All Stories

FIDO2 Keys and Hybrid Identities (2/2): On-boarding, Authentication and Monitoring

FIDO2 Security Keys are a passwordless and strong authentication method to sign-in to Windows devices and can be used for single sign-on (SSO) access to cloud and on-premises resources. This...

FIDO2 Keys and Hybrid Identities (1/2): Overview and configuration

Microsoft has announced the GA of FIDO2 support in Azure AD at Ignite Spring 2021. Previously, passwordless authentication in hybrid environments was only possible by implementing Windows Hello for Business...

Community Engagements and Recap of Q1/2021

Over the past 3 months, I spoke at community events and set my focus on research work. Unfortunately, there was no time left for blogging. But I’m planning to share...

Identity Security Monitoring in Microsoft Cloud Services

Microsoft offers several solutions and services for securing (hybrid) identities and protecting access to workloads such as Azure, Office 365 or other integrated apps in Azure Active Directory. I like...

Community Project: Azure AD Attack and Defense Playbook

In the recent weeks, I’ve worked together with Sami Lamppu on the first section of a playbook about common attack and defense scenarios in Azure AD. In this article I...

Sign-in logs and auditing of Managed Identities and Service Principals

Recently, Microsoft added new categories for sign-in logs which finally included non-interactive, managed or service principals in Azure AD. In this blog post I will describe the configuration steps to...