5 Years On - The Microsoft Sentinel Experience

Around 5 years ago, Microsoft announced the general availability of Azure Sentinel. This post aims to assess how far we along we have come - the good, the bad and the ugly.

Posted on July 9, 2024

To briefly prepare you for what you are about to read and the context in which it is written; I work for an MSSP and have been working primarily with Microsoft Sentinel and the Microsoft stack since the release of Sentinel. Some of the things I will talk about and... [Read More]
Tags: Cyber Security, Security Monitoring, Microsoft Sentinel, Microsoft Security

Test Yourself: The Prelude

Some tips, tricks and tools to help you get started testing your own infrastructure. This is the start, where I'll just lay out some basic principles of security that we need to keep in mind moving forward.

Posted on June 21, 2024

Cloud infrastructure is by nature complex, and it’s constantly changing (at least the names, looking at you Defender 365 XDR). At least, it seems that way. Truth is, security in itself hasn’t evolved a lot. Basic security, according to the Microsoft Digital Defense Report from 2023 can help us protect... [Read More]
Tags: Cyber Security, Entra ID, Security Monitoring, Entra ID, Azure, Microsoft 365

Authenticate to Azure DevOps using Managed Identity and REST API

How to add a managed identity to Azure DevOps and get access tokens for Azure Devops

Posted on April 17, 2024

This one is very short and sweet - how to authenticate to Azure DevOps using a Managed Identity. This can be done from a virtual machine, Azure Function, or any other Azure service that supports Managed Identities. Usually when we authenticate to Azure DevOps we are stuck using a Personal... [Read More]
Tags: Entra ID, Azure, Managed Identity, Identity and Access Management, Cloud Security, Azure DevOps

Tools You Should Know: ScubaGear

Developed by CISA, ScubaGear is an assessment tool that verifies a Microsoft 365 (M365) tenant’s configuration conforms to the policies described in the Secure Cloud Business Applications (SCuBA) Security Configuration Baseline documents.

Posted on March 9, 2024

Welcome to the first post in the series “Tools You Should Know”. In this series, I’ll go over some of the tools and services that I’ve found useful in the past. The focus will be on Microsoft 365 and Azure, but I might look to expand with other cloud providers... [Read More]
Tags: Cyber Security, Entra ID, Security Monitoring, Entra ID, Azure, Microsoft 365, ScubaGear