Welcome back!
This is part 2 in the CA series – if you haven’t checked Part 1 yet, you can find it here; https://prottecio.com/2025/03/02/2025-conditional-access-ca-policy-part-1-get-started/
Today we will build a policy to block risky sign-in, risky user, securing device registration and more!
Continue reading “2025 – Conditional Access (CA) policy part 2”Welcome back!
Today we will look into the world of Conditional Access – I’ll short it to CA from now.
Even though this could be done at a really fine-grained level and with great complexity – fear not; I will provide you some examples on some really great and fairly easy policies you can implement quickly and improve your security posture with low effort.
Let’s go get those low hanging fruits first!
Continue reading “2025 – Conditional Access (CA) policy part 1 – Get started!”Hi and welcome back!
Today we will talk about Privileged Identity Management (PIM) and I will show you the idea of how you can enable this for your admin users in your tenant.
First – what is a Microsoft Entra role and why can’t all your admins just be Global Admins 24/7?!?
Continue reading “2025 – Enable Privileged Identity Management (PIM) in your tenant”Hi and welcome back!
Do you want your employees to be able to log on without passwords in your tenant? And even better, do you want them to get phishing-resistant logon? Let’s go ahead and set it up!
This picture is Microsoft’s, and I’m just borrowing it for reference.
For more information on authentication and verification methods, you can visit Microsoft Learn here; Authentication methods and features – Microsoft Entra ID | Microsoft Learn
Everything is better then just a username and password. If you don’t have MFA setup in your tenant yet, do it.
Continue reading “2025 – Enable Phishing-resistant MFA in your tenant”Wow, 3 months since last post already. I blame it on a crazy busy end of the year at work combined with all the different closing-parties for the kids on school, activities and so-on – and everything that needed sorting out for Christmas. Christmas for me was all about mental wellness and spending some much needed quality time with the wife, the kids and family in general.
2023 is here, and boy has it been busy already. And what better way to start the first blog of the new year on a big Friday 13th crisis – at least if you are using Microsoft ASR(Attack Surface Reduction)-rules.
Continue reading “#ASRmageddon – All your shortcuts are belonging to us….”If you are running Exchange-servers locally, I would recommend you read this. According to several posts since yesterday, there is a new 0-day exploit going on; https://gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html#:~:text=Temporary%20containment%20measures
