All Categories: cybersecurity(26) sc-100(19) azure(15) microsoft(13) certification(9) productivity(6) fortinet(3) linux(3) edgevolt labs(3) marvel(2) iot(2) python(2) shell(2) artificial intelligence(2) ubuntu(2) roku(2) zero trust(2) the drive on 17(2) marvel move(2) fortigate(2) ssh(1) movies(1) soccer(1) listening(1) authentication(1) image(1) playlist(1) cli(1) negative index(1) programming(1) scripting(1) music(1) traffic on 17(1) edgevolt radio(1) jks(1) pfx(1) michael hyatt(1) budgie(1) key vault(1) security workflows(1) nist(1) microsoft graph(1) verified id(1) registry(1) mcsb(1) workload security(1) azure blueprints(1) azure landing zone(1) azure monitor(1) conditional access(1) debian(1) cwpp(1) cpsm(1) miscellaneous(1) guardians of the galaxy(1) movie reviews(1) bookmarks(1) monster hunter now(1) logitech(1) fcp(1) owasp(1) appsec(1) routing(1) ecmp(1) governance(1) java(1) deus ex(1) cooking(1) metasploit(1) developer notes(1) recipes(1) fitness(1) videogames(1) training(1) containers(1) home

Microsoft Storm-0558 Attack Analysis

September 30, 2023

I meant to post this earlier but got distracted by a few other things. Yay for busy life, right?

Earlier this month Microsoft concluded their investigation of the recent Storm-0558 email compromise/attack and the results are... fascinating. I highly recommend checking out the blog post when you get a chance. It's available here. . . .

Posted in: cybersecurity microsoft

[SC-100] Sensitive Operations Report Workbook

August 16, 2023

Just a friendly reminder that the Microsoft sensitive operations report workbook exists and can be super helpful.

For those unfamiliar, it's an Azure Monitor workbook designed to capture activities/events that could be critical or impactful for Azure AD. Examples include:

Modified application and service . . .

[SC-100] Defender for Cloud - Recommendations vs Alerts vs Vulnerability Assessment

August 13, 2023

Maybe it's just me, but I was starting to get a little confused on the differences in Azure workload security options. There's essentially three elements:

"Security Recommendations"
"Alerts"
"Vulnerability Assessment"

What's the difference though? Just for the heck . . .

[SC-100] CWPP vs CSPM

Gotta love acronyms and abbreviations, right?

August 12, 2023

While studying for the SC-100, there's a few terms that kept coming up:

"Cloud Workload Protection Platform" (CWPP)
"Cloud Security Posture Management" (CSPM)

I can infer some context based on the names but I was curious to know exactly what the difference was between them. Thankfully, . . .

[SC-100] MCSB Compliance Control Overview

August 12, 2023

Just a note and friendly reminder that summaries for the Microsoft Cloud Security Benchmark (MCSB) control domains are available here. The table on this page does a great job of summarizing what each of the domains do.

[SC-100] Compliance is not security

August 10, 2023

I came across this gem in sc-100 prep material:

While compliance provides a consistent required baseline of security best practices and controls, compliance with security standards is insufficient to make an organization "secure". Keeping an organization secure can change dynamically by the week, day, or hour as . . .

Posted in: cybersecurity microsoft sc-100

[SC-100] Microsoft Entra "Verified ID" Feature Explained

August 06, 2023

In case I'm not the only person who as a little unfamiliar with Microsoft's "Verified ID" feature, I came across a great video from Andy Malone that walks through a practical example of how it works.

Here's a high-level diagram as well:

Very interesting and compelling. I think remains to be . . .

← Previous 1 2 Next →