More security controls in the market need a feature like this.
I'm digging the "What If" tool in Azure Conditional Access component. The idea is simple: as you're building policies, you can throw various scenarios at the policy engine to understand what the heck it'll do.
This gives admins the opportunity to observe effects and perhaps test variations of authentication use . . .
Just a friendly reminder that the Microsoft sensitive operations report workbook exists and can be super helpful.
For those unfamiliar, it's an Azure Monitor workbook designed to capture activities/events that could be critical or impactful for Azure AD. Examples include:
- Modified application and service . . .
Exceptions you say? Hmm...
This is just a quick note to remind folks that cloud service providers can (and often do) have exceptions to data residency. As an example, check out Microsoft Azure's platform notes here.
Operational statements like this change from moment to moment but, for the purpose of illustration, here's an example line:
. . .
I've heard this question come up a few times so I thought it would be a good blog topic: what's the difference between "STIX" and "TAXII"?
It's actually pretty straight-forward:
- STIX stands for "Structured Threat Information Expressions" and is a structured data format for . . .
This was another topic that was a little confusing: what's the difference between Azure Blueprints and Azure Landing Zone?
I came across various Microsoft documentation but it was still a little... vague.
Here's a nice table, provided courtesy of Google Bard:
(usual disclaimer about AI-provided . . .
Azure Subscriptions are (to me at least) an interesting concept/term. I've taken several Microsoft exams involving the topic but to date, I haven't necessarily found a succinct way to describe them. This description in SC-100 training documentation is one of the best I've seen:
Everything starts with a subscription, . . .
Maybe it's just me, but I was starting to get a little confused on the differences in Azure workload security options. There's essentially three elements:
- "Security Recommendations"
- "Vulnerability Assessment"
What's the difference though? Just for the heck . . .