Microsoft is auto-rolling out managed Conditional Access policies to eligible Entra ID tenants to enforce MFA and improve security.
A technical guide on managing and monitoring Microsoft Entra Workload Identities, focusing on lifecycle management and security analysis.
Introduction to Microsoft Entra Workload ID, covering its features, premium capabilities, and common deployment scenarios for managing non-human identities.
Explains key differences, security considerations, and best practices for Azure AD multi-tenant versus single-tenant applications for admins and developers.
Explores a multi-tenancy security design pattern: external authentication with local authorization, using IDP tokens and SAGA for signup.
A technical guide on implementing multi-tenancy in Keycloak using a single realm and client, focusing on user attributes and client scopes.
A list of command-line shortcuts (aka.ms URLs) for quickly accessing various Azure AD and Identity management pages in the Microsoft portal.
A PowerShell script to identify and remove stale Azure AD role assignments where the associated identity no longer exists, helping clean up access control lists.
Using KQL queries to analyze Azure AD logs for better tenant management, covering users, service principals, and security.
Exploring Azure AD B2C's 'Seamless Migration' feature for moving user identities to the cloud with minimal friction.
A critical analysis of SAML security, arguing its design is inherently insecure due to malleable signature computation, with examples of real-world vulnerabilities.
A security-focused guide listing eight critical areas to monitor and secure in Azure Active Directory to prevent breaches.
How IntSights' Active Directory Integration helps organizations detect and remediate compromised employee credentials from data breaches.
A technical guide exploring the new 'Temporary Access Pass' feature in Azure AD for passwordless onboarding and MFA recovery.
Microsoft's new SC-900 Security Fundamentals certification covers cloud security, identity, and compliance concepts for IT professionals.
An introduction to Azure Active Directory B2C, explaining its concepts and outlining a detailed tutorial series for developers.
A technical guide on troubleshooting Conditional Access policies for Azure AD applications, focusing on why some apps don't appear in policy menus.
A speaker discusses using Azure Managed Identities to securely access services without managing keys, including a demo app for file sharing.
Explains Azure AD Service Principals, their relationship to application objects, and how to create them for automation and permissions.
Compares using Azure AD groups vs. application roles for authorization, discussing pros, cons, and best practices for developers.
