Azure Privileged Identity Management (PIM) allows to assign eligibility for membership as part of “Privileged Access Groups” (PAG). In this blog post I like to...
End-users are able to reset their passwords as part of the Azure AD „self-service password reset“ (SSPR) service. Including an option of password writeback from...
FIDO2 Security Keys are a passwordless and strong authentication method to sign-in to Windows devices and can be used for single sign-on (SSO) access to cloud and on-premises resources. This...
Microsoft has announced the GA of FIDO2 support in Azure AD at Ignite Spring 2021. Previously, passwordless authentication in hybrid environments was only possible by implementing Windows Hello for Business...
Over the past 3 months, I spoke at community events and set my focus on research work. Unfortunately, there was no time left for blogging. But I’m planning to share...
Microsoft offers several solutions and services for securing (hybrid) identities and protecting access to workloads such as Azure, Office 365 or other integrated apps in Azure Active Directory. I like...
In the recent weeks, I’ve worked together with Sami Lamppu on the first section of a playbook about common attack and defense scenarios in Azure AD. In this article I...
Recently, Microsoft added new categories for sign-in logs which finally included non-interactive, managed or service principals in Azure AD. In this blog post I will describe the configuration steps to...
