All Stories

Sign-in logs and auditing of Managed Identities and Service Principals

Recently, Microsoft added new categories for sign-in logs which finally included non-interactive, managed or service principals in Azure AD. In this blog post I will describe the configuration steps to...

MVP Award 2020-2021 - Thank you!

Thank you all for congratulations and the kind words in the recent days! On the weekend, I’ve used the opportunity to look back on my (Azure) learning journey and previous...

Privileged Access Groups: Manage privileged access outside of Azure AD admin roles with Azure PIM

Azure Privileged Identity Management (PIM) allows to assign eligibility for membership as part of “Privileged Access Groups” (PAG). In this blog post I like to give an overview of current...

Azure AD B2B: Security considerations to protect external (privileged) identities

In the recent months I‘ve spent time on research of identity security in B2B scenarios (when users are invited to another Azure AD tenant). In this blog post I like...

Cloud Identity Summit 2020 goes virtual...and global!

Originally we had planned to run the 1st edition of the „Cloud Identity Summit“ as local event (in Koblenz, Germany). But as many other community events, we are still facing...

Security considerations of Azure EA management and potential privilege escalation

In the recent years many organizations used the Microsoft Enterprise Agreement (EA) portal or APIs for creation and initial setup of their subscriptions. I like to give an overview about...