s where Role-Based Access Control (RBAC) comes in. Whether you’re working in Defender, Intune, Entra, Sentinel, or Purview, understanding and configuring RBAC is essential to ensure secure,
Intro AI, AI, AI… Yes, we’ve heard it over and over again. Get used to it! 🤣 If you work within one of these portals (Defender, Intune, Entra, Sentinel, Purview, you are the perfect candidate to continue reading. My view might differ from others, I’m not easily sold or impressed.
Managing permissions for Managed Identities in Azure/Entra ID has been a long-standing challenge. Microsoft has yet not provided a built-in interface for this, leaving administrators reliant on PowerShell to handle permissions – even if the “same” exists for App Registrations and Enterprise Applications. To bridge this gap, I developed this
After reading about cross-tenant quirks in sensitivity labels, I got curious: how are these labels stored in a .DOCX file—and can they be removed without encryption? Short answer: yes, and it’s surprisingly easy.
Managing server configurations in hybrid or on-premises environments can be challenging, with outdated tools and manual processes leading to errors and inefficiencies. This post explores how to simplify configuration management with Desired State Configuration (DSC) and Azure Automanage Machine Configuration. Ever noticed this Machine Configuration option under VMs and wondered
Introduction In case you missed the update about the new announcement Microsoft is tightening security around Azure and Microsoft admin portals, by enforcing multifactor authentication (MFA) for all interactive sign-ins. This change has sparked a lot of questions across social medias, and in this post, I aim to address these
Hey, folks! – It’s been a while since I last wrote a blog post. A lot has happened in my personal life over the past six months that is beyond my control, which has forced me to prioritize my family above everything else. But now I’m back with a backpack
It’s been almost a year since I published my original post about how to migrate BitLocker Recovery Key(s) to Azure AD (Microsoft Entra ID) using a remediation script. It didn’t take long before several companies started using it, and since then, I’ve received a few inquiries about support for multiple
Microsoft Remote Help is a powerful tool that allows users to get technical support and assistance from your company’s IT Pros without leaving the comfort of their own homes or offices. With Microsoft Remote Help, users can connect remotely to a support technician who can troubleshoot, diagnose, and solve technical
This blog post is original from my own blog, re-posted here Introduction What is a Break Glass Account? Break Glass accounts are emergency access accounts that are used to access critical systems or resources when other authentication mechanisms fail or are unavailable. In Azure AD, Break Glass accounts are used to provide emergency access to
Microsoft Sentinel is a cloud-native security information and event management (SIEM) platform that enables organizations to collect, analyze, and respond to security events across their enterprise (for an introduction please see the first post in this series). Data ingestion is a critical component of the Sentinel platform, as it allows
Are you also in the middle of transitioning from on-premises to the cloud, or are you currently planning this journey? If so, you also want a modern way to migrate Bitlocker recovery key(s) to Azure AD when moving away from on-premises MBAM/Active Directory escrowing. I help our customers achieve this
Identity theft is a major concern for most companies. Complex Conditional Access rules/setups may unintentionally leave accounts without multifactor authenticaton. Another aspect of this “not following up” on the technical security features that is set up, is that every day tasks tends to take precedence over tasks that has an
Secure your Windows 365 Cloud PC(s) with Conditional Access and FIDO2 security keys. Introduction We have already written about FIDO2 security keys on several occasions (I will add the links below), which has inspired me to see how I could secure Windows 365 using Conditional Access and a FIDO2
Managing local administrator rights on Windows 365 Cloud PCs. Introduction I’ve been writing about Windows 365 over the past few months, and in the original Windows 365 blog post I quickly mentioned that users by default doesn’t have local admin rights on their Cloud PC(s), and how to grant users
Introduction Some time ago I was asked by FEITIAN if I would like to test their FIDO2 key. I said yes, because I am in a project where we will onboard Microsoft HoloLens’s in production, in that journey, we will make use of FIDO2 keys + Windows Hello for Business
Modern Workplace consultant and a Microsoft MVP in Windows and Devices.
Infrastructure architect with focus on Modern Workplace and Microsoft 365 security.
Cloud & security specialist with focus on Microsoft backend products and cloud technologies.
Cloud & security specialist with focus on Microsoft 365.
Cloud & Security Specialist, with a passion for all things Cybersecurity
Cloud and infrastructure security specialist with background in networking.
Infrastructure architect with focus on design, implementation, migration and consolidation.
Infrastructure consultant with focus on cloud solutions in Office365 and Azure.
Modern workplace and infrastructure architect with a focus on Microsoft 365 and security.
