All Stories

Security considerations of Azure EA management and potential privilege escalation

In the recent years many organizations used the Microsoft Enterprise Agreement (EA) portal or APIs for creation and initial setup of their subscriptions. I like to give an overview about...

Azure AD SSPR: Deployment considerations and detection of suspicious self-service password reset

End-users are able to reset their passwords as part of the Azure AD „self-service password reset“ (SSPR) service. Including an option of password writeback from Azure AD to on-premises AD....

Community Event: Cloud Identity Summit am 23.10.2020 in Koblenz

Ich freue mich sehr, ein besonderes Community-Event für den Herbst anzukündigen. Wir, das Orga-Team des “Azure Meetup Bonn”, planen für den 23. Oktober 2020 in meiner Heimatstadt Koblenz eine ganztägige...

Azure AD Administrative Units - Use cases, considerations and limitations

Administrative Units (AUs) allow organizations to delegate admin permission to a custom segment of a tenant (such as region, department, business units). In this blog post I like to share...

Azure AD Tenant Hardening - Considerations of default settings

Every created Azure AD tenant has default configurations by Microsoft. These settings should be reviewed and cross checked with your security requirements, strategy of self-services and governance policies. In these...

Detection and Mitigation of Illicit Consent Grant Attacks in Azure AD

Popular phishing attacks are using illicit consent grant to gain access to company or user data. In this article we will cover the detection (with Azure Sentinel, Microsoft Cloud App...