More great info on AzureAD security. Read the thread; > My take: Many Azure AD (AAD) environments are repeating same mistakes as they did with Active Directory. Improve AAD Security: 1. Use PIM to control AAD roles (limit permanent members) 2. Only admin accounts in AAD roles 3. Ensure cloud admins use admin systems Thread 1/3 https://t.co/5oTFSpj4I8 — Sean Metcalf (@PyroTek3) December 24, 2020 [https://twitter.com/PyroTek3/status/1341999819615830016?ref_src=twsrc%5Etfw]…
The ESAE architecture is being deprecated. It's not that surprising given recent changes to Microsoft's cloud infrastructure and the huge shift to remote working. Enhanced Security Admin Environment (ESAE) architecture mainstream retirement Retiring the red forest as a legacy security mechanismMicrosoft Docs MicrosoftGuyJFlo [https://docs.microsoft.com/en-us/security/compass/esae-retirement]it's detailed in the link above, but the replacement is to a Privileged Access (PA) strategy. There's a…
Another useful thread for defenders. Powerful auditing/blocking; > Application Control is one of the most common recommendations for making your environment that of an Apex Defender. While getting started can be daunting, these three simple lines of PowerShell are a HUGE start, and will audit every binary not from Windows or Microsoft. pic.twitter.com/ECjCFqjyj6 [https://t.co/ECjCFqjyj6] — Lee Holmes (@Lee_Holmes) December 19, 2020 [https://twitter.com/Lee_Holmes/status/1340301433581654016?re…
> We, along with the security industry and our partners, continue to investigate the extent of the Solorigate attack. Read more for intelligence on the scope, impact, remediation guidance, and product detections and protections we have built in as a result: https://t.co/SjSR0tIYiO pic.twitter.com/Sxu8vpvX9Z [https://t.co/Sxu8vpvX9Z] — Microsoft Security (@msftsecurity) December 19, 2020 [https://twitter.com/msftsecurity/status/1340095784071663617?ref_src=twsrc%5Etfw] Protecting Microsoft 365…
This is a helpful resource if you are just getting started (or want to test yourself against best-practices). A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture - Microsoft SecurityThis blog post will explain simple Microsoft security defaults and Secure Score—two features you should take advantage of that are easy to utilize and can significantly improve security in Azure AD and Office 365 configurations.Microsoft Security [https://www…